hienapple.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hienapple.com/
Effective URL:
https://hienapple.com/
Submission: On August 28 via api (August 28th 2023, 9:36:41 am UTC) from US — Scanned from US

Summary HTTP 74 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 20 domains to perform 74 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is hienapple.com.
TLS certificate: Issued by R3 on June 30th 2023. Valid for: 3 months.

This is the only time hienapple.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
26	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
7	18.164.116.22 18.164.116.22	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1 7	44.230.125.0 44.230.125.0	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.22 18.164.96.22	16509 (AMAZON-02) (AMAZON-02)
1	34.213.103.33 34.213.103.33	16509 (AMAZON-02) (AMAZON-02)
2	63.140.36.121 63.140.36.121	16509 (AMAZON-02) (AMAZON-02)
1 1	75.101.158.101 75.101.158.101	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	142.251.40.194 142.251.40.194	15169 (GOOGLE) (GOOGLE)
2 10	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	34.200.65.202 34.200.65.202	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.208.248.194 3.208.248.194	14618 (AMAZON-AES) (AMAZON-AES)
1	54.88.241.171 54.88.241.171	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:821::2008	15169 (GOOGLE) (GOOGLE)
1 2	142.250.80.102 142.250.80.102	15169 (GOOGLE) (GOOGLE)
2	2600:141b:13:... 2600:141b:13:792::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
3	173.223.56.237 173.223.56.237	() ()
1	2607:f8b0:400... 2607:f8b0:4006:80b::2002	() ()
2 2	68.67.179.155 68.67.179.155	() ()
2 2	69.173.151.100 69.173.151.100	() ()
3	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	() ()
74	18

2 34.69.219.172 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

hienapple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.164.116.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-22.jfk50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 44.230.125.0 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-125-0.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-22.jfk50.r.cloudfront.net

deel-id-persistence.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.213.103.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-103-33.us-west-2.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-121.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.101.158.101 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-158-101.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.40.194 (Newark, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.200.65.202 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.248.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-248-194.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.88.241.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-241-171.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.102 (Old Bridge, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13:792::1931 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.223.56.237 (None, )

ASN- ()

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::2002 (None, )

ASN- ()

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.155 (None, ) 2 redirects

ASN- ()

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.151.100 (None, ) 2 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 276056 peachy.prod.mirus.io — Cisco Umbrella Rank: 315705	441 KB
13	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 360 js.adsrvr.org — Cisco Umbrella Rank: 1509 insight.adsrvr.org — Cisco Umbrella Rank: 590	12 KB
8	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 228 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 8056	10 KB
7	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 3450	74 KB
6	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 242 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 86143	3 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	209 KB
3	facebook.com www.facebook.com	257 B
3	pinterest.com ct.pinterest.com	2 KB
3	yahoo.com 3 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1358 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	2 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 839	20 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1571 beacon.krxd.net — Cisco Umbrella Rank: 648	529 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 394	833 B
2	statefarm.com smetrics.statefarm.com — Cisco Umbrella Rank: 29378	2 KB
2	hienapple.com 1 redirects hienapple.com	173 KB
1	google.com adservice.google.com	401 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	90 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1143	517 B
1	c1.statefarm deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 328126	3 KB
74	20

	Domain	Requested by
26	ephemera.mirus.io	hienapple.com
8	match.adsrvr.org	2 redirects js.adsrvr.org
7	dpm.demdex.net	1 redirects hienapple.com
7	nexus.ensighten.com	hienapple.com nexus.ensighten.com
5	connect.facebook.net	hienapple.com connect.facebook.net
4	cm.g.doubleclick.net	4 redirects
3	www.facebook.com
3	ct.pinterest.com	s.pinimg.com
3	js.adsrvr.org	www.googletagmanager.com insight.adsrvr.org
2	pixel.rubiconproject.com	2 redirects
2	ib.adnxs.com	2 redirects
2	insight.adsrvr.org	js.adsrvr.org
2	s.pinimg.com	hienapple.com s.pinimg.com
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	ups.analytics.yahoo.com	2 redirects
2	peachy.prod.mirus.io	hienapple.com
2	idsync.rlcdn.com	2 redirects
2	smetrics.statefarm.com	nexus.ensighten.com hienapple.com
2	hienapple.com	1 redirects
1	adservice.google.com	11264551.fls.doubleclick.net
1	www.googletagmanager.com	nexus.ensighten.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	deel-id-persistence.deel.c1.statefarm	nexus.ensighten.com
74	27

This site contains no links.

Subject Issuer	Validity	Valid
hienapple.com R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
ephemera.mirus.io R3	`2023-07-27` - `2023-10-25`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-06` - `2023-09-04`	3 months	crt.sh
deel-id-persistence.deel.c1.statefarm Amazon RSA 2048 M02	`2023-08-01` - `2024-08-29`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2023-01-20` - `2024-02-19`	a year	crt.sh
peachy.prod.mirus.io R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://hienapple.com/
Frame ID: 909154038930231B5D8B4E2CDD43DECA
Requests: 52 HTTP requests in this frame

Frame: https://deel-id-persistence.deel.c1.statefarm/
Frame ID: 6087026D60066B9EC981B0DA6B2C4598
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 9253135164F06489E179AE5492EE3DD9
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F
Frame ID: E3FFE805340463DA58FF4B56CE1F9E7A
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fhienapple.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 164BBD6C0873D56646AE315163D84A15
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fhienapple.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: 26EABF365B61F50EA8D3A78560827A9F
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1390817801571001183&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
Frame ID: ADD324FDDB033D126EC6052C94725BAD
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
Frame ID: 2860A6EB23F14E1516F279A0B5B626EF
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: C67718DE65320F7D72B0064F53526D8A
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-EhM4D2FE2uIXScRUreDzzpzCXXFR4PQ-~A&gdpr=0
Frame ID: FF8A3FEA6364C31B37BC3520035906F9
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: B1BC0E80DE6815678662D37850729538
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
Frame ID: 7DEE5DFE08B3CC9F1B101408D41A62B5
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F4B75349CCBE6E51D08810A11897CBBA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E99C693214ED7A229F1DBDA530346C60
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hienapple.com/ HTTP 301
https://hienapple.com/ Page URL

Page Statistics

74
Requests

91 %
HTTPS

24 %
IPv6

20
Domains

27
Subdomains

18
IPs

1
Countries

1035 kB
Transfer

2770 kB
Size

Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hienapple.com/ HTTP 301
https://hienapple.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603

Request Chain 34

https://cm.everesttech.net/cm/dd?d_uuid=54995643769064175170024944378784575770 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOxqhAAAAE9ubwNw

Request Chain 39

https://idsync.rlcdn.com/365868.gif?partner_uid=54995643769064175170024944378784575770 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzAQABoNCIXVsacGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ed2f791bccb78d9cefa0a53477fbfe56790650fed929285ded6c17b639a983b2b0da87c991749652

Request Chain 42

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFVcAVrcS_c9I6N8dmYlGbY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 45

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=hienapple.com&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=hienapple.com&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a6949f9a-55a5-4e18-b0f0-605dc03378b1

Request Chain 46

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=54995643769064175170024944378784575770&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=54995643769064175170024944378784575770&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TMQyfVhE2pFNQyyOHy9nymd9A8tkOavL52c-~A

Request Chain 47

https://usermatch.krxd.net/um/v2?partner=adobe&id=54995643769064175170024944378784575770 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54995643769064175170024944378784575770

Request Chain 49

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F

Request Chain 62

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Da6949f9a-55a5-4e18-b0f0-605dc03378b1 HTTP 302
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1390817801571001183&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY5NDlmOWEtNTVhNS00ZTE4LWIwZjAtNjA1ZGMwMzM3OGIx&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1

Request Chain 64

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a6949f9a-55a5-4e18-b0f0-605dc03378b1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 65

https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-EhM4D2FE2uIXScRUreDzzpzCXXFR4PQ-~A&gdpr=0

Request Chain 66

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a6949f9a-55a5-4e18-b0f0-605dc03378b1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY5NDlmOWEtNTVhNS00ZTE4LWIwZjAtNjA1ZGMwMzM3OGIx&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1

74 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
hienapple.com/
Redirect Chain

http://hienapple.com/
https://hienapple.com/

673 KB
173 KB

175ms
89ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8a683d050ac6efc339f14c05f5c5d3cf0dfb26542eed2f971f462e633f8c4646

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Mon, 28 Aug 2023 09:36:01 GMT
etag: "b03a8c10a183b39843dc0aa7f086949b"
expires: Mon, 28 Aug 2023 09:36:31 GMT
last-modified: Sat, 26 Aug 2023 16:47:29 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:hienapple.com/
x-cheesecrd-path: /
x-goog-generation: 1693068449623499
x-goog-hash: crc32c=QBCLSw== md5=sDqMEKGDs5hD3Aqn8IaUmw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 176275
x-guploader-uploadid: ADPycdv3do_tmCda8aPsr6EYsDUXjpUFPY2FjPV0viPnqdmZ4PgAI2LeHuvLCQppr6VTl1n_Ep2pmOmakZfYXyW-mbWCLIVm2xKC

Redirect headers

content-length: 0
location: https://hienapple.com/

GET
H2 200 resize
ephemera.mirus.io/img/ 30 KB
30 KB 173ms
58ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

036960a47f7d4899489dc15f9c5bca2e88ae7a23a24f66c1ce4b629da8469830

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg
x-cache-status: HIT
x-region: ord
content-length: 30376
fly-request-id: 01H8XR034Y8CYM11GPV5PH2H78-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Tue, 29 Aug 2023 04:52:40 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 76 KB
24 KB 213ms
62ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: e820ef5c0892b675133635e235721931232ce84f7f61cbb08585fbb1350eaaeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 20:15:36 GMT
x-amz-version-id: VV3MNL7a0EROIVFyce9U7UzBvolAbXWq
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 307227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 24 Aug 2023 20:15:13 GMT
server: CloudFront
etag: W/"1b8df7cc4be43dfe31c6a9f02809c4de"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: VbZofa5qWNamRQ3_fP-UeHBEGr2qSCNDBsMQFUVgOmwr8r3cAzeQBQ==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 174ms
60ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

82722a5d0c4d4783a858093caa93f25f26705eb851358cbd4f191ca2b576189f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 09:36:02 GMT
content-md5: rRssIs2xF1zIupfPIwwRag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
x-fb-debug: PcyK/V4SjUCZXRKsDy01Pjlcr6fh1kddHD5lZvGYjnGhZqCEwb14RjR8U7N1/8ENl8CwbiSn+1q1SV52znyhug==
x-fb-content-md5: b89801420c89267b157dac368aa89e47
cross-origin-opener-policy: same-origin-allow-popups
etag: "d742382348bfb68884d83b41b8255d04"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Mon, 28 Aug 2023 09:46:56 GMT

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 31 KB
32 KB 237ms
133ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-SemiBold.woff2
via: 2 fly.io
x-cache-status: HIT
x-guploader-uploadid: ADPycdtqrSBhGOeYN-EIibeu814TkguOusxDCAsLFhed0MCVdtDgVcnwE-s7Uo2xMSJnGI8tU1FKA5gFCiMMsGAe0HChIqQ_7rGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32208
last-modified: Tue, 25 Jul 2023 19:26:11 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR0354RZC75B0VW7TPF6T7-yyz
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-generation: 1690313171379561
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32208
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:04:30 GMT

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 31 KB
32 KB 165ms
61ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Medium.woff2
via: 2 fly.io
x-cache-status: HIT
x-guploader-uploadid: ADPycdtWVCqlc5U_Dr6ygCn9w5dFSAy4a6bCFsu4_5u1K61WEM34r50l6yIXx30WOCGW6iJrKyMcwQE1xc8r8UEnhrazAw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32200
last-modified: Tue, 25 Jul 2023 19:26:11 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR0355N9TYAP6Z4H2CW3ZJ-yyz
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-generation: 1690313171253662
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32200
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 31 KB
32 KB 171ms
83ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Regular.woff2
via: 2 fly.io
x-cache-status: HIT
x-guploader-uploadid: ADPycdv1FayGD8wWazSdLq8O9Zx2oLeESs2XPbhTOxFjgagngdglwvdbIvQebj1aEviISAVOCZJ9pa0_loNaWiza0lSy0n0UcK99
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31948
last-modified: Tue, 25 Jul 2023 19:26:11 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03550AVPPQX8SX2A04V6-yyz
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-generation: 1690313171312335
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31948
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 11 KB
11 KB 132ms
59ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

d839d78e8fae662cc0848c4443c305348fb3112d7b21eab9bd22c5de157fce15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg
x-cache-status: STALE
x-region: ord
content-length: 11282
fly-request-id: 01H8XR0354SZAX1HNKKT3KQWXE-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 17811372b31e08
expires: Wed, 23 Aug 2023 16:27:21 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 958 B
1 KB 322ms
252ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2F4%2F4X3FF63BVAL%2FformalColorFull.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

5bb7757a0613c2f48d5d53de09f1fd686237ab8df84284eee06e94bd033c76d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2F4%2F4X3FF63BVAL%2FformalColorFull.jpg
x-cache-status: MISS
x-region: ord
content-length: 958
fly-request-id: 01H8XR03542FWN3GV2AJNA3K1S-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 17811372b31e08
expires: Mon, 04 Sep 2023 09:36:02 GMT

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 31 KB
31 KB 186ms
134ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleSans-Bold.woff2
via: 2 fly.io
x-cache-status: HIT
x-guploader-uploadid: ADPycdu32-yX6R0mEHnGqFlYS1EiIk6f-j8k1ktKbwanrB7-bn3BEBhNVr7VLyAB8fbDkjNMD0JEHjmOyjXh41-TndZgdUxXGhAn
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31812
last-modified: Tue, 25 Jul 2023 19:26:11 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR0355PWQ35DV5JX2K8VVC-yyz
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-generation: 1690313171044909
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 31812
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 1 KB
2 KB 65ms
64ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fhi%2Fhienapple.com%2Fhienapple.com-sidebar-md-ba655ecafde1a40c5ebe7f6fd5f97f69.png

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

f11791574d65786d46136f1b6f91604b8f1df9b746a1f029d931b9b6c88079b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fhi%2Fhienapple.com%2Fhienapple.com-sidebar-md-ba655ecafde1a40c5ebe7f6fd5f97f69.png
x-cache-status: HIT
x-region: ord
content-length: 1362
fly-request-id: 01H8XR03GT7DN8BZJDZK7PJWQX-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Tue, 29 Aug 2023 04:52:40 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
86 KB 60ms
58ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b46d0b15e975354e895967048e5b69cb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b523572388fa4099755561809c20fe4bd03135c8dabc5948fdccf7a6058b7d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 09:36:02 GMT
content-md5: QsUkbp1WjUGix8ZQATlKJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87352
x-fb-debug: prP0mT0BgYAXbaMkR7ZyvZwdEHfXyvHO9/1a1uboKzYW+m+b7W35Ax0hMJiRHJ3jd22GbpzrAPkkmRXMI+KWoA==
x-fb-content-md5: c6f3ccde028f53afed3279125f85da51
cross-origin-opener-policy: same-origin-allow-popups
etag: "6059fee27db5f79dc278258a74be251a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 27 Aug 2024 08:19:37 GMT

GET
H/1.1

200
OK

rd
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603

1 KB
1 KB

99ms
97ms

XHR
application/json

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-03b41ccd5.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4KWsrDNwQMs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://hienapple.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 641
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-1-v046-02ce4984f.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +5K8ICjvRG0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://hienapple.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1693215362603
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 496 B
805 B 66ms
58ms Script
text/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Aug%2024%2020:15:10%20GMT%202023&ClientID=603&PageID=https%3A%2F%2Fhienapple.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9f459a787cbc6bd2dcfe2c11717529c045d1bc047bbfb50eebd57fcd3c559ccf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 496
x-amz-cf-id: smG4ygNd8Iceui3MFbR5MnObRJrWMX2-Z8qznWNwOVdXC3H1CFTRMQ==
expires: Mon, 28 Aug 2023 09:36:01 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 12 KB
12 KB 61ms
54ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F609-farm-vehicles-wide.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

05bbdddeb7ffcd6c30dbccc889252ed44e81cc0f4ba52aca567dc541e6317e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F609-farm-vehicles-wide.jpg
x-cache-status: HIT
x-region: ord
content-length: 12226
fly-request-id: 01H8XR03M2F934YXHCPT4K1J83-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Sat, 02 Sep 2023 07:28:44 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 3 KB
3 KB 88ms
81ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F251-choosing-good-first-car-wide.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

330eca0a88ed117c740b000da026490d5c93cc9d4cd86aa213462ee185238cdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F251-choosing-good-first-car-wide.jpg
x-cache-status: HIT
x-region: ord
content-length: 2646
fly-request-id: 01H8XR03M34PKTR0WNSTD122R9-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Sat, 02 Sep 2023 16:07:40 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 2 KB
3 KB 57ms
50ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

55752cb84aca7457073f43f97cf284aa01f25081e75b045a4b643678b80f9656

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fways-to-collect-rent-from-tenants.jpg
x-cache-status: HIT
x-region: ord
content-length: 2332
fly-request-id: 01H8XR03M3M1F88WYZRD5BK82X-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 17811372b31e08
expires: Sat, 02 Sep 2023 14:19:47 GMT

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 3 KB
2 KB 55ms
52ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpineFileInput.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpineFileInput.js
x-cache-status: HIT
x-guploader-uploadid: ADPycduFjEL4VYriMlnPwq8E4snumaKz3Qms2WMSIz4A1S0YPeNMhiRrUCHXa_iR6tYwuIRgAyGpIy0L22FdeZQKLiimjmRZIf9H
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1413
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03M4YBJH802XDZ4BKNF1-yyz
etag: "e44e870405bb74d4741978373876eff2"
vary: Accept-Encoding
x-goog-generation: 1690313172592888
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ZGxCsg==, md5=5E6HBAW7dNR0GXg3OHbv8g==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1413
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 57 KB
20 KB 74ms
65ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpine.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpine.js
x-cache-status: HIT
x-guploader-uploadid: ADPycdufATH48fDXtq64L4RMSrVbHAo2AULKgdju4q0-HqHv-BZrAzm0eGO8jopd0LUY-DrMTylt7HDixVuGb4A1Duhyf2EwMgWR
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20482
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MV6Z7APFF7EG1XF66H-yyz
etag: "68d73e7579e8b2c31844444b7c13d8fe"
vary: Accept-Encoding
x-goog-generation: 1690313172574548
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=BxpYzg==, md5=aNc+dXnossMYRERLfBPY/g==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 20482
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 8 KB
4 KB 264ms
256ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/lazysizes.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/lazysizes.js
x-cache-status: HIT
x-guploader-uploadid: ADPycds9iOlk0dBFdsoFomcpfEvfPOxyempu5BIbICk-Ocy9SbSlrkLAZBzrED3xZMoR0ssI0Yndrpug92s0uWopjQZwxA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3710
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MXMH1BZYN1GJY97G8F-yyz
etag: "66e2c475889355007106289d66656548"
vary: Accept-Encoding
x-goog-generation: 1690313172659137
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=T/5Iog==, md5=ZuLEdYiTVQBxBiidZmVlSA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 3710
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:04:45 GMT

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 491 B
634 B 265ms
257ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/scrollToElement.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/scrollToElement.js
age: 51
x-cache-status: HIT
x-guploader-uploadid: ADPycduOFCqlFjooIw0NQ7SVENh4tr7XKOTecbYFNKgxUTFwybpdJsM7yj3spIpHmvsk-pACQEzYFjjeTBJiRYoW1BA3ifN0fQt-
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 280
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MXQ2X02D9A69J3WTTA-yyz
etag: "219378f36b7efe06b086a2094e31ab7d"
vary: Accept-Encoding
x-goog-generation: 1690313172610643
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=n5QSZg==, md5=IZN482t+/gawhqIJTjGrfQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 280
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 3 KB
2 KB 265ms
257ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/utils.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/utils.js
x-cache-status: HIT
x-guploader-uploadid: ADPycdtI6oT7U_l0lSXdooR69y76LQ1DWVjBnSwMeXtd6Hridbg5O6olTOCiJ75yTB5n_yCEO27tf933JKMNhA9N7oN8qg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MYMEYKBH8Y2DTRCCTZ-yyz
etag: "36f4471b4160e6d89ee77ba9c0213adc"
vary: Accept-Encoding
x-goog-generation: 1690313172609826
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=924yCQ==, md5=NvRHG0Fg5tie53upwCE63A==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 1395
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:04:12 GMT

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 122 B
501 B 263ms
255ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/svgIcon.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/svgIcon.js
x-cache-status: HIT
x-guploader-uploadid: ADPycdvBKheGyVMVZjKafHtMpTNEthsPzkYL1xJT-AGD7SNUI5s5sIpilGRB195AEVVIoWD6oq3CX7-T7_v7YrETC0KL0R75gRdV
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MYW9W60KFFKHTP4HV8-yyz
etag: "57bac84f80e6a823cd39957f03af5a68"
vary: Accept-Encoding
x-goog-generation: 1690313172599353
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=u5pJlA==, md5=V7rIT4DmqCPNOZV/A69aaA==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 135
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:04:45 GMT

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/ 111 KB
39 KB 74ms
67ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpineContactForm.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: af5760389b50f3fc6abb53180e3d83603df33ce34b56590789d225946f4fdf22

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:02 GMT
content-encoding: gzip
via: 2 fly.io
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/js/alpineContactForm.js
age: 17
x-cache-status: HIT
x-guploader-uploadid: ADPycdtRNp1S-zFdXyq2QaXzOzF2awT1GowUvv4Gm53myrldASX6wuaABaWUJ3DfN_dUvENM2lCXPYpldNOI1Lwnu37NVzhJycDm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39585
last-modified: Tue, 25 Jul 2023 19:26:12 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03MVME8R2HQH0WEK2XKY-yyz
etag: "01abd5967ac8e0ae8e100f67a5a98025"
vary: Accept-Encoding
x-goog-generation: 1690313172576660
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=NtJ00w==, md5=AavVlnrI4K6OEA9npamAJQ==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 39585
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:54 GMT

GET
H2 200 c2c10769d47c2d113513155963f78e82.js
nexus.ensighten.com/statefarm/mirus/code/ 164 KB
46 KB 301ms
53ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/c2c10769d47c2d113513155963f78e82.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 20:15:30 GMT
x-amz-version-id: FwGCsiOL82dOOTWwaWgJH23I7I6skaQ5
content-encoding: br
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 307234
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 24 Aug 2023 20:15:13 GMT
server: CloudFront
etag: W/"bcdbd7344163cd2027a8fc2d8505031e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: qiEFsGRWpDTmOQG7HkFRneXz1w4v3rVczsi7jF5Fcr5AJBWVKzKpJQ==

GET
H2 200 69d5dc5966916f224081bc390cacec5b.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 331ms
85ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/69d5dc5966916f224081bc390cacec5b.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 50f413502236be37797a1c4d60f65f9aac355677c5c3cbe6b0513212ecc180d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:17:34 GMT
x-amz-version-id: rji.gkxPzZBx1FwKd6KUPoRx4i18jQ2B
content-encoding: gzip
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 2989110
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 27 Mar 2023 16:44:17 GMT
server: CloudFront
etag: W/"d72461a9c5567c3ebe44572a6ba09aed"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: _kAwKNvZotTnaHhN4ukbyv5U6om8T1-9tnJigBwiLUsgbbWvbnkbog==

GET
H2 200 9cfdc6df7821180d41d89355b6cdae29.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 332ms
86ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/9cfdc6df7821180d41d89355b6cdae29.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 8fc77b9318feeba56c0e0247073788cdc79bd410708402cc49b84c35a26d69b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 19:15:09 GMT
x-amz-version-id: Wv8Fa9.DA8Jn1.wroA3tDNzoB0mo8eVE
content-encoding: gzip
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 2989255
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 27 Mar 2023 16:44:17 GMT
server: CloudFront
etag: W/"eebdf7e1a3b89153bfc78b2216f476b6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: lkm10WicPbqGF6pCI6q7ZdUOoPhGVY555irrGTMTGR8HCVnvnP_9Kw==

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 32 KB
33 KB 274ms
46ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleLegal-Medium.woff2
via: 2 fly.io
x-cache-status: HIT
x-guploader-uploadid: ADPycduLe_J-ob4xUOG9VG4CFGI6dPXOBAj4v9bTgvb6yT_GeNagIHcuE58jmwqmL99xPYOkyHY3rXh70LENX9mDrs2Hb1m33mP5
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32960
last-modified: Tue, 25 Jul 2023 19:26:10 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03ZFHRDSAZVF1SE20YAN-yyz
etag: "5c321170479a815ab790c771bcc8f1d3"
x-goog-generation: 1690313170766631
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32960
x-instance: 17811372b31e08
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:04:12 GMT

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/ 32 KB
32 KB 289ms
61ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/0bc70000 (2023-08-16) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer: https://hienapple.com/
Origin: https://hienapple.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
x-cachekey: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/da39a3ee5e6b4b0d3255bfef95601890afd80709/fonts/sf/MecherleLegal-Regular.woff2
via: 2 fly.io
age: 17
x-cache-status: HIT
x-guploader-uploadid: ADPycdva-aL4FosMktyzZSIZcA4SzwxFqgBUve05M1VnHxGXLm3pAUltWwoYee9vFifRkVydjutANGwcC1ZimD_DUyNX1CezB8Rv
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-region: ord
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32844
last-modified: Tue, 25 Jul 2023 19:26:10 GMT
server: Fly/0bc70000 (2023-08-16)
fly-request-id: 01H8XR03ZF6BN1DHWHHZS62XVN-yyz
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-generation: 1690313170858764
content-type: font/woff2
access-control-allow-origin: *
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
cache-control: public,max-age=31536000,immutable
x-goog-stored-content-length: 32844
x-instance: 3d8d9511a54638
accept-ranges: bytes
expires: Fri, 26 Jul 2024 07:03:55 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 58 KB
59 KB 76ms
46ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg
x-cache-status: HIT
x-region: ord
content-length: 59900
fly-request-id: 01H8XR04EWJYKCEA5VCFW49QCK-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 17811372b31e08
expires: Fri, 25 Aug 2023 19:02:46 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
6 KB 158ms
130ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2F4%2F4X3FF63BVAL%2FformalColorFull.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2F4%2F4X3FF63BVAL%2FformalColorFull.jpg
x-cache-status: MISS
x-region: ord
content-length: 5910
fly-request-id: 01H8XR04EXQBW8VT9B7XSH00CT-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Mon, 04 Sep 2023 09:36:03 GMT

GET
H2 200 /
deel-id-persistence.deel.c1.statefarm/ Frame 6087 3 KB
3 KB 299ms
127ms Document
text/html 18.164.96.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deel-id-persistence.deel.c1.statefarm/
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/c2c10769d47c2d113513155963f78e82.js?conditionId0=423109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-22.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 2640
content-type: text/html
date: Mon, 28 Aug 2023 09:36:04 GMT
etag: "b926bba51cb60a55a66ed7fd49c035c8"
last-modified: Fri, 04 Aug 2023 16:58:48 GMT
server: AmazonS3
via: 1.1 a1546fc751225809c39b89ba9e8d715c.cloudfront.net (CloudFront)
x-amz-cf-id: fS1tDNnEcZTWSu0NGeD7-yB8pgBFiRGLd52EvnVLM8JWmBLFLijkzQ==
x-amz-cf-pop: JFK50-P5
x-amz-server-side-encryption: AES256
x-amz-version-id: null
x-cache: RefreshHit from cloudfront

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
249 B 59ms
58ms Image
text/plain 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2Fc2c10769d47c2d113513155963f78e82.js%3FconditionId0%3D423109%3A263%3A433)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3923589&did=486748&errorName=
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 07:13:17 GMT
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
age: 8566
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: 1ZyCRDgUOfI04rCudhrpa-X4ZtAWL3Yp_YFVCgXfKg1xhYrwidIiUA==

GET
H/1.1 200
OK dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 9253 7 KB
3 KB 524ms
94ms Document
text/html 34.213.103.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.213.103.33 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-213-103-33.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v046-04e135ed3.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0p1jS8/bQaE=
content-encoding: gzip
date: Mon, 28 Aug 2023 09:36:04 GMT
last-modified: Wed, 28 Jun 2023 13:00:12 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id
smetrics.statefarm.com/ 48 B
463 B 422ms
99ms XHR
application/x-javascript 63.140.36.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=51563020381802697450829826766194686662&ts=1693215363815

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-121.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hienapple.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 28 Aug 2023 09:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://hienapple.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZOxqhAAAAE9ubwNw
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=54995643769064175170024944378784575770
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOxqhAAAAE9ubwNw

42 B
942 B

120ms
111ms

Image
image/gif

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOxqhAAAAE9ubwNw

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-0b8761113.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Fvy49lNzQys=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZOxqhAAAAE9ubwNw
Date: Mon, 28 Aug 2023 09:36:04 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 resize
ephemera.mirus.io/img/ 5 KB
6 KB 72ms
67ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fhi%2Fhienapple.com%2Fhienapple.com-sidebar-md-ba655ecafde1a40c5ebe7f6fd5f97f69.png

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fhi%2Fhienapple.com%2Fhienapple.com-sidebar-md-ba655ecafde1a40c5ebe7f6fd5f97f69.png
x-cache-status: STALE
x-region: ord
content-length: 5398
fly-request-id: 01H8XR04S6JV4RBTE63EYGRDCJ-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Sun, 20 Aug 2023 22:13:52 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 25 KB
25 KB 61ms
57ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F609-farm-vehicles-wide.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F609-farm-vehicles-wide.jpg
x-cache-status: HIT
x-region: ord
content-length: 25306
fly-request-id: 01H8XR04S679CEANXRQR8S0T0B-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Sat, 02 Sep 2023 07:28:46 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 13 KB
13 KB 69ms
65ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F251-choosing-good-first-car-wide.jpg

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:03 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2F251-choosing-good-first-car-wide.jpg
x-cache-status: HIT
x-region: ord
content-length: 12924
fly-request-id: 01H8XR04S7YG0W5FCPY3ZCKVGF-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 100
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 3d8d9511a54638
expires: Mon, 04 Sep 2023 06:10:19 GMT

GET
H2 200 s93055321849706
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 206ms
120ms Script
application/x-javascript 63.140.36.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s93055321849706?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=27%2F7%2F2023%2023%3A36%3A4%200%20600&d.&nsid=0&jsonv=1&.d&D=..&mid=51563020381802697450829826766194686662&aamlh=9&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval&g=https%3A%2F%2Fhienapple.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=hienapple.com&events=event31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Ahome%3Astate-farm-insurance-agent-hien-apple&c4=sf%3Aagent-micro-m%3A4x3ff63bval&v6=hienapple.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fhienapple.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=monday%7C4%3A30am&v50=8%2F28%2F2023&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F116.0.5845.110%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-121.data.adobedc.net

Software

jag /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-aam-tid: GBbnAJ+JQhI=
date: Mon, 28 Aug 2023 09:36:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 1099
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-2-v046-0accbbbf3.edge-usw2.demdex.com 4 ms
pragma: no-cache
last-modified: Tue, 29 Aug 2023 09:36:04 GMT
server: jag
etag: 3636152307796738048-4617908595647189133
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sun, 27 Aug 2023 09:36:04 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=ed2f791bccb78d9cefa0a53477fbfe56790650fed929285ded6c17b639a983b2b0da87c991749652
dpm.demdex.net/ Frame 9253
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=54995643769064175170024944378784575770
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzAQABoNCIXVsacGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ed2f791bccb78d9cefa0a53477fbfe56790650fed929285ded6c17b639a983b2b0da87c991749652

42 B
942 B

427ms
93ms

Image
image/gif

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=ed2f791bccb78d9cefa0a53477fbfe56790650fed929285ded6c17b639a983b2b0da87c991749652

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-0b8761113.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VNYlwPRWQlw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Mon, 28 Aug 2023 09:36:05 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=ed2f791bccb78d9cefa0a53477fbfe56790650fed929285ded6c17b639a983b2b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
249 B 126ms
30ms Image
text/plain 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27querySelectorAll%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2Fc2c10769d47c2d113513155963f78e82.js%3FconditionId0%3D423109%3A305%3A472)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=3932601&did=710940&errorName=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 07:13:17 GMT
via: 1.1 97e44a27a616410da5792d77e9d25f52.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: JFK50-P6
age: 8567
x-cache: Hit from cloudfront
cache-control: no-cache, no-store
x-amz-cf-id: QVi7j78np8dYKmIG-7Q8bhaJfF994tBO469rHvk_tl7kT9U6FaGRXA==

POST
H2 200 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 80 B
323 B 130ms
0ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://hienapple.com/
keen-sdk: javascript-5.0.1
accept-language: en-US,en;q=0.9
Authorization: WK
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 28 Aug 2023 09:36:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hienapple.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
content-length: 80

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEFVcAVrcS_c9I6N8dmYlGbY&google_cver=1
dpm.demdex.net/ Frame 9253
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTQ5OTU2NDM3NjkwNjQxNzUxNzAwMjQ5NDQzNzg3ODQ1NzU3NzA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFVcAVrcS_c9I6N8dmYlGbY&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

190ms
94ms

Image
image/gif

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFVcAVrcS_c9I6N8dmYlGbY&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v046-01194f935.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2NcJ7ig4QKE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 09:36:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFVcAVrcS_c9I6N8dmYlGbY&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 445ms
0ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://hienapple.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://hienapple.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 28 Aug 2023 09:36:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 10 KB
10 KB 281ms
10ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/0bc70000 (2023-08-16) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:05 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 2 fly.io
x-cachekey: https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fways-to-collect-rent-from-tenants.jpg
x-cache-status: HIT
x-region: ord
content-length: 10112
fly-request-id: 01H8XR06323QKX66KEBKFJ0Q64-yyz
server: Fly/0bc70000 (2023-08-16)
vary: Accept
x-ratelimit-remaining: 99
content-type: image/webp
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset: 1
x-ratelimit-limit: 101
x-instance: 17811372b31e08
expires: Fri, 25 Aug 2023 10:02:36 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
dpm.demdex.net/ Frame 9253
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=hienapple.com&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=hienapple.com&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=a6949f9a-55a5-4e18-b0f0-605dc03378b1

42 B
942 B

206ms
108ms

Image
image/gif

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=a6949f9a-55a5-4e18-b0f0-605dc03378b1

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v046-0c44d542e.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: HBKa96NVSB0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 09:36:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 9253
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=54995643769064175170024944378784575770&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=54995643769064175170024944378784575770&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TMQyfVhE2pFNQyyOHy9nymd9A8tkOavL52c-~A

42 B
942 B

118ms
95ms

Image
image/gif

44.230.125.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TMQyfVhE2pFNQyyOHy9nymd9A8tkOavL52c-~A

Protocol

HTTP/1.1

Server

44.230.125.0 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-125-0.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v046-0d4ab9177.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8qLXHYFUQEc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-TMQyfVhE2pFNQyyOHy9nymd9A8tkOavL52c-~A
date: Mon, 28 Aug 2023 09:36:06 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9253
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=54995643769064175170024944378784575770
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54995643769064175170024944378784575770

0
338 B

291ms
42ms

Image
text/plain

54.88.241.171
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54995643769064175170024944378784575770
Protocol: H2
Server: 54.88.241.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-241-171.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: beacon-n016-ash-prod.krxd.net
date: Mon, 28 Aug 2023 09:36:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1693215366
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=54995643769064175170024944378784575770
date: Mon, 28 Aug 2023 09:36:06 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a021-ash-prod.krxd.net

GET
H2 200 gtm.js
www.googletagmanager.com/ 437 KB
90 KB 218ms
48ms Script
application/javascript 2607:f8b0:4006:821::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91344
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 09:36:06 GMT

GET
H2

200

activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafv...
11264551.fls.doubleclick.net/ Frame E3FF
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;u...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x...

489 B
397 B

135ms
111ms

Document
text/html

142.250.80.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.102 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s36-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 287
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:36:08 GMT
expires: Mon, 28 Aug 2023 09:36:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:36:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 fbevents.js
connect.facebook.net/en_US/ 193 KB
51 KB 123ms
56ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: hienapple.com
URL: https://hienapple.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 09:36:07 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: UzaLOcnhGye3Gx8LqhLJTEw1onoOOHY0oTC1HtLU5geLdzqpSgjuAQNOhKEjdJvyzqlwSz6O3rMN8fesaAnC4A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 core.js
s.pinimg.com/ct/ 3 KB
2 KB 1168ms
76ms Script
application/javascript 2600:141b:13:792::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: hienapple.com
URL: https://hienapple.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:792::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "6e7ebcfa37884d78352253e11cfcd656"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1474

GET
H/1.1 200
OK up_loader.1.1.0.js
js.adsrvr.org/ 5 KB
3 KB 1074ms
55ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:10:51 GMT
Content-Encoding: gzip
Via: 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 48318
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: 7GxGu79iGmRAkkro1BDBVK_hVdWCt7gGbIXQesoIb_uqVBhZX3pjJA==

GET
H3 200 1673276772914128
connect.facebook.net/signals/config/ 144 KB
35 KB 2541ms
2522ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.125&r=stable&domain=hienapple.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 09:36:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Xt7921NzzYP0IsNlpVDYD+miEp4aVVp0MKIhsBNsJOGCagX4GqkNDSYlsCT9G8002WKw0lCL6ipS53FNFg4rrQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up
insight.adsrvr.org/track/ Frame 164B 927 B
1 KB 164ms
95ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fhienapple.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 09:36:08 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up
insight.adsrvr.org/track/ Frame 26EA 953 B
1 KB 134ms
70ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fhienapple.com%2F&upid=9nilek2&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 09:36:08 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 main.85b84545.js
s.pinimg.com/ct/lib/ 63 KB
18 KB 108ms
92ms Script
application/javascript 2600:141b:13:792::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.85b84545.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:792::1931 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: br
x-cdn: akamai
etag: "5ac911c7d00351e2c4d834e7141ed9df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 18158

GET
H/1.1 200
OK universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 26EA 488 B
1003 B 153ms
49ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fhienapple.com%2F&upid=9nilek2&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 17:18:50 GMT
Via: 1.1 50670fc09f8465be7ae4adcf6e33ab7a.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 58639
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: O8YOn79XKxdc9jExee2b2FkDJayhpIYE_Ft_BxrvARipUUGzjS1ARg==

GET
H/1.1 200
OK universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 164B 488 B
1003 B 293ms
65ms Script
application/x-javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fhienapple.com%2F&upid=t8xbszz&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 17:18:50 GMT
Via: 1.1 8cdf4e2d4f4070992665477c4dbca0c0.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:40 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
Age: 58639
ETag: "2775054c068b37509e0798448f7fd32c"
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 488
X-Amz-Cf-Id: 7LpB7W0B4yGWh42SHm6OMYGHAhnsbsruHkpaZxJH6huDkmcQYU_Vag==

GET
H2 200 /
ct.pinterest.com/user/ 569 B
900 B 1159ms
94ms XHR
application/json 173.223.56.237

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1693215368312&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 09:36:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.ae912f17.1693215369.9456989d
x-envoy-upstream-service-time: 3
content-length: 386
x-pinterest-rid: 1403681722139172
pin-unauth: dWlkPU9HWXdaV0kzT1RjdFpUVmhPUzAwTmpsaExUZzJZekF0T0dNell6TTNOV1JpT1RNdw
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hienapple.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
pinterest-version: d5699b0296b6f850a86763893e32a924d475c0e6
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=...
adservice.google.com/ddm/fls/z/ Frame E3FF 42 B
401 B 494ms
170ms Image
image/gif 2607:f8b0:4006:80b::2002

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F

Requested by

Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=CM_krOSG_4ADFT8JaAgdtvIJ1g;src=11264551;type=micro0;cat=micro006;ord=7949072727842;auiddc=1868121180.1693215367;u9=sf%3Aus%3Aagent-micro-m%3A4x3ff63bval;gtm=45He38n0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fhienapple.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://11264551.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 09:36:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
368 B 1156ms
152ms Image
image/gif 173.223.56.237

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fhienapple.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2285b84545%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1693215368331

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 09:36:09 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.ae912f17.1693215369.9456989e
content-type: image/gif
access-control-allow-origin: *
pinterest-version: d5699b0296b6f850a86763893e32a924d475c0e6
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 1710401244668008
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

appnexus
match.adsrvr.org/track/cmf/ Frame ADD3
Redirect Chain

https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Da6949f9a-55a5-4e18-b0f0-605dc03378b1
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1390817801571001183&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1

70 B
635 B

137ms
78ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1390817801571001183&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:09 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: 195405d9-2276-47fc-8c82-be57e12aa283
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 09:36:09 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=1390817801571001183&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 167.88.7.162; 167.88.7.162; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

google
match.adsrvr.org/track/cmf/ Frame 2860
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY5NDlmOWEtNTVhNS00ZTE4LWIwZjAtNjA1ZGMwMzM3OGIx&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1

70 B
609 B

111ms
75ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:08 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:36:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2

200

rubicon
match.adsrvr.org/track/cmf/ Frame C677
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a6949f9a-55a5-4e18-b0f0-605dc03378b1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
609 B

117ms
77ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:09 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 314e432eb2d967cf733b82bdbbe35231
content-length: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame FF8A
Redirect Chain

https://ups.analytics.yahoo.com/ups/55953/sync?uid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-EhM4D2FE2uIXScRUreDzzpzCXXFR4PQ-~A&gdpr=0

70 B
609 B

138ms
29ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-EhM4D2FE2uIXScRUreDzzpzCXXFR4PQ-~A&gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:08 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

age: 0
content-length: 0
date: Mon, 28 Aug 2023 09:36:08 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-EhM4D2FE2uIXScRUreDzzpzCXXFR4PQ-~A&gdpr=0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server: ATS/9.1.10.75
strict-transport-security: max-age=31536000

GET
H2

200

rubicon
match.adsrvr.org/track/cmf/ Frame B1BC
Redirect Chain

https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a6949f9a-55a5-4e18-b0f0-605dc03378b1&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

70 B
609 B

165ms
69ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:09 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
Expires: 0
Location: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
X-RPHost: 0228ab361cece0438ff9eb16e4e5890e
content-length: 0

GET
H2

200

google
match.adsrvr.org/track/cmf/ Frame 7DEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YTY5NDlmOWEtNTVhNS00ZTE4LWIwZjAtNjA1ZGMwMzM3OGIx&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1

70 B
609 B

192ms
98ms

Document
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 28 Aug 2023 09:36:09 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 386
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:36:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=a6949f9a-55a5-4e18-b0f0-605dc03378b1&google_gid=CAESENZGhTm94U977dL4DrTnkEg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 ct.html
ct.pinterest.com/ Frame F4B7 565 B
626 B 96ms
63ms Document
text/html 173.223.56.237

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.85b84545.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

173.223.56.237 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

akamai-grn: 0.ae912f17.1693215369.94569b9a
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 09:36:09 GMT
pinterest-version: d5699b0296b6f850a86763893e32a924d475c0e6
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 8347593252802274

GET
H3 200 1936962093151750
connect.facebook.net/signals/config/ 136 KB
35 KB 3180ms
3005ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.125&r=stable&domain=hienapple.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 09:36:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: c27HBXr2KeMRzVPmZYu78v/rOLtGe9XHb6fx1Y5bdWfFsh3y5Oj+eYpiQRmbM2nNzw5l5mhi5WSqWYVfJ8mhCA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 650ms
0ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Fhienapple.com&rl=&if=false&ts=1693215369957&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=28&fbp=fb.1.1693215369938.1860380116&pm=1&hrl=e8882f&it=1693215367250&coo=false&cs_cc=1&cas=1214633611919409%2C5230493466989894&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 09:36:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 434ms
314ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fhienapple.com%2F&rl=&if=false&ts=1693215373205&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693215369938.1860380116&it=1693215367250&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://hienapple.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 09:36:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 /
www.facebook.com/tr/ Frame E99C 0
18 B 93ms
62ms Document
text/plain 2a03:2880:f112:83:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://hienapple.com
Referer: https://hienapple.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://hienapple.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 28 Aug 2023 09:36:13 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://hienapple.com/ Message: The resource https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://hienapple.com/ Message: The resource https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fdco%2Fmx%2Fapprovals%2Faccepted%2F4X3FF63BVAL_office_banner_20211202T203259Z_hienapple_com_vehc9ckvnu.jpeg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
hienapple.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
nexus.ensighten.com
peachy.prod.mirus.io
pixel.rubiconproject.com
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
104.198.70.133
108.139.33.128
142.250.80.102
142.251.40.194
15.197.193.217
173.223.56.237
18.164.116.22
18.164.96.22
2600:141b:13:792::1931
2607:f8b0:4006:80b::2002
2607:f8b0:4006:821::2008
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a09:8280:1::42:4195
3.208.248.194
34.200.65.202
34.213.103.33
34.69.219.172
35.190.60.146
44.230.125.0
54.88.241.171
63.140.36.121
68.67.179.155
69.173.151.100
75.101.158.101
036960a47f7d4899489dc15f9c5bca2e88ae7a23a24f66c1ce4b629da8469830
05bbdddeb7ffcd6c30dbccc889252ed44e81cc0f4ba52aca567dc541e6317e82
330eca0a88ed117c740b000da026490d5c93cc9d4cd86aa213462ee185238cdf
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
50f413502236be37797a1c4d60f65f9aac355677c5c3cbe6b0513212ecc180d1
55752cb84aca7457073f43f97cf284aa01f25081e75b045a4b643678b80f9656
5bb7757a0613c2f48d5d53de09f1fd686237ab8df84284eee06e94bd033c76d2
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5d0f0407096d756184fee3329b904656d444a8a256b8fa9948caed8d70c10ece
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
82722a5d0c4d4783a858093caa93f25f26705eb851358cbd4f191ca2b576189f
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8a683d050ac6efc339f14c05f5c5d3cf0dfb26542eed2f971f462e633f8c4646
8fc77b9318feeba56c0e0247073788cdc79bd410708402cc49b84c35a26d69b5
9f459a787cbc6bd2dcfe2c11717529c045d1bc047bbfb50eebd57fcd3c559ccf
af5760389b50f3fc6abb53180e3d83603df33ce34b56590789d225946f4fdf22
b523572388fa4099755561809c20fe4bd03135c8dabc5948fdccf7a6058b7d94
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d839d78e8fae662cc0848c4443c305348fb3112d7b21eab9bd22c5de157fce15
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e820ef5c0892b675133635e235721931232ce84f7f61cbb08585fbb1350eaaeb
f11791574d65786d46136f1b6f91604b8f1df9b746a1f029d931b9b6c88079b7

hienapple.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

74 Requests

91 %HTTPS

24 %IPv6

20 Domains

27 Subdomains

18 IPs

1 Countries

1035 kBTransfer

2770 kBSize

Cookies

0 Outgoing links

Page URL History

Redirected requests

74 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hienapple.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

74
Requests

91 %
HTTPS

24 %
IPv6

20
Domains

27
Subdomains

18
IPs

1
Countries

1035 kB
Transfer

2770 kB
Size

74 HTTP transactions
0 data transactions