www.savingwithvic.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.savingwithvic.com/
Submission: On November 17 via automatic, source certstream-suspicious (November 17th 2025, 12:30:21 pm UTC) — Scanned from PL

Summary HTTP 104 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 104 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.savingwithvic.com.
TLS certificate: Issued by R13 on November 15th 2025. Valid for: 3 months.

This is the only time www.savingwithvic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
35	137.66.27.45 137.66.27.45	40509 (FLY) (FLY)
1	54.162.147.28 54.162.147.28	14618 (AMAZON-AES) (AMAZON-AES)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	23.213.161.205 23.213.161.205	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	108.138.26.5 108.138.26.5	16509 (AMAZON-02) (AMAZON-02)
1 3	54.216.35.139 54.216.35.139	16509 (AMAZON-02) (AMAZON-02)
2	52.214.80.236 52.214.80.236	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.139 63.140.62.139	16509 (AMAZON-02) (AMAZON-02)
1 1	52.17.84.36 52.17.84.36	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 9	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
17	142.250.185.104 142.250.185.104	15169 (GOOGLE) (GOOGLE)
1	142.250.181.228 142.250.181.228	15169 (GOOGLE) (GOOGLE)
4	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
3	18.172.114.101 18.172.114.101	16509 (AMAZON-02) (AMAZON-02)
2	3.174.46.39 3.174.46.39	16509 (AMAZON-02) (AMAZON-02)
2 4	52.95.126.160 52.95.126.160	16509 (AMAZON-02) (AMAZON-02)
5	35.190.43.134 35.190.43.134	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
104	20

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

www.savingwithvic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 137.66.27.45 (United States)

ASN40509 (FLY, US)
PTR: ip-137-66-27-45.customer.flyio.net

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.162.147.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-147-28.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.161.205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-213-161-205.deploy.static.akamaitechnologies.com

online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.26.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-5.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.35.139 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-35-139.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.80.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-80-236.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.139 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-139.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.84.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-36.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.172.114.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-114-101.fra60.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.174.46.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-174-46-39.fra60.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.95.126.160 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 227576 peachy.prod.mirus.io — Cisco Umbrella Rank: 296369	716 KB
17	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	2 MB
12	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 449 js.adsrvr.org — Cisco Umbrella Rank: 1240 insight.adsrvr.org — Cisco Umbrella Rank: 1015	12 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 435 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1251	10 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 5015	72 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 862 tr6.snapchat.com — Cisco Umbrella Rank: 1094	1 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 302 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 76786	6 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 235	188 KB
3	statefarm.com online.statefarm.com — Cisco Umbrella Rank: 36269 smetrics.statefarm.com — Cisco Umbrella Rank: 32989	3 KB
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 6511	38 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 317	1 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1039	25 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1633	490 B
1	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 35464 deel-app-cf.dasdicgr.prod.c1.statefarm Failed deel-id-persistence.deel.c1.statefarm Failed	6 KB
1	savingwithvic.com www.savingwithvic.com	294 KB
0	krxd.net Failed usermatch.krxd.net Failed
0	yahoo.com Failed ups.analytics.yahoo.com Failed
104	18

	Domain	Requested by
35	ephemera.mirus.io	www.savingwithvic.com
17	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com
6	insight.adsrvr.org	2 redirects js.adsrvr.org
6	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
4	tr.snapchat.com	sc-static.net
4	aax-eu.amazon-adsystem.com	2 redirects
4	c.amazon-adsystem.com	www.googletagmanager.com c.amazon-adsystem.com
4	dpm.demdex.net	1 redirects
4	connect.facebook.net	www.savingwithvic.com connect.facebook.net
3	js.adsrvr.org	www.googletagmanager.com match.adsrvr.org
3	match.adsrvr.org	js.adsrvr.org
2	solutions.invocacdn.com	www.savingwithvic.com solutions.invocacdn.com
2	cm.g.doubleclick.net	2 redirects
2	smetrics.statefarm.com	nexus.ensighten.com
2	peachy.prod.mirus.io	www.savingwithvic.com
1	tr6.snapchat.com	sc-static.net
1	sc-static.net	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	online.statefarm.com	invocation.deel.c1.statefarm
1	invocation.deel.c1.statefarm	www.savingwithvic.com
1	www.savingwithvic.com
0	usermatch.krxd.net Failed
0	ups.analytics.yahoo.com Failed
0	deel-id-persistence.deel.c1.statefarm Failed	invocation.deel.c1.statefarm nexus.ensighten.com
0	deel-app-cf.dasdicgr.prod.c1.statefarm Failed	invocation.deel.c1.statefarm
104	27

This site contains links to these domains. Also see Links.

Domain
customer-registration.statefarm.com
auth.proofing.statefarm.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com
www.google.com
get-id-card.statefarm.com
retrieve-quote.statefarm.com
www.statefarm.com
financials.statefarm.com
www.youtube.com
www.indeed.com
trupanion.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
savingwithvic.com R13	`2025-11-15` - `2026-02-13`	3 months	crt.sh
ephemera.mirus.io E8	`2025-11-13` - `2026-02-11`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2025-02-18` - `2026-03-19`	a year	crt.sh
*.facebook.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-08-26` - `2025-11-24`	3 months	crt.sh
statefarm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-06-20` - `2026-06-19`	a year	crt.sh
peachy.prod.mirus.io R12	`2025-09-30` - `2025-12-29`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M04	`2025-07-31` - `2026-08-29`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-10-14` - `2026-11-14`	a year	crt.sh
smetrics.statefarm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-02-05` - `2026-03-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2025-03-19` - `2026-04-02`	a year	crt.sh
*.google-analytics.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
*.google.com WE2	`2025-10-27` - `2026-01-19`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M04	`2025-10-20` - `2026-11-18`	a year	crt.sh
sc-static.net Amazon RSA 2048 M01	`2025-10-22` - `2026-11-20`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M03	`2025-07-24` - `2026-08-21`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2025-07-17` - `2026-07-16`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.savingwithvic.com/
Frame ID: 057E19ABDA79A156FFD75192489FE9F8
Requests: 90 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 15A40DCFD6E09DC8065EB89CBE186DFD
Requests: 5 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/5ba0/sw_iframe.html?origin=https%3A%2F%2Fwww.savingwithvic.com
Frame ID: CF73C9755D1074A3962DF1ABE0F54549
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=6b4f354c-9332-4438-bcfa-1d5f7b882ba1&u_sclid=5a940d59-07ff-4679-b315-9e7010737fea
Frame ID: 1F5679606194705F6E9330474643BA41
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Frame ID: 95D4ABE19AE7EB873ED251AB3E55E90C
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Frame ID: 2755F536C4C08814C63055C91EDA67C0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Insurance & Financial Services Agent Vic Gulaty in Florida

Detected technologies

Bootstrap (UI frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

104
Requests

89 %
HTTPS

0 %
IPv6

18
Domains

27
Subdomains

20
IPs

4
Countries

3487 kB
Transfer

9620 kB
Size

25
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://customer-registration.statefarm.com/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://auth.proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/112366774663308

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/vicgulaty

Search URL Search Domain Scan URL

URL: https://twitter.com/savingwithvic

Search URL Search Domain Scan URL

URL: https://www.instagram.com/savingwithvic/

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=26.272568%2C-80.097316&query_place_id=ChIJvaPM1bDj2IgRWIJAlhzkTzo
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.statefarm.com/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://retrieve-quote.statefarm.com/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/life-insurance/cover-two-people-with-one-policy-often-at-lower-cost#agentAssociateId=4HGX8B30TGF
Title: Cover two people with one policy, often at lower cost

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/car-maintenance-that-you-can-do-yourself#agentAssociateId=4HGX8B30TGF
Title: Car maintenance tasks you can do yourself

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/residence/putting-kitchen-safety-first#agentAssociateId=4HGX8B30TGF
Title: Putting kitchen safety first

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=4HGX8B30TGF
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qsW9TNmQ4gA
Title: Lumbar Support (:30)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=H8c203SISGg
Title: IRL (:30)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=i7h4kNoskAI
Title: Controller (:15)

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=qGcUFpgTEe0
Title: Don't Touch That

Search URL Search Domain Scan URL

URL: https://www.indeed.com/cmp/Vic-Gulaty-Insurance-&-Financial-Services,-Inc/jobs
Title: https://www.indeed.com/cmp/Vic-Gulaty-Insurance-&-Financial-Services,-Inc/jobs

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698

Request Chain 53

https://cm.everesttech.net/cm/dd?d_uuid=62788057427818773291589295600854597753 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=aRsVYQAAAGgBsAOV

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjI3ODgwNTc0Mjc4MTg3NzMyOTE1ODkyOTU2MDA4NTQ1OTc3NTM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjI3ODgwNTc0Mjc4MTg3NzMyOTE1ODkyOTU2MDA4NTQ1OTc3NTM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFOxO5B3L3Kpi83URPXPGhQ&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 58

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=62788057427818773291589295600854597753&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=62788057427818773291589295600854597753&gdpr=0&gdpr_consent=

Request Chain 85

https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd&dcc=t

Request Chain 87

https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5f27cef0-8a9d-4b2c-9491-d18f20a3103b HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5f27cef0-8a9d-4b2c-9491-d18f20a3103b&dcc=t

Request Chain 92

https://insight.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https://www.savingwithvic.com/ HTTP 302
https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1

Request Chain 93

https://insight.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https://www.savingwithvic.com/ HTTP 302
https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1

104 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.savingwithvic.com/ 1 MB
294 KB 722ms
325ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c1acc3ac444d78641286a62fede656fbccb927dda7e4197181879ddcac9957d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Mon, 17 Nov 2025 12:30:22 GMT
etag: "561bfe4c2cb916c2fdbdfc2bda304001"
expires: Mon, 17 Nov 2025 12:30:52 GMT
last-modified: Mon, 17 Nov 2025 11:34:04 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:savingwithvic.com/
x-cheesecrd-path: /
x-goog-generation: 1763379244181463
x-goog-hash: crc32c=NWuw8g== md5=Vhv+TCy5FsL9vfwr2jBAAQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 300531
x-guploader-uploadid: AOCedOG1ZHABtE4Xh8x2pNqZknyfEiigve-0cXjhvrano25ViB6l-Onc7PLmBH97JQQcyHj9

GET
H2 200 4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 51 KB
52 KB 339ms
157ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

59e5971e3b605b0123e77df9311ec2bdf953ec39e1d4761af6e20a09825aac36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYSX2KPMCFQ5Q1KHH5F3-ams
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg--with-webp
content-length: 52646
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 13 KB
6 KB 647ms
317ms Script
text/javascript 54.162.147.28
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.162.147.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-162-147-28.compute-1.amazonaws.com
Software: /
Resource Hash: 8d1bc38a0bde02d8cf5afbdfda1da39efcc5f4a425edffb49c01a5bd959d7726

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: UMBG9FoRIAMEkNw=
x-amzn-trace-id: Root=1-691b155f-53056762258522b836697137;Parent=71f51c51d618e5e4;Sampled=0;Lineage=1:bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: 5ddb2c2a-833f-43bf-83a4-acc236126465
access-control-allow-origin: *
server-timing: generated;dur=8.1343640005216,ch;desc=1763382623350
content-length: 5639
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 106ms
52ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a55d2ba612e1797fd5eb6d6588292b7c8f5fffd298fdad07c30d5c7668ce147e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

content-md5: c8xKv977mjh88dk5lO2v+w==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "e8c5bf6b6c95936a1a988372e13e21d9"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 12:36:42 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 12:30:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: d3b31712e2f4c8ffeee296356a56aa53
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=23, mss=1232, tbw=4979, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: hVbz58rUGK4B4Yw9IQ5fMsYjHpQjG3hX+i0wfLZkOOn4qh7a9o8GDPuwPsFkjrbwiKIcNYd825RdT0kc3Qv1pg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
content-length: 1684
origin-agent-cluster: ?1

GET
H2 200 4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 15 KB
16 KB 336ms
156ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

1f5ce50cd7688e447af72f8db424565be5d1f821ea4343daf115981a2235e147

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
x-region: ewr
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg--with-webp
content-length: 15718
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
fly-request-id: 01KA8WPYSXPAQ8J3JPF6PAVM5W-ams
server: Fly/3807f396 (2025-11-11)
vary: Accept

GET
H2 200 4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
2 KB 333ms
153ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

ce4fada933ea0f6745302d60bc91c0cc8cc08216a2361e77962db6b75ffe2ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYSWG8SEWZ2KR1S612F9-ams
cache-control: max-age=31536000
via: 2 fly.io, 2 fly.io
expires: Thu, 10 Sep 2026 00:20:39 GMT
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg--with-webp
content-length: 1394
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 31 KB
32 KB 300ms
131ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32208
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:04 GMT
fly-request-id: 01KA8WPYS78G3KTFZBE97GBGJX-ams
x-guploader-uploadid: AAwnv3ILLm14mHFThcdnzaUSn_kU2Zp_WMF3gn4LLI_Nu74ZWIIMAB4tVugoQo02FJp8jaw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-SemiBold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244204479994
content-length: 32208
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 31 KB
32 KB 300ms
131ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32200
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:02 GMT
fly-request-id: 01KA8WPYS7GV7N0CHTVBNZ7YYV-ams
x-guploader-uploadid: AAwnv3J6B20Mt9r-xkAu1GrHafce02G92hJmNzLgTPpb4XuwjKVEMHDfBKNmX7pdFt57eNm6cp2i_4A
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244202262012
content-length: 32200
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 31 KB
32 KB 345ms
177ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31948
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:03 GMT
fly-request-id: 01KA8WPYS7QXBR50HA7D56G0W0-ams
x-guploader-uploadid: AAwnv3Lp1ZyeMBmbADI0ODLmOSdOz_BEP7O6n9ouPmeYkTLYsjKhTihFFLfHglmKLgr6TOkx_NBHkSY
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244203349889
content-length: 31948
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 31 KB
32 KB 301ms
132ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31812
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:01 GMT
fly-request-id: 01KA8WPYS7GMREJBD8JTYTH5TY-ams
x-guploader-uploadid: AAwnv3Ly0cku9YboJPCTLSzPDxUexaFgN2Pn9cZ8xHKhfeny_vShu1eMcA1_BVcnZPXiy7zL
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSans-Bold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244201227498
content-length: 31812
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 256 KB
75 KB 52ms
52ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=f6ce4d36cb6b8361110bb14c04fbb055

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

6b5aa192e86c0c10b21394bb3d25332ec686b5cd4080a8d2f1ddb9b64a64abf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

content-md5: 1Ga9UkyaHqpmK/OjN9yR1g==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "f8d8f6aeafae69199a6c165fdfd963ab"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 17 Nov 2026 10:05:44 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 12:30:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 6c3ab90bf96587aca7cd7a785b2b5e92
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=49, rtx=0, c=27, mss=1232, tbw=8835, tp=14, tpl=0, uplat=1, ullat=-1
x-fb-debug: uR0C7x7q1OPcEyp4uQGky4NBsL/eNC6JqNUf7D25jeHOY59c2HgjaJjUjQULsaAs/EiT38bEgpm6xSePTmYtFw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
access-control-allow-origin: *
content-length: 77055
origin-agent-cluster: ?1

GET
H2 200 MecherleSlab-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 33 KB
33 KB 204ms
178ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSlab-Regular.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=R7hKEQ==, md5=XnMD4p1rk7II6fQJx+1wRQ==
etag: "5e7303e29d6b93b208e9f409c7ed7045"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 33916
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:05 GMT
fly-request-id: 01KA8WPYSTG6SR9TDSZ9877QQJ-ams
x-guploader-uploadid: AAwnv3ItH8NX_TGWcyRfaBeEwufyPFgG8ROZNwPQH9SsyddgHUK2uDb3DbpH3PNEUC9OCqa6
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleSlab-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244205628324
content-length: 33916
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 sidebar-md-767605d1821717d53368c38f27fda990.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/ 3 KB
3 KB 132ms
131ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/sidebar-md-767605d1821717d53368c38f27fda990.png

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

3072cf9bb11bec1109e22649e973c31b507ab8e2823c4f54626e4f28ee285dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYWHZ6TZMJ2R6BA0ZVSD-ams
cache-control: public,max-age=31536000,immutable
via: 2 fly.io, 2 fly.io
expires: Mon, 28 Sep 2026 18:00:22 GMT
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/sidebar-md-767605d1821717d53368c38f27fda990.png--with-webp
content-length: 3302
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 314-two-people-one-policy-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 2 KB
2 KB 133ms
133ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/314-two-people-one-policy-wide.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

57fa8843e179e8a237c7b74c66e3b6d18c652d48c2d5901c1b70b4d7eb12b39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYYZ6KZDYRNQC94ZG6CQ-ams
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 11:39:31 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/314-two-people-one-policy-wide.jpg--with-webp
content-length: 1822
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 189-5-simple-auto-maintenance-tasks-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 2 KB
2 KB 138ms
138ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/189-5-simple-auto-maintenance-tasks-wide.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

e16d98fd1102cb7360db351ea75ca5d6a9777f5ddcade30a43f0730e101e6d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYZ41ER5S37JD8CFTDWV-ams
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 12:05:54 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/189-5-simple-auto-maintenance-tasks-wide.jpg--with-webp
content-length: 1682
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 417-kitchen-safety-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 2 KB
2 KB 142ms
142ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/417-kitchen-safety-wide.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

2ddb03283ffbc7c8d859dd8f2c0233dc24b8695e96c8cec706175e95799a2f5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYZ44FN2R4BXW1VK9ZEP-ams
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 12:03:40 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/417-kitchen-safety-wide.jpg--with-webp
content-length: 1854
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 3 KB
2 KB 134ms
134ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpineFileInput.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 53b8e8150f026b07be89a6183d1da76d3445ec8f159bcb1ba1e910b7b3b5df24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=EAeDSA==, md5=f6wKVjTUI1RfWP6M6+UkGw==
etag: "7fac0a5634d423545f58fe8cebe5241b"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1490
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
vary: Accept-Encoding
fly-request-id: 01KA8WPYZ4JHSCPV6SXHZG441A-ams
last-modified: Thu, 23 Oct 2025 18:30:39 GMT
x-guploader-uploadid: AAwnv3K8KiKfnulHpWohKOraiacGHXrWHfcoVUKwfmObSysRXzwMcifDa53nGmlLYAHS63GLxSvqBic
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpineFileInput.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244239138254
content-length: 1490
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 4HGX8B30TGF_staff_avatar_20250110164913Z_savingwithvic_com_gsdeievidx.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 964 B
1 KB 147ms
146ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20250110164913Z_savingwithvic_com_gsdeievidx.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

9c777b7c2ece099cc3c793a386a094ea22a85acc15f2ad6427454ae68cdfa021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYZ4QXW93MJQ7KVSZNNT-ams
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20250110164913Z_savingwithvic_com_gsdeievidx.jpg--with-webp
content-length: 964
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 4HGX8B30TGF_staff_avatar_20220708145353Z_savingwithvic_com_kteqdfyegf.jpeg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 822 B
1019 B 131ms
130ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20220708145353Z_savingwithvic_com_kteqdfyegf.jpeg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

5e5489d060c9f3ac5af5c2f1a96a9662b4dc249d64c5c3bb34936dee0c2eee5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
x-region: ewr
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20220708145353Z_savingwithvic_com_kteqdfyegf.jpeg--with-webp
content-length: 822
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
fly-request-id: 01KA8WPYZ5MBEBFEB4C14MG8AC-ams
server: Fly/3807f396 (2025-11-11)
vary: Accept

GET
H2 200 formalColorFull2x.jpg
ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/T/TRYTFBTGNGF/ 1000 B
1 KB 136ms
135ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/T/TRYTFBTGNGF/formalColorFull2x.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

18c8611be8019a044920afef9593d9647ba60b105bba331f5fb7663abf96e57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYZ56YEBWMN2AJY2VSR9-ams
cache-control: public, s-maxage=604800, max-age=604800, no-transform, stale-while-revalidate=259200
via: 2 fly.io, 2 fly.io
expires: Sat, 22 Nov 2025 20:28:39 GMT
x-cache-key: 64x0/https://ac1.st8fm.com/associate-photos/T/TRYTFBTGNGF/formalColorFull2x.jpg--with-webp
content-length: 1000
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 4HGX8B30TGF_staff_avatar_20250213144305Z_savingwithvic_com_lqtimjbocz.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
1 KB 148ms
147ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20250213144305Z_savingwithvic_com_lqtimjbocz.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

8733489260b0af5ab5ee4d0cbc9ef5a1c8220387b238b6e44b697505f3c364d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
x-region: ewr
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_staff_avatar_20250213144305Z_savingwithvic_com_lqtimjbocz.jpg--with-webp
content-length: 1054
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
fly-request-id: 01KA8WPYZPFBGFQTJ79E24DVZF-ams
server: Fly/3807f396 (2025-11-11)
vary: Accept

GET
H2 200 formalColorFull2x.jpg
ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/3/377FBCFMBGF/ 1022 B
1 KB 572ms
571ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/3/377FBCFMBGF/formalColorFull2x.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

5c7e2d5169aa436209c9825c7b8ede0d3f43f7b089f07186d8201a04c8feaeb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPYZXGXD19CH9YKABSVVR-ams
cache-control: max-age=7200
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 12:30:23 GMT
x-cache-key: 64x0/https://ac1.st8fm.com/associate-photos/3/377FBCFMBGF/formalColorFull2x.jpg--with-webp
content-length: 1022
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 formalColorFull2x.jpg
ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/M/MHHPFCFMYAL/ 1 KB
1 KB 658ms
658ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://ac1.st8fm.com/associate-photos/M/MHHPFCFMYAL/formalColorFull2x.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

41f3b1391237cf0734329e2ab6277d7706cbd2c7157cb98cf13c7069d9a47f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
x-region: ewr
cache-control: max-age=7200
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 12:30:23 GMT
x-cache-key: 64x0/https://ac1.st8fm.com/associate-photos/M/MHHPFCFMYAL/formalColorFull2x.jpg--with-webp
content-length: 1220
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
fly-request-id: 01KA8WPYZXCYAG7VXSBNQ43Y4A-ams
server: Fly/3807f396 (2025-11-11)
vary: Accept

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 57 KB
20 KB 161ms
160ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpine.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
etag: "325cb81db127575cff63b2c1e7498924"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20468
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
last-modified: Thu, 23 Oct 2025 18:30:38 GMT
vary: Accept-Encoding
fly-request-id: 01KA8WPYZXMWFQ5JKT0GCAA5TF-ams
x-guploader-uploadid: AAwnv3KQozMbn-9sUZI87DCNe9axayu866N8U057ZfSyB7WRiLQzhZjvLKaALId1WbHQRio-fCdVf-o
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpine.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244238683369
content-length: 20468
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 8 KB
4 KB 167ms
166ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/lazysizes.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
etag: "2fb010765186417da12346886fba3121"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3734
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
last-modified: Thu, 23 Oct 2025 18:30:39 GMT
vary: Accept-Encoding
fly-request-id: 01KA8WPYZXAK4JNMS4PJ27XW6S-ams
x-guploader-uploadid: AAwnv3LO4PosuV-W_mb2uzkfnz6lw3aAvuoRkYAcBHaDICQi6E2ooW9Ug7-F0VA3Uo-d5jdf9F7enVY
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/lazysizes.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244239633676
content-length: 3734
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 492 B
652 B 154ms
153ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/scrollToElement.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 70b5c38f9eca156b0266d9b4c691a39bd4e21382d97492b46569eb9925bf049c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=sC3xRQ==, md5=kz/bpJ38riGJgG3mYg+e3g==
etag: "933fdba49dfcae2189806de6620f9ede"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 321
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
vary: Accept-Encoding
fly-request-id: 01KA8WPYZXTGGSY7MQ4644XC7C-ams
last-modified: Thu, 23 Oct 2025 18:30:39 GMT
x-guploader-uploadid: AAwnv3J9JgrsmGs2LoT1Tnc63EzJPDMMjZxLaTobklF84cq2oXaCnytTqcaXOb1CVyNmvhyU
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/scrollToElement.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244239859917
content-length: 321
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 3 KB
2 KB 248ms
247ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/utils.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1392
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
last-modified: Thu, 23 Oct 2025 18:30:40 GMT
vary: Accept-Encoding
fly-request-id: 01KA8WPYZXTX016RH59A05TZDR-ams
x-guploader-uploadid: AAwnv3I2U_HJy6QfvcjXjwC9aEwjcU199K3BDp9xm3q35FtpWnH8W_M0IuwTcAfsx7OWsQJH
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/utils.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244240405213
content-length: 1392
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 122 B
476 B 170ms
169ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/svgIcon.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
etag: "9c19d54efaecc0a7511f297f8974b2fd"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 134
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
last-modified: Thu, 23 Oct 2025 18:30:40 GMT
vary: Accept-Encoding
fly-request-id: 01KA8WPZ0A8ZFHC351GXN0SNC4-ams
x-guploader-uploadid: AAwnv3KSn5YCsbkH2V-09jduqu7puRd0R8cQOpt7lA_04sqO8fW0EIm6dPbmJ8xpwroyvf5_
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/svgIcon.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244240090321
content-length: 134
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/ 101 KB
35 KB 203ms
203ms Script
application/javascript 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpineContactForm.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 6c24e819d616fbe48417a1e96d8fe5809ce804e30f0ff78ba41efd9ece4406cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=h5jFcg==, md5=DGkz/TV7ykDLopGHFq9EHw==
etag: "0c6933fd357bca40cba2918716af441f"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 35316
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: application/javascript
last-modified: Thu, 23 Oct 2025 18:30:38 GMT
vary: Accept-Encoding
fly-request-id: 01KA8WPYZXEXE55QTJF0ZZ5WG1-ams
x-guploader-uploadid: AAwnv3KyDXU6me_kKmGsMxkpuzv90GuGGGQbM_L-ZbjhGzWlngqhJOAIW0jztdZggIFP91gTkp_gf6s
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/js/alpineContactForm.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244238907645
content-length: 35316
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 32 KB
33 KB 129ms
129ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
etag: "5c321170479a815ab790c771bcc8f1d3"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32960
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:29:59 GMT
fly-request-id: 01KA8WPZ3S0B394NXZQ8JVP25M-ams
x-guploader-uploadid: AAwnv3KZSly7UzESKVbntYNH2KfzJilbJQeQ5rd5KBy12hC2SEkQFSkPr_Ii9VGVB4DhaIt9
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleLegal-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244199039046
content-length: 32960
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/ 32 KB
32 KB 224ms
224ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32844
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:30:00 GMT
fly-request-id: 01KA8WPZ5X122NKYXDWWGWTCXM-ams
x-guploader-uploadid: AAwnv3KhEdN4rv_eVEGpp3mZMZGfFmPhq41KENVGv61qb1WGemaHAOtzhZoBDWeliQ8Ryot95IjWGcA
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/sf/MecherleLegal-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244200009616
content-length: 32844
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 SourceSansPro-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/ 74 KB
74 KB 155ms
154ms Font
font/woff2 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/SourceSansPro-Regular.woff2
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Origin: https://www.savingwithvic.com
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=vjFVLQ==, md5=sL5ewjH5sQlgYXjUS+dEZQ==
etag: "b0be5ec231f9b109606178d44be74465"
x-goog-stored-content-encoding: identity
expires: Fri, 23 Oct 2026 18:46:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 75808
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: font/woff2
last-modified: Thu, 23 Oct 2025 18:29:58 GMT
fly-request-id: 01KA8WPZ7V710GV1ZFFFF9VEPP-ams
x-guploader-uploadid: AAwnv3K-F66bgFHbnAoBQ6SYVLC2LVFi13lnkc5Nkixk_Z_8WTLdvyLwl87m59V5rEGDGjZEctnEwXE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/fonts/SourceSansPro-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244198049962
content-length: 75808
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 112 KB
112 KB 135ms
135ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

2e78efd4260bbe63fcc436c23c8eeafe08c5942f746c7618abd8975ba5795a82

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPZ8781HVHMR930E50JSD-ams
cache-control: public, max-age=3600
via: 2 fly.io, 2 fly.io
expires: Mon, 17 Nov 2025 07:44:23 GMT
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg--with-webp
content-length: 114642
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg
ephemera.mirus.io/imgr/450x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 11 KB
12 KB 134ms
133ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/450x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

3e065c0e7d5ce16f340dc0c4a6a51aed9a8294e9fb1a5f420a432ed6da196882

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPZ8710ATTWN18D14BXPJ-ams
cache-control: max-age=31536000
via: 2 fly.io, 2 fly.io
expires: Mon, 28 Sep 2026 19:45:37 GMT
x-cache-key: 450x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_agent_avatar_20220108T191852Z_savingwithvic_com_k14wrsy3cf.jpeg--with-webp
content-length: 11720
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 1091ms
660ms Fetch
text/html 23.213.161.205
AKAMAI-ASN1 Akama...

General

Check archive.org

Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.161.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a23-213-161-205.deploy.static.akamaitechnologies.com

Software

Resource Hash

b9abf4164605be8eda696b99bd14261e6fb864be3d2c81446455bfdc12cdd17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=15768000
x-akamai-transformed: 0 - 0 -
alt-svc: h3=":443"; ma=93600
access-control-allow-origin: https://www.savingwithvic.com
akamai-cache-status: NotCacheable from child
date: Mon, 17 Nov 2025 12:30:24 GMT
content-type: text/html
x-frame-options: DENY

GET
H2 200 sidebar-md-767605d1821717d53368c38f27fda990.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/ 86 KB
86 KB 362ms
361ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/sidebar-md-767605d1821717d53368c38f27fda990.png

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

7fdc782fc386fb816ecadbf1c14a16160cc6cc0718e9d7b7c3d9611e205fac1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPZD1R6TNQG4RB2CHYS3F-ams
cache-control: public,max-age=31536000,immutable
via: 2 fly.io, 2 fly.io
expires: Fri, 02 Oct 2026 12:25:28 GMT
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/RT/RTS4TB6PXGF/sidebar-md-767605d1821717d53368c38f27fda990.png--with-webp
content-length: 88218
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 314-two-people-one-policy-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 18 KB
18 KB 310ms
310ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/314-two-people-one-policy-wide.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

c3a61042110fa949b099044b87a75ea87ab8292d9843f66869bcee3f44cdfe71

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPZEYQG4DB8FXZQK73T4C-ams
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 08:42:40 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/314-two-people-one-policy-wide.jpg--with-webp
content-length: 17994
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET
H2 200 189-5-simple-auto-maintenance-tasks-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 20 KB
21 KB 191ms
191ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/189-5-simple-auto-maintenance-tasks-wide.jpg

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

f84d2199566404190d1165da44f92a7705f3ad7af167445f1895cc5c022d7faa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01KA8WPZEY654CW8NX73HKQSW5-ams
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 12:06:52 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/189-5-simple-auto-maintenance-tasks-wide.jpg--with-webp
content-length: 20814
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:23 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/3807f396 (2025-11-11)
x-region: ewr

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 894ms
339ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://www.savingwithvic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://www.savingwithvic.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Mon, 17 Nov 2025 12:30:24 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
316 B 222ms
221ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

fa3ee596ec78a22946b9e31ab5101604ad6f2dbb58528f75c0075e7612a65de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

keen-sdk: javascript-5.0.1
Authorization: WK
Referer: https://www.savingwithvic.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-origin: https://www.savingwithvic.com
content-length: 66
date: Mon, 17 Nov 2025 12:30:25 GMT
content-type: application/json; charset=utf-8
vary: origin

GET
H2 200 icon.svg
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/img/ 2 KB
1 KB 129ms
129ms Other
image/svg+xml 137.66.27.45
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/img/icon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 137.66.27.45 , United States, ASN40509 (FLY, US),
Reverse DNS: ip-137-66-27-45.customer.flyio.net
Software: Fly/3807f396 (2025-11-11) /
Resource Hash: b7300c7fc3a07bc7b2385c67ed936ca2536d3e0d00556120b8f30f54b21caf55

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=pqaeIQ==, md5=Td/Su1K8i/uVsHAS3okA+Q==
etag: "4ddfd2bb52bc8bfb95b07012de8900f9"
x-goog-stored-content-encoding: gzip
expires: Fri, 23 Oct 2026 18:46:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 850
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:24 GMT
content-type: image/svg+xml
vary: Accept-Encoding
fly-request-id: 01KA8WPZTT2WNM0EE0H1PJXAWV-ams
last-modified: Thu, 23 Oct 2025 18:30:08 GMT
x-guploader-uploadid: AAwnv3L0L6wJ6pfg6QocjFByVjeRhhyPoKAXfcbEenC-2hSK84v7Fo55qSVcfyA2-VNDSDHau3fu8Zc
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io, 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/99098e983e3121743b05553865618eae02ea353c/img/icon.svg
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1761244208086972
content-length: 850
server: Fly/3807f396 (2025-11-11)
x-region: ewr

GET sfuid.js
deel-app-cf.dasdicgr.prod.c1.statefarm/ 0
0

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H3 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
29 KB 110ms
55ms Script
application/javascript 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: c6060766a7fa08b90335150638427af37e5354ec44738adbd8d49f1e5c131aa2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: Bc4KCkeWeucMdiI2VI.oZ7a0ZqVw9mFp
age: 2822688
etag: W/"bf8d24332c4c6179f0284717f691657d"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MNeTJ0DGLYWdHVtNrCHEC5RSDL-42YNPBOs-wPZTrc8r6o6qN_1bGQ==
date: Wed, 15 Oct 2025 20:25:37 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 15 Oct 2025 20:25:17 GMT
x-amz-replication-status: PENDING
cache-control: max-age=300
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698

1 KB
1 KB

150ms
150ms

XHR
application/json

54.216.35.139
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698

Protocol

Server

54.216.35.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-35-139.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ce0d5c2054f6b96587ccbe5a607d7de8be003cd6fa44d0d9885b10434a588b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v081-03314ffe4.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: yKRsKnoBR7g=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.savingwithvic.com
content-length: 618
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 12:30:25 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1763382624698
dcs: dcs-prod-irl1-2-v081-029f8149e.edge-irl1.demdex.com 1 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: TQKAsjCBR7Q=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.savingwithvic.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 12:30:24 GMT
vary: Origin

GET
H3 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 498 B
770 B 61ms
61ms Script
text/javascript 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Wed%20Oct%2015%2020:25:15%20GMT%202025&ClientID=603&PageID=https%3A%2F%2Fwww.savingwithvic.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3002464a15ad2fdc82db0149cd781f759c0b9fa7a311c9090673f55d3b8d87fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
expires: Mon, 17 Nov 2025 12:30:23 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 498
x-amz-cf-id: 3C3ZKDoE-C4AFzy6UbDyWyptMH6UYAeDyo-mlOSlV0V5jHjrxXkQzg==
date: Mon, 17 Nov 2025 12:30:24 GMT
content-type: text/javascript
vary: Origin
server: CloudFront
x-amz-cf-pop: FRA56-P7

GET
H3 200 7f14a8e4e7f1a9054ec4b4069d3b9131.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 156 KB
39 KB 55ms
54ms Script
application/javascript 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/7f14a8e4e7f1a9054ec4b4069d3b9131.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 9919367a042e368a43e5b121817f525f443d32d71f49b0a6e8dc612ddc4be699

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: A5I4c16pXbPUjRiy.cSunPwkTdWQJYZs
age: 2822688
etag: W/"a66b9dfaa9b89884470fe44f17900a0f"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 21zn412bYejdBfxkM6BenbkWmRAWGe4uiUdhhMAG9Bi0kv26YRzCQg==
date: Wed, 15 Oct 2025 20:25:37 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Wed, 15 Oct 2025 20:25:17 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 9407158b4c91ae0d0ce0b10b44496bd8.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 56ms
55ms Script
application/javascript 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/9407158b4c91ae0d0ce0b10b44496bd8.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 2def87815001230acf9501971cdd260f21b128bf8d74cec172c3f33f1ad6f7da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: ppHmHqLVXPNxKW9Wds69GRwUAxuPrfP5
age: 23310648
etag: W/"fd788feea716ab42fc98b8157fc840ea"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: PZZ7cF12GBX69qeiQTRZYud82pcJjBhiM2tF6iwCqfRz-_Q4oJUzXQ==
date: Thu, 20 Feb 2025 17:19:37 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 20 Feb 2025 17:18:14 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 a4760149464b35eca3467ba17fa16951.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 57ms
57ms Script
application/javascript 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/a4760149464b35eca3467ba17fa16951.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1af456a039c57f090dd06c5f1d58c3185f2adc7bd9a1433bae0183db40d2db94

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: V7tC5OI0KlhJi3HtHXLT45pLswEgv149
age: 23310648
etag: W/"eca1b6507f149e86f91de51354a491ae"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: n_SeqIcEouSqVyewRf0Hl6jP2TZOUNlbW0bPfi7Cut_1xZPnaGIkzw==
date: Thu, 20 Feb 2025 17:19:37 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding, Origin
last-modified: Thu, 20 Feb 2025 17:18:14 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
server: CloudFront
x-amz-server-side-encryption: AES256

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
218 B 54ms
54ms Image
text/plain 108.138.26.5
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27match%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F7f14a8e4e7f1a9054ec4b4069d3b9131.js%3FconditionId0%3D423109%3A229%3A267)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=4192576&did=710940&errorName=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

cache-control: no-cache, no-store
age: 18370
via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2H5DbI7jHGDYGBqA5Gpjm-CnFrkGoLdiC_TvFVi99b1idhS7Vw3NPg==
date: Mon, 17 Nov 2025 07:24:14 GMT
x-amz-cf-pop: FRA56-P7
server: CloudFront

GET
H2 200 417-kitchen-safety-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 16 KB
16 KB 134ms
134ms Image
image/webp 137.66.27.45
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/417-kitchen-safety-wide.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

137.66.27.45 , United States, ASN40509 (FLY, US),

Reverse DNS

ip-137-66-27-45.customer.flyio.net

Software

Fly/3807f396 (2025-11-11) /

Resource Hash

45d360d11c2ba855cac5cc2aa16dfc8eb5f3ee6acd6f8f0f7914c2697fb96db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
x-region: ewr
cache-control: max-age=14400, public
via: 2 fly.io, 2 fly.io
expires: Mon, 24 Nov 2025 10:35:32 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/417-kitchen-safety-wide.jpg--with-webp
content-length: 16382
x-instance: 683ddd7c4dd438
date: Mon, 17 Nov 2025 12:30:25 GMT
content-type: image/webp
content-disposition: inline
fly-request-id: 01KA8WQ0VC3PHDNSB61T2F34ED-ams
server: Fly/3807f396 (2025-11-11)
vary: Accept

GET
H2 200 dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 15A4 7 KB
3 KB 433ms
157ms Document
text/html 52.214.80.236
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.214.80.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-80-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.savingwithvic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 17 Nov 2025 12:30:25 GMT
dcs: dcs-prod-irl1-1-v081-0c9507a01.edge-irl1.demdex.com 12 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 6 Nov 2025 09:57:52 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: R837kvT3Q1M=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
468 B 489ms
166ms XHR
application/x-javascript 63.140.62.139
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=67009178395014286212149046218988866469&ts=1763382625220

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-139.data.adobedc.net

Software

jag /

Resource Hash

59c257e9a5718418a4e04da40fbd20be6ae533192d901063cee532df3de4bf6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.savingwithvic.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Mon, 17 Nov 2025 12:30:25 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=aRsVYQAAAGgBsAOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62788057427818773291589295600854597753
https://dpm.demdex.net/ibs:dpid=411&dpuuid=aRsVYQAAAGgBsAOV

42 B
717 B

73ms
73ms

Image
image/gif

54.216.35.139
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=aRsVYQAAAGgBsAOV

Protocol

Server

54.216.35.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-216-35-139.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v081-084c986e4.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 3ajWEvRhSko=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 12:30:25 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=aRsVYQAAAGgBsAOV
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Mon, 17 Nov 2025 12:30:25 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2

200

ibs:dpid=771&dpuuid=CAESEFOxO5B3L3Kpi83URPXPGhQ&google_cver=1
dpm.demdex.net/ Frame 15A4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjI3ODgwNTc0Mjc4MTg3NzMyOTE1ODkyOTU2MDA4NTQ1OTc3NTM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjI3ODgwNTc0Mjc4MTg3NzMyOTE1ODkyOTU2MDA4NTQ1OTc3NTM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFOxO5B3L3Kpi83URPXPGhQ&google_cver=1?gdpr=0&gdpr_consent=

42 B
717 B

74ms
74ms

Image
image/gif

52.214.80.236
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFOxO5B3L3Kpi83URPXPGhQ&google_cver=1?gdpr=0&gdpr_consent=

Protocol

Server

52.214.80.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-80-236.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v081-01b9382c8.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: deUTUbqLSTE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFOxO5B3L3Kpi83URPXPGhQ&google_cver=1?gdpr=0&gdpr_consent=
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 314
date: Mon, 17 Nov 2025 12:30:25 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2 200 s67385166061188
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
201 B 98ms
98ms Image
image/gif 63.140.62.139
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s67385166061188?AQB=1&ndh=1&pf=1&t=17%2F10%2F2025%2013%3A30%3A25%201%20-60&D=..&mid=67009178395014286212149046218988866469&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&g=https%3A%2F%2Fwww.savingwithvic.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=www.savingwithvic.com&events=event31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m%3A4hgx8b30tgf&h1=home%7Cagent-micro-m%7C4hgx8b30tgf&c4=sf%3Aagent-micro-m%3A4hgx8b30tgf&v6=www.savingwithvic.com&v8=590012&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fwww.savingwithvic.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=monday%7C7%3A30am&v50=11%2F17%2F2025&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F142.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.139 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-139.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3786835354484015104-4613592605994764883
x-content-type-options: nosniff
expires: Sun, 16 Nov 2025 12:30:25 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Mon, 17 Nov 2025 12:30:25 GMT
x-xss-protection: 1; mode=block
last-modified: Tue, 18 Nov 2025 12:30:25 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 15A4 70 B
149 B 528ms
212ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.savingwithvic.com&ttd_tpi=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/

Response headers

content-length: 70
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 903 KB
179 KB 258ms
126ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3838d36012f02a18886cd65b8cef1223c8944acff1cfaec34cd62fc0d77cbfcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 182437
x-xss-protection: 0
server: Google Tag Manager

GET

cms
ups.analytics.yahoo.com/ups/58782/ Frame 15A4
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=62788057427818773291589295600854597753&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=62788057427818773291589295600854597753&gdpr=0&gdpr_consent=

0
0

GET v2
usermatch.krxd.net/um/ Frame 15A4 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
131 KB 75ms
74ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1054996086&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

692a18ccc79ff9033194c940fdf10d2f27d09c80d525f69ebbd45a2875a5dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133641
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
131 KB 80ms
80ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16704690769&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

d5a62e52707e6c7031d79012fd5f4d904ab3df72acc13ed719d1640744dfbd10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133666
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 372 KB
130 KB 107ms
107ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-473928795&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

1eb5b3d2ba5e5cbf048962d4d179ee45dedecfdd6dbe0cf96bdea77822320a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 132813
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 381 KB
132 KB 96ms
96ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-863397898&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

96164fb97c29c70708947f135fbe10a246651cf5b7508f05771eed31b448544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 134920
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
131 KB 96ms
96ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10985678050&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

40a068c154a7bdd7e3cb4e6874ce76649b2e8188a0f783e57d79816e7d81a150

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133659
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 381 KB
132 KB 100ms
100ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-978444974&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

3b310fab55bbb17ee082745b7c861603644013c9835cd97822b6f7e29b6c9051

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 134916
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
116 KB 97ms
97ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4520290&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a20872cfeb2fe6a719ab6f3eed5fab0bf01a882c8227348513a56bcceaeabd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 118375
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 376 KB
131 KB 138ms
138ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1042761797&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

5b5b5e62c86b8ca5dde442683b111ec5a4d277b88ad06c3dddb9f41a30de89d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133712
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
116 KB 131ms
131ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11227412&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

a40c3b31d3900daa73ecb7112a128ce3e94d67a36aca7d779ab4524925671c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 118387
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
131 KB 128ms
128ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1026860104&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9623440c4e3814a4daca67fe0c28732598e875db4dba2e1ef1ab4296970a02d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133571
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 348 KB
124 KB 135ms
135ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11248472729&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c0b27951d9a299c7d1a93ba3b868f361e2162d90d21f4cff2a8368a01395cc2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 126833
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 347 KB
124 KB 143ms
143ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

f8ae90b0a62c41ea7077360307f73fce65ea766627c1216084d08907d350c975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 126559
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 375 KB
131 KB 133ms
133ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-897895752&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bd89516525c54c8a56052db30f7a159fc945fbf0149f0b7a5b8c6b827eddc405

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 133635
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 129ms
63ms Fetch
text/plain 142.250.181.228
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?frm=0&en=page_view&dl=https%3A%2F%2Fwww.savingwithvic.com%2F&scrsrc=www.googletagmanager.com&rnd=313215385.1763382626&dt=Insurance%20%26%20Financial%20Services%20Agent%20Vic%20Gulaty%20in%20Florida&auid=1972956942.1763382626&navt=n&npa=1&gtm=45He5bd0h2v849799669za200zd849799669xea&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=103116026~103200004~104527906~104528500~104684208~104684211~105322304~105391252~115583767~115616986~115938466~115938468~116217636~116217638&tft=1763382626231&tfd=4275&apve=1&apvf=f
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s56-in-f4.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 503 KB
163 KB 149ms
149ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

212b6784f7b9bd0c661ac70f84dac77a19790dc1ed6dfa28ccf8f252d26860bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Mon, 17 Nov 2025 12:30:26 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166963
date: Mon, 17 Nov 2025 12:30:26 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 328 KB
117 KB 163ms
163ms Script
application/javascript 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=4e5bd0h2

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bd2d8d00d211551aef7a78aabe731732bf8ed7cf87237be1d7c67b58079ad9f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: zstd
expires: Mon, 17 Nov 2025 12:30:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 17 Nov 2025 12:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 119837
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 320 KB
82 KB 56ms
56ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d999110ffaa2756c9bcd0d137cc41e4c24a9e467e68cd149cf755efe7c620ccf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: ;script-src 'nonce-2IsfRZlg' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self' https://.google-analytics.com .google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com https://.google-analytics.com;font-src 'self' data: blob: ;img-src 'self' data: blob: https://.google-analytics.com;media-src 'self' data: blob: ;child-src 'self' data: blob: ;frame-src 'self' data: blob: ;manifest-src 'self' data: blob: ;object-src 'self' data: blob: ;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: *;script-src 'nonce-2IsfRZlg' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=2332, tp=5, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: AgCtBwGd7j2lgum5d5iOrFUgkVJV8cm4Lf3wIH5qBzBgHBY5Qd2euj2yk3hvC2+7PAxN/HhKYy6l8l3iZwf/ug==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
content-length: 83549
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 26 KB
9 KB 264ms
114ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f429a694cdbb655ccef174178e9f24c6c4555d0c49d062599082e5c20b0402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

access-control-expose-headers: x-viewer-country
content-encoding: gzip
x-amz-version-id: pNR3rJbNqBA_LXQppAcOxkWwLeSyhKhf
etag: W/"9c4ca1e0df299242fb0e4fd1e34ed19e"
access-control-allow-methods: GET, HEAD, OPTIONS
x-cache: RefreshHit from cloudfront
x-viewer-country: PL
x-amz-cf-id: Z55MvCnklwLbr0quEZdvf1Gvfcn7dn09kSeWyjVH0S2DqgwnTIoyew==
date: Mon, 17 Nov 2025 08:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 22 Jul 2025 21:15:30 GMT
via: 1.1 edeee55acaf119bab76272bf57b28cc4.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P12, FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 57 KB
25 KB 251ms
145ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e650c54015bff0cca54c854d9306bc20b3a44a2e8c4ae1d904574bd5849e975d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 b5c68bf3bd42c5f55f3ac88e02cb7426.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 24656
x-amz-cf-id: N95JJsHN_tHBQqmViZfFI_pF427RsUkKht_PqPxnaGV5wpiebDJckg==
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: WAW51-P5
server: CloudFront
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 27 KB
9 KB 264ms
107ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b58eff75b313a310de3fa0e03ac51785bffec0fb85d684060784e5aa974cd246

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"c54301e653022f5d5afdcb2d39a68133"
Age: 28112
Connection: keep-alive
Via: 1.1 90af45dd727f0b43ee7edafc660daaee.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: jIchg3VrviZKIcJnAYeIxy6XX4ibJq42WM10IriPK8TqTyu6xrjeCg==
Date: Mon, 17 Nov 2025 04:41:55 GMT
Content-Type: application/javascript
Last-Modified: Sun, 16 Nov 2025 12:07:28 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 110 KB
36 KB 272ms
88ms Script
text/javascript 3.174.46.39
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.savingwithvic.com
URL: https://www.savingwithvic.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.174.46.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-174-46-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5018accc53a7c4253a1135fbe86c71f05b2d0a69f548f554650c95e507a929c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: 2x6Ro2BLr4z4wYvZ7rVS4Vb9FWxfxdPv
etag: W/"19bc67f42f8ef30058f69f00c89a49ae"
age: 1378
x-cache: Hit from cloudfront
x-amz-cf-id: w1dEt-nLRKT48sXLhhY52u1HTcLSkuapw3571klhF7702o7fo-3-HA==
date: Mon, 17 Nov 2025 12:07:29 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 17 Jul 2025 15:41:21 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=3600
via: 1.1 c882e22548530d40265eb261348d86d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html Show response
www.googletagmanager.com/static/service_worker/5ba0/ Frame CF73 3 KB
2 KB 227ms
86ms Document
text/html 142.250.185.104
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/5ba0/sw_iframe.html?origin=https%3A%2F%2Fwww.savingwithvic.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f8.1e100.net

Software

sffe /

Resource Hash

2ada301d803d8f4b2ba210c9c57091378255ed54b96e4236a9e2ce587a2a4035

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1486
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Nov 2025 12:30:26 GMT
expires: Tue, 17 Nov 2026 12:30:26 GMT
last-modified: Mon, 10 Nov 2025 09:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 528857779805042 Show response
connect.facebook.net/signals/config/ 115 KB
29 KB 2284ms
2284ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/528857779805042?v=2.9.241&r=stable&domain=www.savingwithvic.com&hme=5bd299cb4a477effb7bd992f8c033bfd3316c17b5e8e681c5c577860e1b0bfc7&ex_m=90%2C151%2C131%2C19%2C66%2C67%2C124%2C62%2C42%2C125%2C71%2C61%2C138%2C79%2C13%2C89%2C27%2C119%2C111%2C69%2C72%2C118%2C135%2C98%2C140%2C7%2C3%2C4%2C6%2C5%2C2%2C80%2C88%2C141%2C218%2C162%2C56%2C220%2C221%2C49%2C177%2C26%2C68%2C226%2C225%2C165%2C29%2C55%2C8%2C58%2C84%2C85%2C86%2C91%2C115%2C28%2C25%2C117%2C114%2C113%2C132%2C70%2C134%2C133%2C44%2C54%2C108%2C12%2C137%2C39%2C207%2C209%2C172%2C22%2C23%2C24%2C16%2C17%2C38%2C34%2C36%2C35%2C75%2C81%2C83%2C96%2C123%2C126%2C40%2C97%2C20%2C18%2C102%2C63%2C32%2C128%2C127%2C129%2C120%2C21%2C31%2C53%2C95%2C136%2C64%2C15%2C130%2C30%2C187%2C158%2C268%2C205%2C149%2C190%2C183%2C159%2C93%2C116%2C74%2C106%2C48%2C41%2C104%2C105%2C110%2C52%2C14%2C112%2C103%2C59%2C43%2C99%2C47%2C50%2C46%2C87%2C139%2C0%2C109%2C11%2C107%2C9%2C1%2C51%2C82%2C57%2C60%2C101%2C78%2C77%2C45%2C121%2C76%2C73%2C65%2C100%2C92%2C37%2C122%2C33%2C94%2C10%2C142

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7491bbec7701c004a3194adf7db028382b367d752a826d5b11c92880493d272a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;script-src 'nonce-0BqxYk36' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com ws://localhost: .cdninstagram.com;font-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;img-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;media-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;child-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;frame-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;manifest-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;object-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;worker-src 'self' data: blob: facebook.net .facebook.net facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 17 Nov 2025 12:30:28 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;script-src 'nonce-0BqxYk36' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self';style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: https://edge-chat.facebook.net https://edge-chat-latest.facebook.net wss://edge-chat-latest.facebook.net wss://edge-chat.facebook.net wss://edge-chat.socialplugin.facebook.net wss://edge-chat-latest.socialplugin.facebook.net https://edge-chat.socialplugin.facebook.net https://edge-chat-latest.socialplugin.facebook.net *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com;font-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;img-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;media-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;child-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;frame-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;manifest-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;object-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;worker-src 'self' data: blob: facebook.net *.facebook.net facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: GOOD; q=0.7, rtt=53, rtx=0, c=93, mss=1232, tbw=90940, tp=83, tpl=0, uplat=2230, ullat=0
pragma: public
x-fb-debug: wyLWg4a3JkjS2MUKmXVk4J62D4gaddij6ls6wDDr2f6xXuFQsMBXwli14IB95OZwyw9+fthessEeJ465QWIV0A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top, include-js-call-stacks-in-crash-reports
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 26 KB
0 0ms
0ms Fetch
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f429a694cdbb655ccef174178e9f24c6c4555d0c49d062599082e5c20b0402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

access-control-expose-headers: x-viewer-country
content-encoding: gzip
x-amz-version-id: pNR3rJbNqBA_LXQppAcOxkWwLeSyhKhf
etag: W/"9c4ca1e0df299242fb0e4fd1e34ed19e"
access-control-allow-methods: GET, HEAD, OPTIONS
x-cache: RefreshHit from cloudfront
x-viewer-country: PL
x-amz-cf-id: Z55MvCnklwLbr0quEZdvf1Gvfcn7dn09kSeWyjVH0S2DqgwnTIoyew==
date: Mon, 17 Nov 2025 08:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 22 Jul 2025 21:15:30 GMT
via: 1.1 edeee55acaf119bab76272bf57b28cc4.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P12, FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 26 KB
0 0ms
0ms Fetch
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f429a694cdbb655ccef174178e9f24c6c4555d0c49d062599082e5c20b0402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

access-control-expose-headers: x-viewer-country
content-encoding: gzip
x-amz-version-id: pNR3rJbNqBA_LXQppAcOxkWwLeSyhKhf
etag: W/"9c4ca1e0df299242fb0e4fd1e34ed19e"
access-control-allow-methods: GET, HEAD, OPTIONS
x-cache: RefreshHit from cloudfront
x-viewer-country: PL
x-amz-cf-id: Z55MvCnklwLbr0quEZdvf1Gvfcn7dn09kSeWyjVH0S2DqgwnTIoyew==
date: Mon, 17 Nov 2025 08:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 22 Jul 2025 21:15:30 GMT
via: 1.1 edeee55acaf119bab76272bf57b28cc4.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P12, FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1

200

iu3
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd
https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd&dcc=t

0
0

223ms
223ms

Fetch
text/html

52.95.126.160
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd&dcc=t
Protocol: HTTP/1.1
Server: 52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=PageView&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5d45b466-9734-4bb0-bbc0-3b97ef4079fd&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: F1N4ZYXK7Y4NFHASFQS3
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Mon, 17 Nov 2025 12:30:26 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 26 KB
0 1ms
1ms Fetch
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aat/amzn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 04f429a694cdbb655ccef174178e9f24c6c4555d0c49d062599082e5c20b0402

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

access-control-expose-headers: x-viewer-country
content-encoding: gzip
x-amz-version-id: pNR3rJbNqBA_LXQppAcOxkWwLeSyhKhf
etag: W/"9c4ca1e0df299242fb0e4fd1e34ed19e"
access-control-allow-methods: GET, HEAD, OPTIONS
x-cache: RefreshHit from cloudfront
x-viewer-country: PL
x-amz-cf-id: Z55MvCnklwLbr0quEZdvf1Gvfcn7dn09kSeWyjVH0S2DqgwnTIoyew==
date: Mon, 17 Nov 2025 08:03:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 22 Jul 2025 21:15:30 GMT
via: 1.1 edeee55acaf119bab76272bf57b28cc4.cloudfront.net (CloudFront), 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P12, FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1

200

iu3
aax-eu.amazon-adsystem.com/s/
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=...
https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=...

0
0

229ms
229ms

Fetch
text/html

52.95.126.160
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5f27cef0-8a9d-4b2c-9491-d18f20a3103b&dcc=t
Protocol: HTTP/1.1
Server: 52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

Redirect headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Location: https://aax-eu.amazon-adsystem.com/s/iu3?pid=1adb93dd-a1f7-467e-8eb4-83b9ab3ae08b&event=MicrositePageLoadsBT&value=sf%3Aus%3Aagent-micro-m%3A4hgx8b30tgf&gtmVersion=3.5&ts=1763382626672&eventSource=amzn.js&uuid=5f27cef0-8a9d-4b2c-9491-d18f20a3103b&dcc=t
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: DP8QM9282CSF5AQWX2YQ
Content-Length: 0
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Date: Mon, 17 Nov 2025 12:30:26 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

GET
H2 200 2f0ca4be-e310-4347-a688-421e70cfc0e5.json Show response
tr.snapchat.com/config/com/ 117 B
406 B 216ms
147ms Fetch
application/json 35.190.43.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/config/com/2f0ca4be-e310-4347-a688-421e70cfc0e5.json?v=3.52.1-2511142336

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e0ac588dab4e8e67a40b423634dbc7c33a02472535d15047646538cb2c2d2900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 89
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://www.savingwithvic.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 1F56 0
201 B 126ms
59ms Document
text/html 35.190.43.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=6b4f354c-9332-4438-bcfa-1d5f7b882ba1&u_sclid=5a940d59-07ff-4679-b315-9e7010737fea

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.savingwithvic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 17 Nov 2025 12:30:26 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
445 B 281ms
186ms Image
image/png 35.190.43.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&ev=PAGE_VIEW&intg=gtm&pids=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_c1=b3565a99-3cb0-4d70-9007-fc717c41dda2&cdid=%40-7a640e64-13da-4b85-b57b-1d6f754e2164&u_sclid=5a940d59-07ff-4679-b315-9e7010737fea&u_scsid=6b4f354c-9332-4438-bcfa-1d5f7b882ba1&gat=GTM-TLWQWQT%2CDC-11264551%2CG-3WRNTYXP84%2CAW-897895752%2CAW-11220053904%2CAW-11248472729%2CAW-1026860104%2CDC-11227412%2CAW-1042761797%2CDC-4520290%2CAW-978444974%2CAW-10985678050%2CAW-863397898%2CAW-473928795%2CAW-16704690769%2CAW-1054996086%2CGTM-TLWQWQT&bg=false&bt=1d53c387&d_bvs=&df=true&huah=true&m_dcl=1505&m_fcps=880&m_pi=1462&m_pl=2100&m_pv=2&m_rd=4728&m_sh=1200&m_sl=4681&m_sw=1600&pl=https%3A%2F%2Fwww.savingwithvic.com%2F&trackId=3a159345-3f8e-4c25-8103-bd108b07ca46&ts=1763382626685&v=3.52.1-2511142336

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 87
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
date: Mon, 17 Nov 2025 12:30:26 GMT
content-type: image/png
server: API Gateway

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/2724/2306363986/ 5 KB
1 KB 55ms
55ms Script
text/javascript 3.174.46.39
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/2724/2306363986/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.174.46.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-174-46-39.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7740775273d719fc1f2a9ae55a71a3f501cf862e26bcf344da5d6e42cc3e9c09

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://www.savingwithvic.com/

Response headers

content-encoding: br
x-amz-version-id: x3mwJpSNeV7bwRAgyvYVwxnvuF0Pil8L
etag: W/"256a5cb68918d59c80d2cd8411be2f38"
age: 250
x-cache: Hit from cloudfront
x-amz-cf-id: d5i1UWPD0VwK4LWOvhrsQ9d0JbA2QgkYy8z_lEmnvvm7D6jmMlQIPQ==
date: Mon, 17 Nov 2025 12:26:33 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Tue, 01 Apr 2025 17:06:42 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 c882e22548530d40265eb261348d86d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P12
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2

200

cei Show response
match.adsrvr.org/track/ Frame 95D4
Redirect Chain

https://insight.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https://www.savingwithvic.com/
https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1

385 B
369 B

358ms
358ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 794966f3f58a1394a1f4874f1082f1f48ba519a90771d4cf321831d4c10f67ed

Request headers

Referer: https://www.savingwithvic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 17 Nov 2025 12:30:27 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
content-type: text/html
date: Mon, 17 Nov 2025 12:30:26 GMT
location: https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
server: Kestrel

GET
H2

200

cei Show response
match.adsrvr.org/track/ Frame 2755
Redirect Chain

https://insight.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https://www.savingwithvic.com/
https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1

385 B
369 B

259ms
258ms

Document
text/html

35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 794966f3f58a1394a1f4874f1082f1f48ba519a90771d4cf321831d4c10f67ed

Request headers

Referer: https://www.savingwithvic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 17 Nov 2025 12:30:27 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
content-type: text/html
date: Mon, 17 Nov 2025 12:30:26 GMT
location: https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
server: Kestrel

POST
H2 200 p
tr6.snapchat.com/ 0
47 B 62ms
55ms Ping
text/plain 35.190.43.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.savingwithvic.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 12:30:27 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

GET
H/1.1 200
OK universal_pixel.js Show response
js.adsrvr.org/ Frame 2755 422 B
935 B 258ms
124ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/cei?advertiser_id=ijc4snf&cookie_sync=1&upv=3.0.0&upid=9nilek2&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://match.adsrvr.org/

Response headers

ETag: "4e7de5ca0248ffa6216174e643f3112d"
Age: 28113
Connection: keep-alive
Via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 422
X-Amz-Cf-Id: JQ_X_XuBq5wywhh06sUUF0Pz1aq6SKzzIqgtTtkk6NFc3H8AX6AxmQ==
Date: Mon, 17 Nov 2025 04:41:55 GMT
Content-Type: application/javascript
Last-Modified: Sun, 16 Nov 2025 12:07:29 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P8
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK universal_pixel.js Show response
js.adsrvr.org/ Frame 95D4 422 B
442 B 244ms
53ms Script
application/javascript 18.172.114.101
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.js
Requested by: Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/cei?advertiser_id=3davbp4&cookie_sync=1&upv=3.0.0&upid=t8xbszz&ref=https%3a%2f%2fwww.savingwithvic.com%2f&redirect=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.114.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-114-101.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Referer: https://match.adsrvr.org/

Response headers

ETag: "4e7de5ca0248ffa6216174e643f3112d"
Age: 28113
Via: 1.1 df64c46f895e81567061da0488368914.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 422
X-Amz-Cf-Id: I08pc-mrITMuwbCYg7P5lyKfO6dgx_4KYD_dPgoi2-p0vGGG815O4Q==
Date: Mon, 17 Nov 2025 04:41:55 GMT
Last-Modified: Sun, 16 Nov 2025 12:07:29 GMT
X-Amz-Cf-Pop: FRA60-P8
Server: AmazonS3
Content-Type: application/javascript
x-amz-server-side-encryption: AES256

POST
H2 200 p
tr.snapchat.com/ 0
96 B 72ms
68ms Ping
text/plain 35.190.43.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.savingwithvic.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 3
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://www.savingwithvic.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 17 Nov 2025 12:30:27 GMT
server: API Gateway

POST
H2 200 realtimeconversion Show response
insight.adsrvr.org/track/ 36 B
354 B 673ms
340ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740

Request headers

Referer: https://www.savingwithvic.com/
eventDataSourceVersion: 3.0.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-type: application/json
eventDataSource: JsSdk

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.savingwithvic.com
date: Mon, 17 Nov 2025 12:30:28 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

POST
H2 200 realtimeconversion Show response
insight.adsrvr.org/track/ 36 B
355 B 673ms
341ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740

Request headers

Referer: https://www.savingwithvic.com/
eventDataSourceVersion: 3.0.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Content-type: application/json
eventDataSource: JsSdk

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.savingwithvic.com
date: Mon, 17 Nov 2025 12:30:28 GMT
content-type: application/json
vary: Accept-Encoding
server: Kestrel
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, x-integration-type

OPTIONS
H2 200 realtimeconversion
insight.adsrvr.org/track/ Frame 0
0 648ms
332ms Preflight
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,eventdatasource,eventdatasourceversion
Access-Control-Request-Method: POST
Origin: https://www.savingwithvic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, ttdSignature, eventDataSource, eventDataSourceVersion
access-control-allow-origin: https://www.savingwithvic.com
content-encoding: gzip
content-type: application/json
date: Mon, 17 Nov 2025 12:30:28 GMT
server: Kestrel
vary: Accept-Encoding

OPTIONS
H2 200 realtimeconversion
insight.adsrvr.org/track/ Frame 0
0 650ms
335ms Preflight
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/realtimeconversion
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,eventdatasource,eventdatasourceversion
Access-Control-Request-Method: POST
Origin: https://www.savingwithvic.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept, ttdSignature, eventDataSource, eventDataSourceVersion
access-control-allow-origin: https://www.savingwithvic.com
content-encoding: gzip
content-type: application/json
date: Mon, 17 Nov 2025 12:30:28 GMT
server: Kestrel
vary: Accept-Encoding

GET 1936962093151750
connect.facebook.net/signals/config/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deel-app-cf.dasdicgr.prod.c1.statefarm
URL: https://deel-app-cf.dasdicgr.prod.c1.statefarm/sfuid.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: ups.analytics.yahoo.com
URL: https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=62788057427818773291589295600854597753&gdpr=0&gdpr_consent=

Domain: usermatch.krxd.net
URL: https://usermatch.krxd.net/um/v2?partner=adobe&id=62788057427818773291589295600854597753

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1936962093151750?v=2.9.241&r=stable&domain=www.savingwithvic.com&hme=5bd299cb4a477effb7bd992f8c033bfd3316c17b5e8e681c5c577860e1b0bfc7&ex_m=90%2C151%2C131%2C19%2C66%2C67%2C124%2C62%2C42%2C125%2C71%2C61%2C138%2C79%2C13%2C89%2C27%2C119%2C111%2C69%2C72%2C118%2C135%2C98%2C140%2C7%2C3%2C4%2C6%2C5%2C2%2C80%2C88%2C141%2C218%2C162%2C56%2C220%2C221%2C49%2C177%2C26%2C68%2C226%2C225%2C165%2C29%2C55%2C8%2C58%2C84%2C85%2C86%2C91%2C115%2C28%2C25%2C117%2C114%2C113%2C132%2C70%2C134%2C133%2C44%2C54%2C108%2C12%2C137%2C39%2C207%2C209%2C172%2C22%2C23%2C24%2C16%2C17%2C38%2C34%2C36%2C35%2C75%2C81%2C83%2C96%2C123%2C126%2C40%2C97%2C20%2C18%2C102%2C63%2C32%2C128%2C127%2C129%2C120%2C21%2C31%2C53%2C95%2C136%2C64%2C15%2C130%2C30%2C187%2C158%2C268%2C205%2C149%2C190%2C183%2C159%2C93%2C116%2C74%2C106%2C48%2C41%2C104%2C105%2C110%2C52%2C14%2C112%2C103%2C59%2C43%2C99%2C47%2C50%2C46%2C87%2C139%2C0%2C109%2C11%2C107%2C9%2C1%2C51%2C82%2C57%2C60%2C101%2C78%2C77%2C45%2C121%2C76%2C73%2C65%2C100%2C92%2C37%2C122%2C33%2C94%2C10%2C142%2C213%2C203%2C227%2C229%2C270%2C206%2C223%2C152%2C197%2C179%2C160%2C267%2C146%2C180%2C210%2C200%2C148%2C168%2C153%2C185%2C199%2C246%2C145%2C195

Verdicts & Comments Add Verdict or Comment

81 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 09:51:09	Name: X-AB Value: 719f5271326248a88137a4db0829fa53
www.savingwithvic.com/	1970-01-21 09:51:09	Name: __cheesecrd_version Value: master
.savingwithvic.com/	1970-01-21 09:49:44	Name: s_gad Value: 1
.demdex.net/	1970-01-21 14:08:54	Name: demdex Value: 62788057427818773291589295600854597753
.savingwithvic.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.dpm.demdex.net/	1970-01-21 14:08:54	Name: dpm Value: 62788057427818773291589295600854597753
.statefarm.com/	1970-01-21 19:25:42	Name: s_ecid Value: MCMID%7C67009178395014286212149046218988866469
.savingwithvic.com/	1970-01-21 19:25:42	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20410%7CMCMID%7C67009178395014286212149046218988866469%7CMCAAMLH-1763987425%7C6%7CMCAAMB-1763987425%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1763389825s%7CNONE%7CMCSYNCSOP%7C411-20417%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.savingwithvic.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fwww.savingwithvic.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3D4HGX8B30TGF%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m%3A4HGX8B30TGF%7C
.savingwithvic.com/	1970-01-21 09:49:44	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3A4HGX8B30TGF
.savingwithvic.com/	1970-01-21 09:49:44	Name: s_pre_v6 Value: www.savingwithvic.com
.savingwithvic.com/	1970-01-21 09:49:44	Name: s_dl Value: 1
.savingwithvic.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.savingwithvic.com/	1970-01-21 19:25:42	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271763382625714%27%5D%5D
.savingwithvic.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-21 19:11:18	Name: IDE Value: AHWqTUktu266g6y4M0KvAk1cnbXstupwXVzS_sOBynvGD6_oht4pVq8MYsHeCWgT2m4
.demdex.net/	1970-01-21 14:08:54	Name: dextp Value: 771-1-1763382625661\|903-1-1763382625769\|30646-1-1763382625869\|66757-1-1763382625970
.savingwithvic.com/	1970-01-21 11:59:18	Name: _gcl_au Value: 1.1.1972956942.1763382626
.savingwithvic.com/	1970-01-21 19:18:30	Name: _scid Value: wJ2zVlqZPLB4cFIH_HF8Qd2if9j4kgho
.savingwithvic.com/	1970-01-21 19:18:30	Name: _scid_r Value: wJ2zVlqZPLB4cFIH_HF8Qd2if9j4kgho
.savingwithvic.com/	1970-01-21 19:25:42	Name: invoca_session Value: %7B%22ttl%22%3A%222025-12-17T12%3A30%3A26.749Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%2C%22rn%22%3Atrue%7D%7D
.savingwithvic.com/	1970-01-21 09:59:47	Name: _ScCbts Value: %5B%5D
.snapchat.com/	1970-01-21 19:11:18	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIoJSq4+jnnYLhvWNlFUS7Hse4FmxfliVGfvip6dEdQ5kTgtof1vPHOjIAAAA=
.amazon-adsystem.com/	1970-01-21 19:25:42	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-21 15:15:09	Name: ad-id Value: AwzXQKJK2km3kZlfQR7R1u4

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.savingwithvic.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://www.savingwithvic.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.savingwithvic.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://www.savingwithvic.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://usermatch.krxd.net/um/v2?partner=adobe&id=62788057427818773291589295600854597753 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.savingwithvic.com/ Message: The resource https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.savingwithvic.com/ Message: The resource https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/4HGX8B30TGF_office_banner_20230728220958Z_savingwithvic_com_ciazyhfaji.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
c.amazon-adsystem.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
deel-app-cf.dasdicgr.prod.c1.statefarm
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
insight.adsrvr.org
invocation.deel.c1.statefarm
js.adsrvr.org
match.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
sc-static.net
smetrics.statefarm.com
solutions.invocacdn.com
statefarmmutualautomobileinsurancecompany.demdex.net
tr.snapchat.com
tr6.snapchat.com
ups.analytics.yahoo.com
usermatch.krxd.net
www.google.com
www.googletagmanager.com
www.savingwithvic.com
connect.facebook.net
deel-app-cf.dasdicgr.prod.c1.statefarm
deel-id-persistence.deel.c1.statefarm
ups.analytics.yahoo.com
usermatch.krxd.net
104.198.70.133
108.138.26.5
108.138.3.93
137.66.27.45
142.250.181.228
142.250.185.104
142.250.186.130
157.240.0.6
18.172.114.101
23.213.161.205
3.163.248.4
3.174.46.39
34.69.219.172
35.190.43.134
35.71.131.137
52.17.84.36
52.214.80.236
52.95.126.160
54.162.147.28
54.216.35.139
63.140.62.139
04f429a694cdbb655ccef174178e9f24c6c4555d0c49d062599082e5c20b0402
15a3dc247a9802298e21568c4d7d501a6236c246e9a2257177799a5400844740
18c8611be8019a044920afef9593d9647ba60b105bba331f5fb7663abf96e57d
1af456a039c57f090dd06c5f1d58c3185f2adc7bd9a1433bae0183db40d2db94
1eb5b3d2ba5e5cbf048962d4d179ee45dedecfdd6dbe0cf96bdea77822320a12
1f5ce50cd7688e447af72f8db424565be5d1f821ea4343daf115981a2235e147
212b6784f7b9bd0c661ac70f84dac77a19790dc1ed6dfa28ccf8f252d26860bd
2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ada301d803d8f4b2ba210c9c57091378255ed54b96e4236a9e2ce587a2a4035
2ddb03283ffbc7c8d859dd8f2c0233dc24b8695e96c8cec706175e95799a2f5d
2def87815001230acf9501971cdd260f21b128bf8d74cec172c3f33f1ad6f7da
2e78efd4260bbe63fcc436c23c8eeafe08c5942f746c7618abd8975ba5795a82
3002464a15ad2fdc82db0149cd781f759c0b9fa7a311c9090673f55d3b8d87fd
3072cf9bb11bec1109e22649e973c31b507ab8e2823c4f54626e4f28ee285dbe
3838d36012f02a18886cd65b8cef1223c8944acff1cfaec34cd62fc0d77cbfcf
3b310fab55bbb17ee082745b7c861603644013c9835cd97822b6f7e29b6c9051
3e065c0e7d5ce16f340dc0c4a6a51aed9a8294e9fb1a5f420a432ed6da196882
40a068c154a7bdd7e3cb4e6874ce76649b2e8188a0f783e57d79816e7d81a150
41f3b1391237cf0734329e2ab6277d7706cbd2c7157cb98cf13c7069d9a47f45
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
45d360d11c2ba855cac5cc2aa16dfc8eb5f3ee6acd6f8f0f7914c2697fb96db6
5018accc53a7c4253a1135fbe86c71f05b2d0a69f548f554650c95e507a929c6
53b8e8150f026b07be89a6183d1da76d3445ec8f159bcb1ba1e910b7b3b5df24
57fa8843e179e8a237c7b74c66e3b6d18c652d48c2d5901c1b70b4d7eb12b39d
59c257e9a5718418a4e04da40fbd20be6ae533192d901063cee532df3de4bf6a
59e5971e3b605b0123e77df9311ec2bdf953ec39e1d4761af6e20a09825aac36
5b5b5e62c86b8ca5dde442683b111ec5a4d277b88ad06c3dddb9f41a30de89d3
5c1acc3ac444d78641286a62fede656fbccb927dda7e4197181879ddcac9957d
5c7e2d5169aa436209c9825c7b8ede0d3f43f7b089f07186d8201a04c8feaeb2
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5e5489d060c9f3ac5af5c2f1a96a9662b4dc249d64c5c3bb34936dee0c2eee5d
692a18ccc79ff9033194c940fdf10d2f27d09c80d525f69ebbd45a2875a5dced
6b5aa192e86c0c10b21394bb3d25332ec686b5cd4080a8d2f1ddb9b64a64abf4
6c24e819d616fbe48417a1e96d8fe5809ce804e30f0ff78ba41efd9ece4406cd
70b5c38f9eca156b0266d9b4c691a39bd4e21382d97492b46569eb9925bf049c
7491bbec7701c004a3194adf7db028382b367d752a826d5b11c92880493d272a
7740775273d719fc1f2a9ae55a71a3f501cf862e26bcf344da5d6e42cc3e9c09
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
794966f3f58a1394a1f4874f1082f1f48ba519a90771d4cf321831d4c10f67ed
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fdc782fc386fb816ecadbf1c14a16160cc6cc0718e9d7b7c3d9611e205fac1c
8733489260b0af5ab5ee4d0cbc9ef5a1c8220387b238b6e44b697505f3c364d1
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8d1bc38a0bde02d8cf5afbdfda1da39efcc5f4a425edffb49c01a5bd959d7726
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96164fb97c29c70708947f135fbe10a246651cf5b7508f05771eed31b448544d
9623440c4e3814a4daca67fe0c28732598e875db4dba2e1ef1ab4296970a02d5
9919367a042e368a43e5b121817f525f443d32d71f49b0a6e8dc612ddc4be699
9c777b7c2ece099cc3c793a386a094ea22a85acc15f2ad6427454ae68cdfa021
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a20872cfeb2fe6a719ab6f3eed5fab0bf01a882c8227348513a56bcceaeabd09
a40c3b31d3900daa73ecb7112a128ce3e94d67a36aca7d779ab4524925671c59
a55d2ba612e1797fd5eb6d6588292b7c8f5fffd298fdad07c30d5c7668ce147e
b58eff75b313a310de3fa0e03ac51785bffec0fb85d684060784e5aa974cd246
b7300c7fc3a07bc7b2385c67ed936ca2536d3e0d00556120b8f30f54b21caf55
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
b9abf4164605be8eda696b99bd14261e6fb864be3d2c81446455bfdc12cdd17c
bd2d8d00d211551aef7a78aabe731732bf8ed7cf87237be1d7c67b58079ad9f5
bd89516525c54c8a56052db30f7a159fc945fbf0149f0b7a5b8c6b827eddc405
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c0b27951d9a299c7d1a93ba3b868f361e2162d90d21f4cff2a8368a01395cc2a
c3a61042110fa949b099044b87a75ea87ab8292d9843f66869bcee3f44cdfe71
c6060766a7fa08b90335150638427af37e5354ec44738adbd8d49f1e5c131aa2
c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
ce0d5c2054f6b96587ccbe5a607d7de8be003cd6fa44d0d9885b10434a588b37
ce4fada933ea0f6745302d60bc91c0cc8cc08216a2361e77962db6b75ffe2ab4
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d5a62e52707e6c7031d79012fd5f4d904ab3df72acc13ed719d1640744dfbd10
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
d999110ffaa2756c9bcd0d137cc41e4c24a9e467e68cd149cf755efe7c620ccf
e0ac588dab4e8e67a40b423634dbc7c33a02472535d15047646538cb2c2d2900
e16d98fd1102cb7360db351ea75ca5d6a9777f5ddcade30a43f0730e101e6d42
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e650c54015bff0cca54c854d9306bc20b3a44a2e8c4ae1d904574bd5849e975d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09
f84d2199566404190d1165da44f92a7705f3ad7af167445f1895cc5c022d7faa
f8ae90b0a62c41ea7077360307f73fce65ea766627c1216084d08907d350c975
fa3ee596ec78a22946b9e31ab5101604ad6f2dbb58528f75c0075e7612a65de2

www.savingwithvic.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

89 %HTTPS

0 %IPv6

18 Domains

27 Subdomains

20 IPs

4 Countries

3487 kBTransfer

9620 kBSize

25 Cookies

29 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.savingwithvic.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

89 %
HTTPS

0 %
IPv6

18
Domains

27
Subdomains

20
IPs

4
Countries

3487 kB
Transfer

9620 kB
Size

25
Cookies

104 HTTP transactions
0 data transactions