billpowersagency.com Open in urlscan Pro
45.33.12.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://billpowersagency.com/
Submission: On April 10 via automatic, source certstream-suspicious (April 10th 2022, 5:08:52 am UTC) — Scanned from DE

Summary HTTP 57 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 18 domains to perform 57 HTTP transactions. The main IP is 45.33.12.50, located in Richardson, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is billpowersagency.com.
TLS certificate: Issued by R3 on April 1st 2022. Valid for: 3 months.

This is the only time billpowersagency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	45.33.12.50 45.33.12.50	63949 (LINODE-AP...) (LINODE-AP Linode)
11	18.66.248.22 18.66.248.22	16509 (AMAZON-02) (AMAZON-02)
15	2a09:8280:1::1ce 2a09:8280:1::1ce	40509 (FLY) (FLY)
1	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
2	35.202.0.144 35.202.0.144	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 7	34.243.37.47 34.243.37.47	16509 (AMAZON-02) (AMAZON-02)
3	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
1	52.16.141.213 52.16.141.213	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	52.51.88.158 52.51.88.158	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1 1	3.211.130.57 3.211.130.57	14618 (AMAZON-AES) (AMAZON-AES)
1	52.215.247.247 52.215.247.247	16509 (AMAZON-02) (AMAZON-02)
1	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
57	17

2 45.33.12.50 (Richardson, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: plinko0.mirus.io

billpowersagency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.248.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-22.dus51.r.cloudfront.net

mysf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a09:8280:1::1ce (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.0.144 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 144.0.202.35.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.243.37.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.141.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-141-213.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.88.158 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-88-158.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.211.130.57 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-130-57.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.247.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-247-247.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 106469 peachy.prod.mirus.io — Cisco Umbrella Rank: 93142	1 MB
11	mysf.io mysf.io — Cisco Umbrella Rank: 107060	755 KB
8	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 216 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 5486	10 KB
4	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 355 js.adsrvr.org — Cisco Umbrella Rank: 1607 insight.adsrvr.org — Cisco Umbrella Rank: 642	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	198 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	11 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2747	48 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1217 beacon.krxd.net — Cisco Umbrella Rank: 440	529 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 211	711 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 327	804 B
2	statefarm.com smetrics.statefarm.com — Cisco Umbrella Rank: 40951	2 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 92	51 KB
2	billpowersagency.com billpowersagency.com	83 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	62 KB
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 883	676 B
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 589	6 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1009	517 B
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 9176	27 KB
57	18

	Domain	Requested by
15	ephemera.mirus.io	billpowersagency.com mysf.io
11	mysf.io	billpowersagency.com
7	dpm.demdex.net	1 redirects billpowersagency.com
4	connect.facebook.net	mysf.io connect.facebook.net billpowersagency.com
3	www.facebook.com	connect.facebook.net
3	nexus.ensighten.com	billpowersagency.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	smetrics.statefarm.com	mysf.io billpowersagency.com
2	www.youtube.com	mysf.io www.youtube.com
2	peachy.prod.mirus.io	mysf.io
2	billpowersagency.com	billpowersagency.com
1	insight.adsrvr.org	js.adsrvr.org
1	js.adsrvr.org	www.googletagmanager.com
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	www.googletagmanager.com	billpowersagency.com
1	cms.analytics.yahoo.com	1 redirects
1	static.xx.fbcdn.net	www.facebook.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	billpowersagency.com
1	static1.st8fm.com	billpowersagency.com
57	23

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.yelp.com
goo.gl
brokercheck.finra.org
www.google.com
apps.statefarm.com
financials.statefarm.com
www.youtube.com
static1.st8fm.com
americanpetinsurance.com
itunes.apple.com
play.google.com
es.statefarm.com

Subject Issuer	Validity	Valid
billpowersagency.com R3	`2022-04-01` - `2022-06-30`	3 months	crt.sh
mysf.io Amazon	`2022-04-07` - `2023-05-06`	a year	crt.sh
ephemera.mirus.io R3	`2022-04-02` - `2022-07-01`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2022-03-07` - `2023-01-19`	10 months	crt.sh
peachy.prod.mirus.io R3	`2022-02-19` - `2022-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-17` - `2022-04-17`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2022-01-25` - `2023-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://billpowersagency.com/
Frame ID: 09A1D651C06187BB2CF8AC6255AC1FBA
Requests: 50 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: EB5E3F7A6F509301ACEA446B932C64B2
Requests: 6 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ac19fde0fc618%26domain%3Dbillpowersagency.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbillpowersagency.com%252Ff111a8f45bcfb1c%26relation%3Dparent.parent&container_width=312&height=662&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F205120722855301&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Frame ID: 04271B42001EC3C999168BC824D70174
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fbillpowersagency.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 54DB6EC13E90D600CDA1A932A9FC6A7C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 30F9AB650939144520D5E74FA60536F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home, Auto Insurance & More in VA | Bill Powers – State Farm®

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

57
Requests

88 %
HTTPS

24 %
IPv6

18
Domains

23
Subdomains

17
IPs

4
Countries

2768 kB
Transfer

4451 kB
Size

30
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/?agentAssociateId=NQHP11YS000
Title: StateFarm

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-interceptor/login?agentAssociateId=NQHP11YS000
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/205120722855301

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/george-powers-88391763

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bill.powersstatefarmagent_/

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/bill-powers-state-farm-insurance-agent-front-royal-2

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/fXgaPUrsREahUjp19

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=38.920879%2C-78.193504&query_place_id=ChIJc1wPCdHFtYkRw3ZCNu7W1Ek
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/lite-auth/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote?agentAssociateId=NQHP11YS000
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/auto/resources/auto-insurance-checklist?agentAssociateId=NQHP11YS000
Title: Items needed for a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims?agentAssociateId=NQHP11YS000
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do?agentAssociateId=NQHP11YS000
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/small-business/natural-disaster-planning-for-your-business?agentAssociateId=NQHP11YS000
Title: Disaster preparedness for your businessCreate a business disaster plan to protect your employees, secure assets and resume operations. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/teen-driving-and-texts?agentAssociateId=NQHP11YS000
Title: Teen driving and textsTexting while driving can be more dangerous than drunk driving, but teenagers still haven’t gotten the message. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/residence/must-have-tools-for-every-homeowner?agentAssociateId=NQHP11YS000
Title: Basic hand tools every homeowner or renter should ownHaving a basic tool set with these must have hand tools can help you be prepared for nearly everything. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/?agentAssociateId=NQHP11YS000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LnV6hCzKxck
Title: Play

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=biJM1VH8Sdg
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/TheDunkStateFarmCommercialfeaturingChrisPaul.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=lxVPoBSPRIA
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/BlackVoices.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=WkyUDTlOTKM
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/SharpDressedMan.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: http://www.statefarm.com/IPS/prospectus/
Title: prospectus page

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: http://americanpetinsurance.com/
Title: AmericanPetInsurance.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/pet
Title: Pet Insurance From State Farm® and Trupanion®

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads?agentAssociateId=NQHP11YS000
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security?agentAssociateId=NQHP11YS000
Title: Security

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement?agentAssociateId=NQHP11YS000
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy?agentAssociateId=NQHP11YS000
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use?agentAssociateId=NQHP11YS000
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights?agentAssociateId=NQHP11YS000
Title: Privacy Rights in Your State

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/agent/us/va/front-royal/bill-powers-nqhp11ys000
Title: Cambiar al Español

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: click here

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/atencion-al-cliente/privacidad-seguridad/privacidad/derechos-de-privacidad-del-estado
Title: clic aquí

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738

Request Chain 42

https://cm.everesttech.net/cm/dd?d_uuid=87312993543283181260611889680261747830 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlJmXwAAAFlIDwQp

Request Chain 45

https://idsync.rlcdn.com/365868.gif?partner_uid=87312993543283181260611889680261747830 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzAQABoNCN_MyZIGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=edba790abb50508e5cc13644dd9552c9ab01a43dccd0c9dcaaefc6d5e0e80aa1b0da87c991749652

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECPy20l6zUrEewgcn39FlQE&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 47

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c986fb1-a221-48bd-87e6-37469e114574

Request Chain 49

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=87312993543283181260611889680261747830&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UNOSHQxE2pFbhiOI.LFi54fSheQcZq9DxpY-~A

Request Chain 51

https://usermatch.krxd.net/um/v2?partner=adobe&id=87312993543283181260611889680261747830 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87312993543283181260611889680261747830

57 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
billpowersagency.com/ 304 KB
59 KB 872ms
287ms Document
text/html 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://billpowersagency.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

Resource Hash

9711c07cf4256d9e3114811bec41cea7991c70fedc1613ba5946219683cdee21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=utf-8
Date: Sun, 10 Apr 2022 05:08:46 GMT
Transfer-Encoding: chunked
X-Frame-Options: SAMEORIGIN
cache-control: no-cache
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
vary: origin,accept-encoding
x-backend-hostname: nakala-lin-dfw-01.mirus.io
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 chunk-vendors.dad68769.js Show response
mysf.io/m1/app/dist/master/115abc5/js/ 517 KB
169 KB 68ms
10ms Script
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c80efa38bce267d14224d197ee2308e914eb267537e9986346c7a480c4ccf52d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"d96a3211d755e1aae8006d46dacee7f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: hBGBd_En-cuIi9TSrb3hHCEHfIdrwcyUTBcIYkyZGvlylvVqp82D0A==
expires: Thu, 06 Apr 2023 15:21:38 GMT

GET
H2 200 main.6d668d19.js Show response
mysf.io/m1/app/dist/master/115abc5/js/ 137 KB
32 KB 91ms
32ms Script
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/main.6d668d19.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b99b3753d3b4a66a2efb584aceb6c87e2427fb092ae772584beabb8da1efd8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"d2cdd4d7c1af5d8c3f6fe0108b3591f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: DuxRHg1dk_Nt9_JVIcOP8I5aA2QWpwJM5KzvH6g4B4B2AD2N03ho-w==
expires: Thu, 06 Apr 2023 15:21:38 GMT

GET
H2 200 HomeView.dcb15707.js Show response
mysf.io/m1/app/dist/master/115abc5/js/ 263 KB
69 KB 95ms
37ms Script
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/HomeView.dcb15707.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2040ad8180c3791e597e3e119c27981715b75b26fd90ca4c8c1e663b3cc03d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"e9281f1c1c4b6d33e70825322e5a9fb5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 6mHRg0Mph3OrWHJXWvtMndK_Hh-IfEpJS4BcRepOnIpDuXWnQYcHEQ==
expires: Thu, 06 Apr 2023 15:21:37 GMT

GET
H2 200 ChangeBtn.dd2e53ba.js Show response
mysf.io/m1/app/dist/master/115abc5/js/ 4 KB
2 KB 99ms
41ms Script
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/ChangeBtn.dd2e53ba.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a8bc25c76ac33f4408bcb61213570dcea01b7fa63497515d5c9c6d2769c1106

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:38 GMT
server: AmazonS3
age: 308680
etag: W/"436290c7392bfabcbc6d444083cd452d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: imEgzCB72TqL22gefFopCunUh9bAZOIsuoFc2BmMptkqSQEZG5MEiw==
expires: Thu, 06 Apr 2023 15:21:37 GMT

GET
H2 200 EditBtn.42f3d726.js
mysf.io/m1/app/dist/master/115abc5/js/ 0
2 KB 13ms
8ms Other
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/EditBtn.42f3d726.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"c4125674bb580415c61f6dc217f656a2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Z8KfvuCNU8xt5XqSvddlA8eEt5hqOSDDMdg4G0q9EqxCdOZuif5_Jw==
expires: Thu, 06 Apr 2023 15:21:37 GMT

GET
H2 200 EditorBase.1fb0eb61.js
mysf.io/m1/app/dist/master/115abc5/js/ 0
143 KB 14ms
9ms Other
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/EditorBase.1fb0eb61.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"9513d8e65f9a6f4d22d1508288d0b8b8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ui926GJBthhV3DB7-xAJPXSFhviFChWAjv042w1dP0w-SSMkRio_kQ==
expires: Thu, 06 Apr 2023 15:21:37 GMT

GET
H2 200 chunk-2d237940.eb28fa46.js
mysf.io/m1/app/dist/master/115abc5/js/ 0
183 KB 19ms
15ms Other
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-2d237940.eb28fa46.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:39 GMT
server: AmazonS3
age: 308680
etag: W/"b1d9fcf829834cb1c34e162fc1f9ed6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: oNQmik_S0bhgNQFCsVQQdCSB0W5cIYixJ6Um329kVQ9OO2nt2cHaow==
expires: Thu, 06 Apr 2023 15:21:38 GMT

GET
H2 200 precache-manifest.356a524c4f62f03890f7f761d3318b3c.js
mysf.io/m1/app/dist/master/115abc5/ 0
3 KB 28ms
24ms Other
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/precache-manifest.356a524c4f62f03890f7f761d3318b3c.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:37 GMT
server: AmazonS3
age: 308680
etag: W/"356a524c4f62f03890f7f761d3318b3c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: yr0TJQGn76B3TxiZWzmhG9VZpr8FHddQ4c6VXfJ0_y-4K3_v9_k_2Q==
expires: Thu, 06 Apr 2023 15:21:35 GMT

GET
H2 200 service-worker.js
mysf.io/m1/app/dist/master/115abc5/ 0
980 B 28ms
25ms Other
application/javascript 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/service-worker.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 15:24:07 GMT
content-encoding: gzip
last-modified: Wed, 06 Apr 2022 15:21:36 GMT
server: AmazonS3
age: 308680
etag: W/"a2d15b1fa093e3b45385b2859d88ca90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 d2f47ea7c79de35229ffbfc6942082c0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: nv6ORqpxvqINzdxKRXclm7muxtYbnoemxkAP2IPfyIfF84Fs0lsQUw==
expires: Thu, 06 Apr 2023 15:21:35 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 426dd08e28ef04fc2f268ee11876871219093118279bc1be0fc5f73ad1a2389f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 resize
ephemera.mirus.io/img/ 9 KB
10 KB 136ms
104ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FNQHP11YS000_agent_avatar_20200724T195835Z_billpowersagency_com_frx2ol9u9n%2Ejpeg&descText=Bill%20Powers%20State%20Farm%20Agent&width=300

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

fc9a8591014e2dcc39f8366c4e535096ecf239e0789d17360d9ec1cdac756349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:46 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 9518
x-frontend: 520a2adb
fly-request-id: 01G08XZQK68E5T4ED2P1PWK2YG-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FNQHP11YS000_agent_avatar_20200724T195835Z_billpowersagency_com_frx2ol9u9n%2Ejpeg&descText=Bill%20Powers%20State%20Farm%20Agent&width=300
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Thu, 14 Apr 2022 09:17:30 GMT

GET
H2 200 SourceSansPro-Regular.woff
mysf.io/m1/app/dist/master/115abc5/fonts/ 128 KB
128 KB 42ms
20ms Font
font/woff 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/fonts/SourceSansPro-Regular.woff
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a9ed86a86add9f64f3492a3af9993fc7fb5ff850b300c72ca5057ae9f2c18a

Request headers

Referer: https://billpowersagency.com/
Origin: https://billpowersagency.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 16:11:00 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
vary: Origin
age: 305867
x-cache: Hit from cloudfront
content-length: 130560
last-modified: Wed, 06 Apr 2022 15:21:37 GMT
server: AmazonS3
etag: "b1637b49a5d6f35735ec03c297cb0932"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: 5DWxoWkSOKQqM7cBVcjMtjnTQCSu15UMLun9BUk4JjJg0LljKcTcvA==
expires: Thu, 06 Apr 2023 15:21:36 GMT

GET
H2 200 SFNewsGothic-Reg.woff
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/SFNewsGothic/woff/ 27 KB
27 KB 398ms
98ms Font
application/font-woff 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/SFNewsGothic/woff/SFNewsGothic-Reg.woff

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (dcc/43F7) /

Resource Hash

8a3e2be9d5898b937bbe9f62d1ab53982c1189a91b34ac9c8288b8aefb4b4198

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://billpowersagency.com/
Origin: https://billpowersagency.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
last-modified: Thu, 13 Aug 2020 16:19:32 GMT
server: ECD (dcc/43F7)
age: 1648748
x-frame-options: DENY
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27472
expires: Mon, 10 Apr 2023 05:06:22 GMT

GET
H2 200 billpowersagency.com-sidebar-md-f2889cf947c55a90bd7d9faeb19d3600.png
ephemera.mirus.io/cache/storage.googleapis.com/static.mirus.io/images/maps/bi/billpowersagency.com/ 17 KB
18 KB 96ms
95ms Image
image/png 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/static.mirus.io/images/maps/bi/billpowersagency.com/billpowersagency.com-sidebar-md-f2889cf947c55a90bd7d9faeb19d3600.png
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/523fc696 (2022-04-06) /
Resource Hash: 4f0818f6fe03c23789d07316d378012409fc957dbf6652db167dd61a2387731c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:46 GMT
via: 2 fly.io
x-cache-status: STALE
x-guploader-uploadid: ADPycdtnX9oqpRckoffLyjW4ImegnhrMlyjaYbyO8BJprlH_y6DUtYN05c_rJnlAhCvPMjeUBVILgZF-Z18ndWo-XIPzPFUndg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
last-modified: Sat, 22 Jan 2022 14:33:50 GMT
x-goog-stored-content-encoding: identity
x-region: ewr
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17731
x-frontend: 520a2adb
fly-request-id: 01G08XZQNM8MHV0AQ082AV2KCX-fra
server: Fly/523fc696 (2022-04-06)
etag: "03bf0ee93a891003fcf03f452a0e309c"
x-goog-hash: crc32c=YmTJjA==, md5=A78O6TqJEAP88D9FKg4wnA==
x-goog-generation: 1642862030943162
cache-control: public, max-age=3600
x-goog-stored-content-length: 17731
x-instance: 4057e6c6
accept-ranges: bytes
content-type: image/png
x-git-sha: b5258ce4
expires: Fri, 18 Feb 2022 06:57:38 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 31 KB
31 KB 118ms
117ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2F430-natural-disaster-planning-wide%2Ejpg&width=300

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

49636502063746df45116eec61b091cee2316b3fcdf30470731b3c314007374a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 31529
x-frontend: 520a2adb
fly-request-id: 01G08XZQP52CA3FCBX202N631N-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2F430-natural-disaster-planning-wide%2Ejpg&width=300
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Fri, 15 Apr 2022 20:10:45 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 28 KB
28 KB 121ms
120ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2F632-teen-driving-wide%2Ejpg&width=300

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

5b993666ad09428eeaa4de07d453808b13498d72b08846855b1b93c9ae92062d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 28694
x-frontend: 520a2adb
fly-request-id: 01G08XZQP5TEQCZK2TQPEN262B-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2F632-teen-driving-wide%2Ejpg&width=300
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Wed, 13 Apr 2022 15:28:31 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 14 KB
14 KB 108ms
108ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2Fmust-have-tools-for-every-homeowner%2Ejpg&width=300

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

ef2a3af7245d4b00c18e05db802c3e23f1807c8cfff64af4c8b93af5e5021d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:46 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 13915
x-frontend: 4057e6c6
fly-request-id: 01G08XZQP50DV4G6978NC6NRPC-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fstatic1%2Est8fm%2Ecom%2Fen_US%2Fimg%2Fsi%2F750%2Fmust-have-tools-for-every-homeowner%2Ejpg&width=300
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Thu, 14 Apr 2022 09:57:05 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
7 KB 134ms
134ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi4%2Eytimg%2Ecom%2Fvi%2FWkyUDTlOTKM%2Fhqdefault%2Ejpg&width=290

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

c70e1b10ed63b345298a0d160415a0b30df7c76c1b2b06f268656bce3ffbe3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 6633
x-frontend: 520a2adb
fly-request-id: 01G08XZQP6B561AEEKPKENZR9V-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi4%2Eytimg%2Ecom%2Fvi%2FWkyUDTlOTKM%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Mon, 11 Apr 2022 00:06:34 GMT

GET
H2 200 news_gothic_bold_bt-webfont.woff
mysf.io/m1/app/dist/master/115abc5/fonts/ 24 KB
25 KB 39ms
38ms Font
font/woff 18.66.248.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/115abc5/fonts/news_gothic_bold_bt-webfont.woff
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-22.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa6e8a424c36f8043275d57ed2842b54eaaab90a19edbf632a7c01147856a12a

Request headers

Referer: https://billpowersagency.com/
Origin: https://billpowersagency.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 06 Apr 2022 16:11:00 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
vary: Origin
age: 305867
x-cache: Hit from cloudfront
content-length: 24880
last-modified: Wed, 06 Apr 2022 15:21:38 GMT
server: AmazonS3
etag: "3e257bd013d16bb2fd7a25b54c392f30"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
x-amz-cf-id: v2A2cOjf58RbnVQ8jP63jqLnp4VEjiHcPLv_xRWOAa0c3muyjTXJbg==
expires: Thu, 06 Apr 2023 15:21:37 GMT

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/ Frame 0
0 395ms
131ms Preflight 35.202.0.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.0.144 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

144.0.202.35.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://billpowersagency.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://billpowersagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sun, 10 Apr 2022 05:08:47 GMT
server: nginx/1.19.1
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
7 KB 106ms
104ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FLnV6hCzKxck%2Fhqdefault%2Ejpg&width=290

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

1907ae1bec95b722e4f8ff3f87315edb51d7d09bac7c793c40c23570cd21dcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 6654
x-frontend: 520a2adb
fly-request-id: 01G08XZQQCCHY92SXR1Q04YJ14-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FLnV6hCzKxck%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Fri, 15 Apr 2022 08:05:33 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
6 KB 101ms
99ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi3%2Eytimg%2Ecom%2Fvi%2FbiJM1VH8Sdg%2Fhqdefault%2Ejpg&width=290

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

e44cb7623b73d42311d351d5dfee6ef842c5a8d3bc7c966284e2bc633b869d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 6246
x-frontend: 4057e6c6
fly-request-id: 01G08XZQQD2RF87MTDYTSKK6MP-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi3%2Eytimg%2Ecom%2Fvi%2FbiJM1VH8Sdg%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Wed, 13 Apr 2022 17:51:14 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 10 KB
10 KB 102ms
100ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FlxVPoBSPRIA%2Fhqdefault%2Ejpg&width=290

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

29c05f5c779bdbb77186dbf7d2a205c21a092dc99291fe1666965a772125fc2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 10449
x-frontend: 520a2adb
fly-request-id: 01G08XZQQD1747P1EW7VVYX8YN-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FlxVPoBSPRIA%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Fri, 15 Apr 2022 19:58:24 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 2 KB
2 KB 109ms
108ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FCR0PP6FY5GF_staff_avatar_20200724T190359Z_billpowersagency_com_uysh6pcfnn%2Ejpeg&width=70

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

5df9dd03aed8cde0e262efbf23e2e79c37b47e4944787e7a7f9e8bf3854f467f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 1784
x-frontend: 520a2adb
fly-request-id: 01G08XZQQDNRZ50MTV2FB71KPX-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FCR0PP6FY5GF_staff_avatar_20200724T190359Z_billpowersagency_com_uysh6pcfnn%2Ejpeg&width=70
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Sat, 16 Apr 2022 10:37:40 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 2 KB
2 KB 110ms
109ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FXYQ219KSGAL_staff_avatar_20200724T174352Z_billpowersagency_com_4zqffanhwo%2Ejpeg&width=70

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

6f02d10dc52f0379f6e28b59051f4996294078b4e5d28847a3927c7738f1f110

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 1616
x-frontend: 520a2adb
fly-request-id: 01G08XZQQDMZFK79GC29EHHX8R-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2FXYQ219KSGAL_staff_avatar_20200724T174352Z_billpowersagency_com_4zqffanhwo%2Ejpeg&width=70
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Thu, 14 Apr 2022 09:17:30 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 2 KB
2 KB 111ms
110ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2F909Z59GFZAK_staff_avatar_20200724T174224Z_billpowersagency_com_22ucpunw2s%2Ejpeg&width=70

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

5f9dcfd6bc3c8ed86a49fbaa450ddf763bac64470f2733fcc697da40330e20b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 1650
x-frontend: 520a2adb
fly-request-id: 01G08XZQQEQ7DHFC8DMB3ZD5VS-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fs3%2Eamazonaws%2Ecom%2Fnakala%2Emirus%2Eio%2Fm1%2Fapprovals%2Faccepted%2F909Z59GFZAK_staff_avatar_20200724T174224Z_billpowersagency_com_22ucpunw2s%2Ejpeg&width=70
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Sat, 16 Apr 2022 06:47:01 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6bfe3ddddbeba2a38b86573d8852a212f6f48b6a36c05323436465f3bace95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e8ae2da972dae7ea8e60367876f4ea66f6a5cfa342b630ef0b7d13323b79bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 945 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8aa25147308f0089d1412fe71e83d87c04b9145e5a921de626935b21d656a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Bootstrap.js Show response
billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/ 76 KB
24 KB 200ms
200ms Script
application/javascript 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: plinko0.mirus.io
Software: nginx/1.16.0 /
Resource Hash: 41517489b587b5d7a5407ed3d0e421e0de4a8a7cd91554cf31b002a131ffb0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 05:08:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Apr 2022 21:01:53 GMT
Server: nginx/1.16.0
ETag: W/"624f5141-12eb5"
Vary: Accept-Encoding
X-backend-hostname: nakala-do-nyc-02.mirus.io
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Expires: Tue, 10 May 2022 05:08:47 GMT

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
2 KB 142ms
56ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0accb6518b8cf5acd005e285c2ec570a9708c638124a07945fd400a181c710d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 10 Apr 2022 05:08:47 GMT

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/ 80 B
339 B 122ms
121ms Fetch
application/json 35.202.0.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/pageviews

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.0.144 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

144.0.202.35.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

94d4703333c0cccc645297d6fb5e050db117c1bcbd00e63ed4e93efd58ef2467

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Referer: https://billpowersagency.com/
keen-sdk: javascript-4.4.0
accept-language: de-DE,de;q=0.9
Authorization: D9982DE0E0B29AC3E087014013C22EEA773248ED3656448F275C15C33E02A92C10B7FB14150F3A417461405FBECBAA219F9211FAC727A413F2BD05BC123D6FC05E9C782EB14A01A27BA4997BA6F8F2C6E121053818FAF4FA7C2FD2133B04B027
Content-Type: application/json

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
server: nginx/1.19.1
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://billpowersagency.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 80

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b626c427e41a563ce6bfa32c338b0024083ca6722e225716d4fd047c4610c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WVfsAjc3nxQdyT/72AwYHw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: ElR/1y3aiiPO3BZG0FQFyco+/USM02wN2JRWuWmuwTazd9tlq4IxUJM4HnNOVqRphai9Xi9w8cGt3UcuUw97HQ==
x-fb-trip-id: 2050670934
x-fb-content-md5: f376a9cbf2c5636d67d3f1791e3d3195
x-frame-options: DENY
date: Sun, 10 Apr 2022 05:08:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "46d18374d634b932e24bb45927097f69"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 10 Apr 2022 05:23:34 GMT

GET
H2 200 NQHP11YS000_office_banner_20200806T155603Z_billpowersagency_com_rp4ibfhpcc.jpeg
ephemera.mirus.io/cache/s3.amazonaws.com/nakala.mirus.io/m1/approvals/accepted/ 1 MB
1 MB 93ms
93ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ephemera.mirus.io/cache/s3.amazonaws.com/nakala.mirus.io/m1/approvals/accepted/NQHP11YS000_office_banner_20200806T155603Z_billpowersagency_com_rp4ibfhpcc.jpeg
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/523fc696 (2022-04-06) /
Resource Hash: 19cd700be136cc69dcdf62c42b907dc819354df27c1588b0dc1081552f13df90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 2 fly.io
x-amz-request-id: H0RNHV32RQWZSS9J
x-cache-status: HIT
x-region: ewr
content-length: 1394892
x-amz-id-2: GhdgHm9Akf/XawAX/JOXw9LFOZ8f9ve84ORvR43RayVdGOSDHTzgRPX5tN7ovDyhtLpZfcQjtyY=
x-frontend: 4057e6c6
last-modified: Thu, 06 Aug 2020 16:11:41 GMT
server: Fly/523fc696 (2022-04-06)
etag: "c22a28aeefd8411e998f60ad4c5c5fa3"
fly-request-id: 01G08XZR223RRQE9ZMDFEK6EZ6-fra
content-type: image/jpeg
cache-control: max-age=31536000
x-instance: 4057e6c6
accept-ranges: bytes
x-git-sha: b5258ce4

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738

1 KB
1 KB

31ms
31ms

XHR
application/json

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

bd6e31792c0b66af23a4a577b0cf7cb1b4282d1c08b58bfcccbeb4f5581aa1bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0d2b4133c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: UbcopURKQDU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://billpowersagency.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 630
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://billpowersagency.com
X-TID: yubcexEOQkE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1649567326738
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/3b5d5649/www-widgetapi.vflset/ 151 KB
49 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3b5d5649/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8221937159039b45af82459efc4c6c971226babf4e761eeaa831032535978f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 00:37:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16283
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50059
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 00:23:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 10 Apr 2023 00:37:24 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 288 KB
82 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=80fb12c2953ca61d5791f623334914e2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

918ef39d3a08aae49bf47e499ef9ed4ddc35fc2de21c495843b18f612e9d67cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://billpowersagency.com/
Origin: https://billpowersagency.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: KrFHIPdiYBKm58BNGKSLbg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84315
x-fb-rlafr: 0
x-fb-debug: tdN2vAH6Zk1XuEZaj8sTvYjngj889HfdDleosnM3h3ykOajtv1JQAGDOddbSeczHOH9oxpXdLunsoV+NUZnYlw==
x-fb-content-md5: fb4dd5038277915a41d9d4d45db95fa3
x-frame-options: DENY
date: Sun, 10 Apr 2022 05:08:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "e29f52de2ac7d074a680d98b80aa1b68"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 10 Apr 2023 04:39:58 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 384 B
527 B 39ms
8ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Apr%2007%2021:01:52%20GMT%202022&ClientID=603&PageID=https%3A%2F%2Fbillpowersagency.com%2F
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a774e759eab1b1e76ec19380f724c1e188dd4be408040e82d9de5ee3d755adc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 384
expires: Sun, 10 Apr 2022 05:08:46 GMT

GET
H2 200 6e35c9bfd8ec60cf5b2b4aca0c4686af.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 154 KB
46 KB 15ms
14ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/6e35c9bfd8ec60cf5b2b4aca0c4686af.js?conditionId0=423109
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: eb6d3c533d22b86eb202f21103024a2fa66afca71587399773d5b26e15f85426

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 17:51:41 GMT
server: nginx
etag: W/"624b302d-26741"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 e93b36812556185f05ba1b50a74e121e.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 22ms
21ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/e93b36812556185f05ba1b50a74e121e.js?conditionId0=1539709
Requested by: Host: billpowersagency.com
URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 4d01cb345594fa2229a937631516c71e98f17f97226642879933e18e805832c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
content-encoding: gzip
last-modified: Tue, 29 Mar 2022 21:39:19 GMT
server: nginx
etag: W/"62437c87-dbf"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame EB5E 7 KB
3 KB 154ms
31ms Document
text/html 52.16.141.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.16.141.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-141-213.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://billpowersagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v030-080d1cadb.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: xA3yM01SQ5o=
content-encoding: gzip
date: Sun, 10 Apr 2022 05:08:47 GMT
last-modified: Tue, 15 Mar 2022 12:36:14 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
518 B 440ms
17ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=82842168067208999540261599825580482474&ts=1649567326927

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

c8ac7e65d67ade891da253346e86f8b14814ed4eb35f5caf2b3fa7922216076d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://billpowersagency.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 10 Apr 2022 05:08:48 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-7b6f4bb9f7-gglv4
vary: Origin
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://billpowersagency.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YlJmXwAAAFlIDwQp
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=87312993543283181260611889680261747830
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlJmXwAAAFlIDwQp

42 B
943 B

31ms
31ms

Image
image/gif

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlJmXwAAAFlIDwQp

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-04a5d1ba1.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: v9XDkhMMScc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YlJmXwAAAFlIDwQp
Date: Sun, 10 Apr 2022 05:08:47 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 page.php Show response
www.facebook.com/v12.0/plugins/ Frame 0427 20 KB
11 KB 69ms
50ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ac19fde0fc618%26domain%3Dbillpowersagency.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbillpowersagency.com%252Ff111a8f45bcfb1c%26relation%3Dparent.parent&container_width=312&height=662&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F205120722855301&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=80fb12c2953ca61d5791f623334914e2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df7ac89e56ca3754806bf3d2c19e927103d4ba71f4c86a4d8f0c532dd3e0f699

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://billpowersagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 10 Apr 2022 05:08:47 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
pragma: no-cache
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: rwOUfMxiNL4qmbxEXTw2oKZThpb6wMgnxPiwmqvfITqNNFNi8Jfmm3Yp8OGJY/Ich8hCytcXjEV1tw++iG/Ohw==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 m4R2PhG8UC6.css
static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/ Frame 0427 24 KB
6 KB 59ms
7ms Stylesheet
text/css 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/l/0,cross/m4R2PhG8UC6.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ac19fde0fc618%26domain%3Dbillpowersagency.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fbillpowersagency.com%252Ff111a8f45bcfb1c%26relation%3Dparent.parent&container_width=312&height=662&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F205120722855301&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ff49fee148c3043e3309a5d3669ef340ed55cb114ae57e6aa26a0995f7eec38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: gfd5tnmIxn0DBR2GIcAXvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 5374
x-fb-rlafr: 0
x-fb-debug: /4zp28RMbcp6CxwIpKERdUHLnKjr+Kc6LZ6Hn+tf3h37DUjKn8F5e2qFMXb6ku5Lqikmsavdkt0m6Er5wv0E2w==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 09 Apr 2023 14:38:13 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=edba790abb50508e5cc13644dd9552c9ab01a43dccd0c9dcaaefc6d5e0e80aa1b0da87c991749652
dpm.demdex.net/ Frame EB5E
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=87312993543283181260611889680261747830
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzAQABoNCN_MyZIGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=edba790abb50508e5cc13644dd9552c9ab01a43dccd0c9dcaaefc6d5e0e80aa1b0da87c991749652

42 B
943 B

32ms
32ms

Image
image/gif

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=edba790abb50508e5cc13644dd9552c9ab01a43dccd0c9dcaaefc6d5e0e80aa1b0da87c991749652

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0a4647972.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: HF9KG5eAS9E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 10 Apr 2022 05:08:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=edba790abb50508e5cc13644dd9552c9ab01a43dccd0c9dcaaefc6d5e0e80aa1b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESECPy20l6zUrEewgcn39FlQE&google_cver=1
dpm.demdex.net/ Frame EB5E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODczMTI5OTM1NDMyODMxODEyNjA2MTE4ODk2ODAyNjE3NDc4MzA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECPy20l6zUrEewgcn39FlQE&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

35ms
34ms

Image
image/gif

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECPy20l6zUrEewgcn39FlQE&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v030-0a672e30e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OBpNdVtNRIg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 05:08:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECPy20l6zUrEewgcn39FlQE&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=1c986fb1-a221-48bd-87e6-37469e114574
dpm.demdex.net/ Frame EB5E
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c986fb1-a221-48bd-87e6-37469e114574

42 B
943 B

55ms
32ms

Image
image/gif

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c986fb1-a221-48bd-87e6-37469e114574

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-028b99c2a.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yRvZ0RijR8c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 10 Apr 2022 05:08:48 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=1c986fb1-a221-48bd-87e6-37469e114574
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 s72511510798385 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 42ms
42ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s72511510798385?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=10%2F3%2F2022%205%3A8%3A47%200%200&d.&nsid=0&jsonv=1&.d&D=..&mid=82842168067208999540261599825580482474&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-s%3Anqhp11ys000&g=https%3A%2F%2Fbillpowersagency.com%2F&ch=sf%3Aus%3Aagent-micro-s&server=billpowersagency.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-s%3Anqhp11ys000&h1=home%7Cagent-micro-s%7Cnqhp11ys000&c4=sf%3Aagent-micro-s%3Anqhp11ys000&v6=billpowersagency.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fbillpowersagency.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=sunday%7C12%3A00am&v50=4%2F10%2F2022&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F100.0.4896.75%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a320e5351aa8ad3641d5c5bf55e4b35cd2a3771629785df97a20c252d948545f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-aam-tid: mUi3ohC/QVI=
date: Sun, 10 Apr 2022 05:08:48 GMT
x-content-type-options: nosniff
x-c: main-1637.I660130.M0-562
p3p: CP="This is not a P3P policy"
vary: *
content-length: 1078
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v030-01115f9c3.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Mon, 11 Apr 2022 05:08:48 GMT
server: jag
xserver: anedge-7b6f4bb9f7-vc2hr
etag: 3542418864701964288-4619477053450458749
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 09 Apr 2022 05:08:48 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame EB5E
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=87312993543283181260611889680261747830&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UNOSHQxE2pFbhiOI.LFi54fSheQcZq9DxpY-~A

42 B
943 B

32ms
32ms

Image
image/gif

34.243.37.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UNOSHQxE2pFbhiOI.LFi54fSheQcZq9DxpY-~A

Protocol

HTTP/1.1

Server

34.243.37.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-243-37-47.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v030-05420085f.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: K0042l7QR8g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 10 Apr 2022 05:08:48 GMT
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
strict-transport-security: max-age=31536000
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-UNOSHQxE2pFbhiOI.LFi54fSheQcZq9DxpY-~A
content-length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 390 KB
62 KB 135ms
50ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f911021fa227a784dad103a76e032a7974ff5148fa4755b86a7cd842b895c714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63229
x-xss-protection: 0
last-modified: Sun, 10 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Apr 2022 05:08:48 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame EB5E
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=87312993543283181260611889680261747830
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87312993543283181260611889680261747830

0
338 B

100ms
28ms

Image
text/plain

52.215.247.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87312993543283181260611889680261747830
Protocol: H2
Server: 52.215.247.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-247-247.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=40 t=1649567328
x-served-by: beacon-n006-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=87312993543283181260611889680261747830
date: Sun, 10 Apr 2022 05:08:48 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 25ms
11ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: billpowersagency.com
URL: https://billpowersagency.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: uJ3CCsaNksV62mf0P3cImnl3vr0TrKi4jNj1cNh2A4VOKAQBsDi+ANl2p1njpVGFDFXPL1jgmVCGlZMVn6mdRA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 10 Apr 2022 05:08:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 45ms
7ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Sun, 10 Apr 2022 03:41:16 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 5253
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: zEpBjN6MhzjRyWFVu59riOeid6jncq9vekpV4SMT-MpzGtH51YxvZw==

GET
H3 200 1936962093151750 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1936962093151750?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fe0d20f13252beadc2ef246e707a4427cea7758f24905832af17f3a07f5bfa51

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: YjqPRX3vqVYmlc1jUesKb5nLTBQ9mL6RFobf4i4UYl8UtZ4jmb85l3etZjFgr3smXiGuoIGloOiH557m6ds4jg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 10 Apr 2022 05:08:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 54DB 0
181 B 39ms
31ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fbillpowersagency.com%2F&upid=t8xbszz&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://billpowersagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Sun, 10 Apr 2022 05:08:48 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fbillpowersagency.com%2F&rl=&if=false&ts=1649567327872&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1649567327870.2083299982&it=1649567327766&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Sun, 10 Apr 2022 05:08:48 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 30F9 0
15 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://billpowersagency.com
Referer: https://billpowersagency.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://billpowersagency.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 10 Apr 2022 05:08:49 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
7 KB 97ms
97ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi4%2Eytimg%2Ecom%2Fvi%2FWkyUDTlOTKM%2Fhqdefault%2Ejpg&width=290

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

c70e1b10ed63b345298a0d160415a0b30df7c76c1b2b06f268656bce3ffbe3d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:52 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 6633
x-frontend: 520a2adb
fly-request-id: 01G08XZWSF42E545Q22RXZB1QV-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi4%2Eytimg%2Ecom%2Fvi%2FWkyUDTlOTKM%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 520a2adb
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Mon, 11 Apr 2022 00:06:34 GMT

GET
H2 200 resize
ephemera.mirus.io/img/ 6 KB
7 KB 98ms
98ms Image
image/jpeg 2a09:8280:1::1ce
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/img/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FLnV6hCzKxck%2Fhqdefault%2Ejpg&width=290

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/115abc5/js/chunk-vendors.dad68769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::1ce , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/523fc696 (2022-04-06) /

Resource Hash

1907ae1bec95b722e4f8ff3f87315edb51d7d09bac7c793c40c23570cd21dcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://billpowersagency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 05:08:52 GMT
via: 2 fly.io
x-cache-status: HIT
x-ratelimit-remaining: 1000
x-region: ewr
content-length: 6654
x-frontend: 4057e6c6
fly-request-id: 01G08XZWSGAQXTXQAYTZ0SX5DE-fra
server: Fly/523fc696 (2022-04-06)
x-cachekey: https://imaginary.prod.mirus.io/resize?url=https%3A%2F%2Fi1%2Eytimg%2Ecom%2Fvi%2FLnV6hCzKxck%2Fhqdefault%2Ejpg&width=290
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/jpeg
cache-control: public, s-maxage=604800, max-age=604800, no-transform
x-instance: 4057e6c6
x-ratelimit-limit: 1001
x-ratelimit-reset: 1
x-git-sha: b5258ce4
expires: Fri, 15 Apr 2022 08:05:33 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
billpowersagency.com/	1969-12-31 23:59:59	Name: si.es.ar.ef Value: QaHxbSKepRWVg-xrq1BYq6LKS-mrlWF5vw7j2jFMT94
billpowersagency.com/	1969-12-31 23:59:59	Name: snak Value: eyJkb21haW4iOiJiaWxscG93ZXJzYWdlbmN5LmNvbSIsInNzbCI6dHJ1ZSwia25vd25faXAiOmZhbHNlLCJiYWNrZW5kcyI6W119
billpowersagency.com/	1970-01-20 10:58:23	Name: keen Value: {%22uuid%22:%22e7ef874f-c74f-4bed-ab55-def66efc325d%22%2C%22initialReferrer%22:null}
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: WMZT4Udydmo
.youtube.com/	1970-01-20 06:31:59	Name: VISITOR_INFO1_LIVE Value: r_KKq5_Yuew
.billpowersagency.com/	1970-01-20 02:12:49	Name: s_gad Value: 1
.demdex.net/	1970-01-20 06:31:59	Name: demdex Value: 87312993543283181260611889680261747830
.billpowersagency.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 10:58:23	Name: everest_g_v2 Value: g_surferid~YlJmXwAAAFlIDwQp
.rlcdn.com/	1970-01-20 10:58:23	Name: rlas3 Value: QsDt6zpukKxd+DHacnpwAw6q9kIvmIVrWgZeZyoO+DI=
.dpm.demdex.net/	1970-01-20 06:31:59	Name: dpm Value: 87312993543283181260611889680261747830
.rlcdn.com/	1970-01-20 03:39:11	Name: pxrc Value: CN/MyZIGEgUI6AcQABIGCPHrARAA
.statefarm.com/	1970-01-20 19:43:59	Name: s_ecid Value: MCMID%7C82842168067208999540261599825580482474
.billpowersagency.com/	1970-01-20 19:45:25	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19093%7CMCMID%7C82842168067208999540261599825580482474%7CMCAAMLH-1650172126%7C6%7CMCAAMB-1650172126%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1649574526s%7CNONE%7CMCSYNCSOP%7C411-19100%7CMCAID%7CNONE%7CvVersion%7C3.1.0
.billpowersagency.com/	1970-01-20 02:12:49	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-s%3Anqhp11ys000
.billpowersagency.com/	1970-01-20 02:12:49	Name: s_pre_v6 Value: billpowersagency.com
.billpowersagency.com/	1970-01-20 02:12:49	Name: s_dl Value: 1
.billpowersagency.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.billpowersagency.com/	1970-01-21 22:02:13	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271649567327400%27%5D%5D
.billpowersagency.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fbillpowersagency.com%2F%7Centry%3Dhttps%3A%2F%2Fbillpowersagency.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-s%7Cs_prev_ch%3Dagent-micro-s%7Cs_prev_pn%3Dnqhp11ys000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-s%3Anqhp11ys000%7Cmc%3Ddirect%20load%7C
.billpowersagency.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.adsrvr.org/	1970-01-20 10:58:23	Name: TDID Value: 1c986fb1-a221-48bd-87e6-37469e114574
.doubleclick.net/	1970-01-20 11:34:23	Name: IDE Value: AHWqTUlyXPJCY2XobWwR3j2WzjXdYnjjpCAyG3XMEO6nU4TcX7rut9p0M2ATBo5FbI8
.adsrvr.org/	1970-01-20 10:58:23	Name: TDCPM Value: CAESEgoDYWFtEgsI_qS8o8euzToQBRgFIAEoAjILCP6KmtDdrs06EAU4AQ..
.billpowersagency.com/	1970-01-20 06:31:59	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C6
.billpowersagency.com/	1970-01-20 02:55:59	Name: aam_uuid Value: 87312993543283181260611889680261747830
.demdex.net/	1970-01-20 06:31:59	Name: dextp Value: 60-1-1649567327101\|771-1-1649567327202\|903-1-1649567327303\|30646-1-1649567327422\|66757-1-1649567327539
.yahoo.com/	1970-01-20 10:58:44	Name: A3 Value: d=AQABBGBmUmICEIgN28VsYnGCrzQKKCsC778&S=AQAAArqF42MbOmp31IOT3vMA0Dg
.billpowersagency.com/	1970-01-20 04:22:23	Name: _fbp Value: fb.1.1649567327870.2083299982
.krxd.net/	1970-01-20 06:31:59	Name: _kuid_ Value: OxPq_PRi

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
billpowersagency.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dpm.demdex.net
ephemera.mirus.io
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
mysf.io
nexus.ensighten.com
peachy.prod.mirus.io
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static.xx.fbcdn.net
static1.st8fm.com
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
www.youtube.com
142.250.186.162
143.204.94.161
15.188.95.229
152.195.54.7
18.195.42.228
18.66.248.22
212.82.100.182
2a00:1450:4001:80e::2008
2a00:1450:4001:813::200e
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a09:8280:1::1ce
3.211.130.57
34.243.37.47
35.202.0.144
35.244.174.68
45.33.12.50
52.16.141.213
52.215.247.247
52.223.40.198
52.51.88.158
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0a8bc25c76ac33f4408bcb61213570dcea01b7fa63497515d5c9c6d2769c1106
0accb6518b8cf5acd005e285c2ec570a9708c638124a07945fd400a181c710d4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1907ae1bec95b722e4f8ff3f87315edb51d7d09bac7c793c40c23570cd21dcfd
19cd700be136cc69dcdf62c42b907dc819354df27c1588b0dc1081552f13df90
1e8ae2da972dae7ea8e60367876f4ea66f6a5cfa342b630ef0b7d13323b79bfc
29c05f5c779bdbb77186dbf7d2a205c21a092dc99291fe1666965a772125fc2d
3ff49fee148c3043e3309a5d3669ef340ed55cb114ae57e6aa26a0995f7eec38
41517489b587b5d7a5407ed3d0e421e0de4a8a7cd91554cf31b002a131ffb0c7
426dd08e28ef04fc2f268ee11876871219093118279bc1be0fc5f73ad1a2389f
49636502063746df45116eec61b091cee2316b3fcdf30470731b3c314007374a
4b99b3753d3b4a66a2efb584aceb6c87e2427fb092ae772584beabb8da1efd8c
4d01cb345594fa2229a937631516c71e98f17f97226642879933e18e805832c2
4f0818f6fe03c23789d07316d378012409fc957dbf6652db167dd61a2387731c
5b993666ad09428eeaa4de07d453808b13498d72b08846855b1b93c9ae92062d
5df9dd03aed8cde0e262efbf23e2e79c37b47e4944787e7a7f9e8bf3854f467f
5f9dcfd6bc3c8ed86a49fbaa450ddf763bac64470f2733fcc697da40330e20b8
6b626c427e41a563ce6bfa32c338b0024083ca6722e225716d4fd047c4610c59
6f02d10dc52f0379f6e28b59051f4996294078b4e5d28847a3927c7738f1f110
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8a3e2be9d5898b937bbe9f62d1ab53982c1189a91b34ac9c8288b8aefb4b4198
918ef39d3a08aae49bf47e499ef9ed4ddc35fc2de21c495843b18f612e9d67cd
94d4703333c0cccc645297d6fb5e050db117c1bcbd00e63ed4e93efd58ef2467
9711c07cf4256d9e3114811bec41cea7991c70fedc1613ba5946219683cdee21
a320e5351aa8ad3641d5c5bf55e4b35cd2a3771629785df97a20c252d948545f
a774e759eab1b1e76ec19380f724c1e188dd4be408040e82d9de5ee3d755adc4
b8221937159039b45af82459efc4c6c971226babf4e761eeaa831032535978f6
bd6e31792c0b66af23a4a577b0cf7cb1b4282d1c08b58bfcccbeb4f5581aa1bb
c70e1b10ed63b345298a0d160415a0b30df7c76c1b2b06f268656bce3ffbe3d2
c80efa38bce267d14224d197ee2308e914eb267537e9986346c7a480c4ccf52d
c8ac7e65d67ade891da253346e86f8b14814ed4eb35f5caf2b3fa7922216076d
d5a9ed86a86add9f64f3492a3af9993fc7fb5ff850b300c72ca5057ae9f2c18a
d8aa25147308f0089d1412fe71e83d87c04b9145e5a921de626935b21d656a59
df7ac89e56ca3754806bf3d2c19e927103d4ba71f4c86a4d8f0c532dd3e0f699
e2040ad8180c3791e597e3e119c27981715b75b26fd90ca4c8c1e663b3cc03d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44cb7623b73d42311d351d5dfee6ef842c5a8d3bc7c966284e2bc633b869d3a
eb6d3c533d22b86eb202f21103024a2fa66afca71587399773d5b26e15f85426
ec6bfe3ddddbeba2a38b86573d8852a212f6f48b6a36c05323436465f3bace95
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2a3af7245d4b00c18e05db802c3e23f1807c8cfff64af4c8b93af5e5021d85
f911021fa227a784dad103a76e032a7974ff5148fa4755b86a7cd842b895c714
fa6e8a424c36f8043275d57ed2842b54eaaab90a19edbf632a7c01147856a12a
fc9a8591014e2dcc39f8366c4e535096ecf239e0789d17360d9ec1cdac756349
fe0d20f13252beadc2ef246e707a4427cea7758f24905832af17f3a07f5bfa51

billpowersagency.com Open in urlscan Pro 45.33.12.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

88 %HTTPS

24 %IPv6

18 Domains

23 Subdomains

17 IPs

4 Countries

2768 kBTransfer

4451 kBSize

30 Cookies

40 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

billpowersagency.com Open in urlscan Pro
45.33.12.50 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

88 %
HTTPS

24 %
IPv6

18
Domains

23
Subdomains

17
IPs

4
Countries

2768 kB
Transfer

4451 kB
Size

30
Cookies

57 HTTP transactions
4 data transactions