savings.nevadapowersolutions.com Open in urlscan Pro
76.223.27.102  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response savings.nevadapowersolutions.com/	11 KB 4 KB	260ms 128ms	Document text/html	76.223.27.102 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 76.223.27.102 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS a20b9ee60132ef283.awsglobalaccelerator.com Software openresty / Resource Hash e1a965a880b4b05a8424d33fb1d209f2c40e7d08eef829e525ee2df9adaa93c5 Request headers :method GET :authority savings.nevadapowersolutions.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server openresty date Wed, 20 Jan 2021 17:40:56 GMT content-type text/html content-length 4284 content-encoding gzip via 1.1 varnish, 1.1 varnish accept-ranges bytes age 0 x-served-by cache-dca17754-DCA, cache-dub4332-DUB x-cache HIT, MISS x-cache-hits 1, 0 x-timer S1611164456.339611,VS0,VE84 vary Accept-Encoding x-cluster-name eu-west-1-prod-eks-15
GET H2	200	nevada-power-savings.webflow.295842559.css uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/css/	43 KB 10 KB	427ms 382ms	Stylesheet text/css	65.9.73.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/css/nevada-power-savings.webflow.295842559.css Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.41 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 470c83d6cbacb6d8dfb4481cbbaa6f8380f9d07447938283e0fad5713d854748 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Wed, 20 Jan 2021 17:40:57 GMT content-encoding gzip last-modified Wed, 20 Jan 2021 17:40:41 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "76f2e658c49f1a55b114e2a85362e525" x-cache Miss from cloudfront x-amz-version-id CloE724G7P6GVp93A0sUaz_LrloKIzd1 via 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront) cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/css content-length 9965 x-amz-cf-id 7IsUAqRYPj5a-BsrVXBWBdkAAGzkYm8SUs6icKuKI235iQv9wi0LNw==
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	8ms 6ms	Script text/javascript	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 19 Jan 2021 16:59:59 GMT content-encoding gzip x-content-type-options nosniff age 88857 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 19 Jan 2022 16:59:59 GMT
GET H2	200	Chart.min.js Show response cdnjs.cloudflare.com/ajax/libs/Chart.js/3.0.0-alpha/	173 KB 48 KB	45ms 43ms	Script application/javascript	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Chart.js/3.0.0-alpha/Chart.min.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee5e77fa6bbfa043b827dec424c0726913dc98568c9a1f861611d5134c79ad41 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 17:40:56 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"max_age":604800,"report_to":"cf-nel"} age 2207943 cross-origin-resource-policy cross-origin vary Accept-Encoding content-length 48500 cf-request-id 07c27bae0b0000d72922873000000001 timing-allow-origin * last-modified Mon, 04 May 2020 16:03:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cee-2b5bd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gtGP6uARdaAPUUaDvF4rJEbAXpfANAnpv9GXRTuS3FeNyn14CMORdKui07ja0JGeqcn7EGVSfIjTHBBygXRCuuBAoIC%2Fvx%2FpVvx6y7FwaajI5Mr90amHyAR6GyoEZ34Hug%3D%3D"}],"max_age":604800,"group":"cf-nel"} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes cf-ray 614a955cddbad729-FRA expires Mon, 10 Jan 2022 17:40:56 GMT
GET H2	200	utils.js Show response burbujagp.com/js/	3 KB 2 KB	316ms 101ms	Script application/javascript	107.180.12.15 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://burbujagp.com/js/utils.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.12.15 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-15.ip.secureserver.net Software Apache / Resource Hash 05772bfbfc91a436084278b3765cea57ec53ea5d9c94046bfa31b197d0f37869 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 17:40:56 GMT content-encoding gzip last-modified Wed, 28 Oct 2020 21:53:43 GMT server Apache etag "64289c-cf5-5b2c23277709f-gzip" vary Accept-Encoding,User-Agent content-type application/javascript accept-ranges bytes content-length 1426
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	414ms 367ms	Script application/javascript	65.9.76.170 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6008542a03c03ff2b2804ac2 Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.76.170 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Origin https://savings.nevadapowersolutions.com Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 17:40:57 GMT content-encoding gzip last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=84600, must-revalidate x-cache Miss from cloudfront x-amz-cf-id -a1GLMj5uVKmHzk4fOTLigmP4Uu9KX4n5f2T-Q9kakFUZ_fxAIeyAA== via 1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
GET H2	200	webflow.7325db16d.js Show response uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/js/	40 KB 15 KB	406ms 363ms	Script text/javascript	65.9.73.41 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/js/webflow.7325db16d.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.41 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79576958c6edbe39709d47508590e812a1a979c85ab9f1fa55604d4f4537ebd9 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Wed, 20 Jan 2021 17:40:57 GMT content-encoding gzip last-modified Wed, 20 Jan 2021 17:40:40 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 etag "7e37541280db0bb55b8b7b32bd4b683b" x-cache Miss from cloudfront x-amz-version-id zWlC9Bt3ueFK4LCagEWCBh0G3GhnpgPb via 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront) cache-control max-age=84600, must-revalidate accept-ranges bytes content-type text/javascript content-length 14565 x-amz-cf-id NEFC4om96B67QBwSpBx27QCQVtoo4lHCYIsROFG5raLmSxpObunS5Q==
GET H2	200	savings.js Show response burbujagp.com/js/	9 KB 2 KB	316ms 101ms	Script application/javascript	107.180.12.15 AS-26496-GO-DADDY...
General Check archive.org Show headers Download Go to Full URL https://burbujagp.com/js/savings.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 107.180.12.15 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US), Reverse DNS ip-107-180-12-15.ip.secureserver.net Software Apache / Resource Hash 117994bc2776310ce1d76cc362b1f5920ca70bddf0b14ae23840b5411c801425 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 17:40:56 GMT content-encoding gzip last-modified Tue, 12 Jan 2021 16:55:10 GMT server Apache etag "64289d-2541-5b8b6e2b825fc-gzip" vary Accept-Encoding,User-Agent content-type application/javascript accept-ranges bytes content-length 2115
GET H2	200	pvyr-cf.min.js Show response ei.privyr.com/v2.3/	188 KB 188 KB	57ms 10ms	Script application/javascript	2600:9000:206f:ea00:11:f32e:1500:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ei.privyr.com/v2.3/pvyr-cf.min.js Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:206f:ea00:11:f32e:1500:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b38af8af9e7b3c9a2f41767773d98797e8d3fb9327978129a14667ceaa90bd25 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 00:41:31 GMT content-encoding text last-modified Tue, 12 Jan 2021 05:43:01 GMT server AmazonS3 age 61165 etag "880d6528020f4d6705fa4fe7c222e6d5" x-cache Hit from cloudfront content-type application/javascript via 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 192155 x-amz-cf-id 1j69SIlalcc2jOpMhTpdlRMi-w_aHRIxjM0UdPYy3IPISoblXRV0Gw==
GET H2	200	css fonts.googleapis.com/	2 KB 528 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:819::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4ea78bb3bc4dc1b9fa638872cfb93f7ca64037590d6cfbeac6432b7d10a06c33 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 20 Jan 2021 17:40:56 GMT server ESF date Wed, 20 Jan 2021 17:40:56 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 20 Jan 2021 17:40:56 GMT
GET H2	200	6008668d2b3a2f246a4b3911_Hero%20Image.jpg uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/	757 KB 758 KB	34ms 33ms	Image image/jpeg	65.9.73.41 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/6008668d2b3a2f246a4b3911_Hero%20Image.jpg Requested by Host: uploads-ssl.webflow.com URL: https://uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/css/nevada-power-savings.webflow.295842559.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.41 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c1d1edd734ceba674884628865ed18762ad6915a4363acc87caa9117e7695085 Request headers Referer https://uploads-ssl.webflow.com/6008542a03c03ff2b2804ac2/css/nevada-power-savings.webflow.295842559.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Wed, 20 Jan 2021 17:21:20 GMT via 1.1 8da78542dac6b4328eb443200c30bbff.cloudfront.net (CloudFront) last-modified Wed, 20 Jan 2021 17:21:19 GMT server AmazonS3 age 1177 etag "6573b93ca493885b869a90ca8b6f6684" x-cache Hit from cloudfront x-amz-version-id vusV26n6SPzTTv7YBv9YxxEaQ_ApZoKM cache-control max-age=31536000, must-revalidate x-amz-cf-pop AMS1-C1 accept-ranges bytes content-type image/jpeg content-length 775017 x-amz-cf-id m0KglU4BFnmxaVJVOSrvw_cS5ECDkUTIAtrIsgPYLMi-7g39896IEg==
GET H2	200	6xKudSxYI9__J9CYLUv0BnYASA.woff2 fonts.gstatic.com/s/sen/v2/	10 KB 10 KB	6ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__J9CYLUv0BnYASA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://savings.nevadapowersolutions.com Referer https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 14 Jan 2021 12:27:24 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 19:38:49 GMT server sffe age 537212 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10244 x-xss-protection 0 expires Fri, 14 Jan 2022 12:27:24 GMT
GET H2	200	6xKjdSxYI9_3nPWNAGn5LA.woff2 fonts.gstatic.com/s/sen/v2/	10 KB 10 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sen/v2/6xKjdSxYI9_3nPWNAGn5LA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://savings.nevadapowersolutions.com Referer https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 18 Jan 2021 22:41:45 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 19:43:44 GMT server sffe age 154751 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10108 x-xss-protection 0 expires Tue, 18 Jan 2022 22:41:45 GMT
GET H3-Q050	200	6xKudSxYI9__O9OYLUv0BnYASA.woff2 fonts.gstatic.com/s/sen/v2/	10 KB 10 KB	36ms 21ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sen/v2/6xKudSxYI9__O9OYLUv0BnYASA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cbe6d36b59c5d576c76f9822a88bd168fd7b128c23412ad341f5920fda4bee72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://savings.nevadapowersolutions.com Referer https://fonts.googleapis.com/css?family=Sen:regular,700,800&subset=latin,latin-ext User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 19 Jan 2021 21:42:48 GMT x-content-type-options nosniff last-modified Thu, 23 Jul 2020 19:43:00 GMT server sffe age 71888 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10168 x-xss-protection 0 expires Wed, 19 Jan 2022 21:42:48 GMT
GET H/1.1	200 OK	WidgetScript Show response app.purechat.com/VisitorWidget/	8 KB 4 KB	55ms 18ms	Script application/javascript	65.9.73.3 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.purechat.com/VisitorWidget/WidgetScript Requested by Host: savings.nevadapowersolutions.com URL: https://savings.nevadapowersolutions.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.73.3 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4fb280062f2a139e61741490b5579d9f9059fcb785598ab69898abf691a24f8d Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 20 Jan 2021 15:37:34 GMT Content-Encoding gzip Age 7404 Transfer-Encoding chunked X-Cache Hit from cloudfront Connection keep-alive Last-Modified Mon, 11 Jan 2021 20:54:58 GMT Server AmazonS3 ETag W/"77762d1e0dc30d88e993223b5110ea05" Vary Accept-Encoding x-amz-version-id null Via 1.1 317b3418459e7cb903a13afaecea9340.cloudfront.net (CloudFront) Cache-Control public,max-age=14400 X-Amz-Cf-Pop AMS1-C1 Content-Type application/javascript; charset=utf-8 X-Amz-Cf-Id XVsFBjOCAU_ZYyYCwCKv-V2mP9UgGkZkCBHevEak0YWiZnffd8wI1w==
GET H2	200	271e8d8b-aad4-4166-aa43-f994a84390dd Show response widgetapi.purechat.com/api/visitorwidget/widgetversions/	170 B 517 B	953ms 714ms	XHR application/json	18.216.125.202 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://widgetapi.purechat.com/api/visitorwidget/widgetversions/271e8d8b-aad4-4166-aa43-f994a84390dd Requested by Host: app.purechat.com URL: https://app.purechat.com/VisitorWidget/WidgetScript Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.216.125.202 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-216-125-202.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / Resource Hash 595bb01818aa159dc8eb079e91e349970d89f8cb399d78743eaf64cfeedd0cd7 Request headers Referer https://savings.nevadapowersolutions.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 20 Jan 2021 17:40:58 GMT server Microsoft-IIS/10.0 vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://savings.nevadapowersolutions.com access-control-expose-headers X-Requires-Auth cache-control max-age=60 access-control-allow-credentials true content-length 170

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| WebFont function| Chart object| chartColors object| Samples function| randomScalingFactor function| $ function| jQuery function| tram object| Webflow number| solar number| numberYear object| YEARS object| config object| purechatApi object| PrivyrGenericCfIntegration object| __SENTRY__ function| pvyrjq string| _pvyr_cf_code string| _pvyr_host undefined| _privyr_cf function| PCWidget object| myLine

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://ei.privyr.com/v2.3/pvyr-cf.min.js(Line 40) Message: Beat is initialized!!!
console-api	log	URL: https://ei.privyr.com/v2.3/pvyr-cf.min.js(Line 40) Message: Beat is initialized!!!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.purechat.com
burbujagp.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
ei.privyr.com
fonts.googleapis.com
fonts.gstatic.com
savings.nevadapowersolutions.com
uploads-ssl.webflow.com
widgetapi.purechat.com
107.180.12.15
18.216.125.202
2600:9000:206f:ea00:11:f32e:1500:93a1
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:819::200a
65.9.73.3
65.9.73.41
65.9.76.170
76.223.27.102
05772bfbfc91a436084278b3765cea57ec53ea5d9c94046bfa31b197d0f37869
117994bc2776310ce1d76cc362b1f5920ca70bddf0b14ae23840b5411c801425
165ec2e19d2faa9e3562a32cd4e82e03ab835c7ebd6e7a66b589d6687b5fb3d7
23b2fd21777b1f79dcd57f38ec1254fde451e11aa5ebc24938b1079a7b4e8a6c
470c83d6cbacb6d8dfb4481cbbaa6f8380f9d07447938283e0fad5713d854748
4ea78bb3bc4dc1b9fa638872cfb93f7ca64037590d6cfbeac6432b7d10a06c33
4fb280062f2a139e61741490b5579d9f9059fcb785598ab69898abf691a24f8d
595bb01818aa159dc8eb079e91e349970d89f8cb399d78743eaf64cfeedd0cd7
79576958c6edbe39709d47508590e812a1a979c85ab9f1fa55604d4f4537ebd9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
b38af8af9e7b3c9a2f41767773d98797e8d3fb9327978129a14667ceaa90bd25
c1d1edd734ceba674884628865ed18762ad6915a4363acc87caa9117e7695085
cbe6d36b59c5d576c76f9822a88bd168fd7b128c23412ad341f5920fda4bee72
e1a965a880b4b05a8424d33fb1d209f2c40e7d08eef829e525ee2df9adaa93c5
ee5e77fa6bbfa043b827dec424c0726913dc98568c9a1f861611d5134c79ad41
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d