urlscan.io logo urlscan.io
SecurityTrails logo

friscoed.com Open in urlscan Pro
34.69.219.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://friscoed.com/
Submission Tags: phishingrod
Submission: On October 31 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 70 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is friscoed.com.
TLS certificate: Issued by R3 on September 1st 2023. Valid for: 3 months.
This is the only time friscoed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.69.219.172 396982 (GOOGLE-CL...)
26 2a09:8280:1::... 40509 (FLY)
7 2600:9000:206... 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 5 34.255.171.99 16509 (AMAZON-02)
1 18.66.112.124 16509 (AMAZON-02)
1 54.228.139.113 16509 (AMAZON-02)
2 63.140.62.108 15224 (OMNITURE)
1 1 63.34.189.164 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 104.198.70.133 15169 (GOOGLE)
2 2 142.250.185.162 15169 (GOOGLE)
3 3.33.220.150 16509 (AMAZON-02)
2 2 3.75.62.37 16509 (AMAZON-02)
1 1 52.86.191.86 14618 (AMAZON-AES)
1 63.33.100.143 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.38 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 108.138.15.119 16509 (AMAZON-02)
3 151.101.128.84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... 32934 (FACEBOOK)
70 23
1    34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
friscoed.com
26    2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)
ephemera.mirus.io
7    2600:9000:206f:7c00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    34.255.171.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.66.112.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-124.fra56.r.cloudfront.net
deel-id-persistence.deel.c1.statefarm
1    54.228.139.113 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-139-113.eu-west-1.compute.amazonaws.com
statefarmmutualautomobileinsurancecompany.demdex.net
2    63.140.62.108 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-108.data.adobedc.net
smetrics.statefarm.com
1    63.34.189.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-189-164.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com
peachy.prod.mirus.io
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    52.86.191.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-191-86.compute-1.amazonaws.com
usermatch.krxd.net
1    63.33.100.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
11264551.fls.doubleclick.net
1    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:26f0:3500:89b::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
3    151.101.128.84 (United States)

ASN54113 (FASTLY, US)
ct.pinterest.com
1    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
28 mirus.io
ephemera.mirus.io — Cisco Umbrella Rank: 279854
peachy.prod.mirus.io — Cisco Umbrella Rank: 314815
384 KB
7 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3744
74 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 10918
8 KB
5 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
11264551.fls.doubleclick.net — Cisco Umbrella Rank: 93407
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
4 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
js.adsrvr.org — Cisco Umbrella Rank: 1610
insight.adsrvr.org — Cisco Umbrella Rank: 584
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
179 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 849
1 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
856 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 847
21 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1979
beacon.krxd.net — Cisco Umbrella Rank: 758
529 B
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
611 B
2 statefarm.com
smetrics.statefarm.com — Cisco Umbrella Rank: 29231
2 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
455 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
93 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
98 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1275
517 B
1 c1.statefarm
deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 79381
1 KB
1 friscoed.com
friscoed.com
146 KB
70 19
Domain Requested by
26 ephemera.mirus.io friscoed.com
ephemera.mirus.io
7 nexus.ensighten.com friscoed.com
nexus.ensighten.com
5 dpm.demdex.net 1 redirects friscoed.com
4 connect.facebook.net friscoed.com
connect.facebook.net
3 ct.pinterest.com s.pinimg.com
2 insight.adsrvr.org js.adsrvr.org
2 s.pinimg.com friscoed.com
s.pinimg.com
2 11264551.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 cm.g.doubleclick.net 2 redirects
2 peachy.prod.mirus.io friscoed.com
2 smetrics.statefarm.com nexus.ensighten.com
friscoed.com
1 www.facebook.com
1 adservice.google.com 11264551.fls.doubleclick.net
1 www.google.de
1 www.google.com
1 js.adsrvr.org www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com nexus.ensighten.com
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 match.adsrvr.org
1 idsync.rlcdn.com friscoed.com
1 cm.everesttech.net 1 redirects
1 statefarmmutualautomobileinsurancecompany.demdex.net nexus.ensighten.com
1 deel-id-persistence.deel.c1.statefarm nexus.ensighten.com
1 friscoed.com
70 28
Subject Issuer Validity Valid
friscoed.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
ephemera.mirus.io
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02		 2023-09-29 -
2024-10-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-09 -
2023-11-07		 3 months crt.sh
deel-id-persistence.deel.c1.statefarm
Amazon RSA 2048 M02		 2023-08-01 -
2024-08-29		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.statefarm.com
Entrust Certification Authority - L1K		 2023-01-20 -
2024-02-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
peachy.prod.mirus.io
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-07 -
2024-08-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://friscoed.com/
Frame ID: 8D40C14D789AB32333CBF29AD349F843
Requests: 58 HTTP requests in this frame

Frame: https://deel-id-persistence.deel.c1.statefarm/
Frame ID: 3A7A5C203835BC1C5251B897AD49D81D
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 38F1882FFE18F90D2707A5C6EB8AF4A6
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F
Frame ID: A4AE90F00A989CF88C38583333C1C5EA
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Ffriscoed.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 9A069FD2AB2EB293711BCA97FCBB7576
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Ffriscoed.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: 3F1045834E631A61C6D0A61AFC95C2B8
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 988399A1EF8E2A5DE1432B25A759748C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ed Forster – Frisco, TX State Farm® Agent

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

70
Requests

87 %
HTTPS

38 %
IPv6

19
Domains

28
Subdomains

23
IPs

3
Countries

915 kB
Transfer

2576 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454
Request Chain 32
  • https://cm.everesttech.net/cm/dd?d_uuid=05349327966833381731057952294975288638 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUEHhQAAAGzJwgOJ
Request Chain 41
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDUzNDkzMjc5NjY4MzMzODE3MzEwNTc5NTIyOTQ5NzUyODg2Mzg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDUzNDkzMjc5NjY4MzMzODE3MzEwNTc5NTIyOTQ5NzUyODg2Mzg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED67irp-mTCOQZgf_XtzGNY&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 48
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=05349327966833381731057952294975288638&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=05349327966833381731057952294975288638&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-fAYhsQ5E2pFnCKSIXLf3BDVcFC76zHvBOmY-~A
Request Chain 49
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=05349327966833381731057952294975288638 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=05349327966833381731057952294975288638
Request Chain 53
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F HTTP 302
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F

70 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
friscoed.com/ 		626 KB
146 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.219.69.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee3ff0c7a460959a89057e7343c7e004ef49f7cf1a6ed8c32cfbc2b3a2a07b07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, max-age=30
content-encoding
gzip
content-type
text/html
date
Tue, 31 Oct 2023 13:56:21 GMT
etag
"7ebf481c20fd5ad4af99d6e21f4f6ab5"
expires
Tue, 31 Oct 2023 13:56:51 GMT
last-modified
Tue, 31 Oct 2023 13:35:26 GMT
server
UploadServer
vary
Accept-Encoding
x-cheesecrd-backend
mx-gcs
x-cheesecrd-lookup
master:friscoed.com/
x-cheesecrd-path
/
x-goog-generation
1698759326336790
x-goog-hash
crc32c=yGjAZQ== md5=fr9IHCD9WtSvmdbiH09qtQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
148262
x-guploader-uploadid
ABPtcPqHzngfvEAKLiy-WEqG8bMs_fxBFBNJMYm_jxcqvNS9_HRNr93IffrJrFPk1mLlIDJ0qP8
resize
ephemera.mirus.io/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
17410
fly-request-id
01HE30AR9JX11FHD1S1SKBK7GN-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Mon, 30 Oct 2023 19:57:52 GMT
Bootstrap.js
nexus.ensighten.com/statefarm/mirus/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb541189b278878aefae5de6dbde862c635b6075eddee851b3b14d45e61e0cd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 18:44:54 GMT
x-amz-version-id
6gB4_tTx777s4pc.IOz.2kEWoKrDucbZ
content-encoding
br
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
328288
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 18:44:32 GMT
server
CloudFront
etag
W/"f544936fa2fc72bf83d193b6a7ccd7a7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
rkHmZMs8vuStSZeC1cN06byLG3MyJ-xA8pdIjtSeQ4dp3PeU_Gxv_g==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ee13515c645105dc080804da7d84bc4075b3d61673999d770153266d5a3b3c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 13:56:21 GMT
content-md5
RQ5yuAEA4JJACOVlYE0yRw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
LldMxtfYli/MtKxaE4We0+MQfreN3OYipAxW4RpD3Ij66oigkVxVWDVBnABHeULZRBq4nFuLNCYkFeNI0s5Nrg==
x-fb-content-md5
884b8a9a3a4d065ebb53d327a78fa2b5
cross-origin-opener-policy
same-origin-allow-popups
etag
"9b0e9ab35e7e0a42b796a09236034100"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 31 Oct 2023 14:08:40 GMT
resize
ephemera.mirus.io/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
e1265c63c26a2819976f9314c5a47d11f81d7ed83f4cbe51ff1cafe28abc9e02
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
5838
fly-request-id
01HE30AR9HEJTX073KAP5AMQRJ-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Sun, 29 Oct 2023 20:09:43 GMT
resize
ephemera.mirus.io/img/ 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
a8698232be142af1bf06f60a79b984cba651c1ff6776bb6e8ea8d6f3716bb17d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
x-cache-status
HIT
x-region
ewr
content-length
878
fly-request-id
01HE30AR9JDB7XNJZ7G7SNWD76-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Fri, 03 Nov 2023 18:07:45 GMT
MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-SemiBold.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-SemiBold.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdsrmBv7ykULhBLTgMSBDbw1jm8zRZP_2vowloMKxAmpJk0ce31cA_uxxlRTa4sgbDjGHD3NnPGkRL2Tltq2vcFB87i61sU6
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32208
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30AR9JPQBB239ECVHHJ20K-fra
etag
"1d27c68fab3bc57c0eb1b742cb355160"
x-goog-generation
1694794012520792
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32208
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Medium.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Medium.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtJhAcaCOFLrR8dRVI1lmPFlx8vjfqw3lfQBKFoY8LPq7RDCd7Ik2FvnKU983g34ee-6B1oTKEZFcCt5wbp2lTVYSrc2inN
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32200
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30AR9JATPG7T5RVZEVTR3F-fra
etag
"771eb8d7b83cc251776e102fb8ae2972"
x-goog-generation
1694794012415593
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32200
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Regular.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Regular.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtImF3TWr8_Rby3TsvYJLCKLeD67lhLrVwuqchvjingeCoA0epR6G3jBqrSuf9v5Nt3CU0gdBPY2TVhKrOMvsemY5fIWfV2
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31948
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30AR9JVBAHDWJGHGX45W6T-fra
etag
"45568a98b8085b944e9b8c47a2947646"
x-goog-generation
1694794012452758
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
31948
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Bold.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Bold.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdvBNnKqRnAwnFG_7x216N8CcVZrdzc51JQ4GOW1XZNFNykrX_lqDcChAfZpHqacZeNR45U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31812
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30AR9J59E898D2G798G3S9-fra
etag
"7cc9632b9df119aed25a6812b1c59569"
x-goog-generation
1694794012232162
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
31812
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:53:48 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7b22d557ef2d9a3e84e350d1924260e1
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e6c7e23937ade1b4b85bf25491b98e857afb071651fd7d9db8aab444a8f0506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 31 Oct 2023 13:56:21 GMT
content-md5
p1xXKvFOt9awH3tU0YhxTQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88329
reporting-endpoints
x-fb-debug
vM6jeFXjUrWHpCjMc+sMDV9o0PIxHAvMPc57gUk0EH8y+nwUgqdVkzRhaZiu2qEboiB7/Q+vBGcmlGuYpt7+Gg==
x-fb-content-md5
0ad54fb627becf70532a815f2da7cd95
cross-origin-opener-policy
same-origin-allow-popups
etag
"35d69da1a4e3a1837eadc86783346d27"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 30 Oct 2024 12:21:30 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
HTTP/1.1
Server
34.255.171.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8022739735e996c35d233705d2b58085d95f13c9ddcd7f29a93c3cbaa53cfe34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-0e3f7714d.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
xJsITsYkQ9s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://friscoed.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
643
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v053-058a6130a.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
+mXcuQk7Qao=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://friscoed.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698760581454
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/statefarm/mirus/ 		504 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Fri%20Oct%2027%2018:44:30%20GMT%202023&ClientID=603&PageID=https%3A%2F%2Ffriscoed.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
004780e9fe55a1f6ba742bdd8abfd766b235a363abb9fc8f5aded8a1130ffa68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
content-length
504
x-amz-cf-id
oGgrFVRfDokXEBADm73vS62FpNjrQ5aiCWOifwX_Qvjr1OEZkgr2fA==
expires
Tue, 31 Oct 2023 13:56:20 GMT
54c629785cafd7b5f5af83b21c2501bf.js
nexus.ensighten.com/statefarm/mirus/code/ 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 18:44:37 GMT
x-amz-version-id
FDeOzAHXgTyj2jXJB8lMNF0hrh1q1oFk
content-encoding
br
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
age
328305
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 18:44:32 GMT
server
CloudFront
etag
W/"04204da7fbd370a1130c3efa7af88796"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
uToaiE-4iXLIZK55mDq8io_D9RBQ8Yu55SMMHVkYnXg001Sr11gFlQ==
329fbdab9636170eedfc1422b36a9201.js
nexus.ensighten.com/statefarm/mirus/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/329fbdab9636170eedfc1422b36a9201.js?conditionId0=1539709
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 18:40:46 GMT
x-amz-version-id
OuUtqcbhtGGaOSf08MnJmyHMdVrlO6kx
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
age
3352536
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Sep 2023 18:39:58 GMT
server
CloudFront
etag
W/"8a23a755163613af04888609d47b4180"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
LFaZ4cYQHWFByiUzxgKtc2Hinzody7v2264k5locsgl4K_zvVonD8w==
490ca4ccefe20cf502ab771ba0b689e4.js
nexus.ensighten.com/statefarm/mirus/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/490ca4ccefe20cf502ab771ba0b689e4.js?conditionId0=567025
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 18:40:46 GMT
x-amz-version-id
GXEkxy20k_QHgRk9R9sJLzPLYY9n6IMi
content-encoding
gzip
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
age
3352536
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Sep 2023 18:39:58 GMT
server
CloudFront
etag
W/"513d0d3858eefa5cd26ba48fe9d67289"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
tTkja3kqEVyarvsZswyVTsRTJ2RN2W0LetE3scxdGKytw7SIwjdl3Q==
/
deel-id-persistence.deel.c1.statefarm/ Frame 3A7A 		986 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deel-id-persistence.deel.c1.statefarm/
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
512b4ce70e98f602fdd8dfba328c4d253fa93ee904eaf6aff4e032f94776a425

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
986
content-type
text/html
date
Tue, 31 Oct 2023 13:56:21 GMT
server
CloudFront
via
1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
x-amz-cf-id
nxtUCf7TfYUUWwoCDTyZcyosn3_tC9uQLqhesLr28QHA-OEamAHTng==
x-amz-cf-pop
FRA56-P5
x-cache
Error from cloudfront
e.gif
nexus.ensighten.com/error/ 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F54c629785cafd7b5f5af83b21c2501bf.js%3FconditionId0%3D423109%3A23%3A433)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3956230&did=486748&errorName=
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:41:06 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server
CloudFront
age
29715
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
x5EpybV7tp4IAduOS5vs4hvjCjTcPbjdHP4YVP_sgcZGlHlZtSUghQ==
truncated
/ 		191 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Regular.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Regular.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtjAVvvHYumgayh4PvBmUyQnQ2SDXs_xp-eReBfuttyohKr27L3MF6Pe3wVZ9UnYH6sN5PDl_lrPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32844
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARD4Q62PD30X9EEW24XF-fra
etag
"523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-generation
1694794012125378
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32844
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:52:08 GMT
resize
ephemera.mirus.io/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
0bdf06dc091381410fbe8009f54f0226e5c255436a143f8ea11dfd32dbd0db47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
x-cache-status
HIT
x-region
ewr
content-length
1432
fly-request-id
01HE30ARG9JS3SJBV8HMKVT1GS-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Tue, 31 Oct 2023 11:07:27 GMT
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
96e7c5c3e9b518bf5dd5c3a950f8c7b6e90d9df5adbb3c92c32808516e6be50c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
x-cache-status
HIT
x-region
ewr
content-length
3284
fly-request-id
01HE30ARGA3MS5Y8BFRTERQ237-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Sat, 04 Nov 2023 20:57:52 GMT
resize
ephemera.mirus.io/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
8076f9015c3206c45e6b126361bcd20de5d0e5b7adf44f39f6e7341655009109
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
x-cache-status
HIT
x-region
ewr
content-length
9958
fly-request-id
01HE30ARGAQ0EAGT9H621NVG5T-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Sat, 04 Nov 2023 19:36:12 GMT
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
4827435fcfd42c683b7d01464eb8ec5608b2b94395959757246bdf2a56d2dd56
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
x-cache-status
HIT
x-region
ewr
content-length
2872
fly-request-id
01HE30ARGADW64GQNT9TK3B739-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 13:56:15 GMT
alpineFileInput.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineFileInput.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineFileInput.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduAF_aUSQ_haaV1JR39O8sg1UVHq58gbn20eJvEUqqK-u-elDsX40mA7sQol0z154xtJXNbTWLS5w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1413
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGA0Y327XBA4JM0QKXY-fra
etag
"e44e870405bb74d4741978373876eff2"
vary
Accept-Encoding
x-goog-generation
1695416699026215
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ZGxCsg==, md5=5E6HBAW7dNR0GXg3OHbv8g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
1413
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
alpine.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpine.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpine.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduWPJuRcN8hC5U8MXwN2aV9rFJaeXZ5T8-2hK_-pcvY1Vp6AXHSRJGSX2AWjpUBR03_5d7ipPCj9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20482
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGGFM07Y3SCSF2ETX6S-fra
etag
"68d73e7579e8b2c31844444b7c13d8fe"
vary
Accept-Encoding
x-goog-generation
1695416699032312
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=BxpYzg==, md5=aNc+dXnossMYRERLfBPY/g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20482
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
lazysizes.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/lazysizes.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/lazysizes.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdvRvs-xbA5rEf6av_KwfVfgC7yDe9LO1Pc5JXmjzJSFYZgGIPQ0e5IDEB8BrBZixL-TQ7Fk15pRjQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3710
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGHK250ZANBN9PMENTY-fra
etag
"66e2c475889355007106289d66656548"
vary
Accept-Encoding
x-goog-generation
1695416699030750
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=T/5Iog==, md5=ZuLEdYiTVQBxBiidZmVlSA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
3710
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
scrollToElement.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		567 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/scrollToElement.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
6439b22d4c25113ac778a742af6f8b4b3977776b6b41cac05094566513e0589f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/scrollToElement.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduO-lyHsi_P1t8A9m44ByQWniBMhvrlVVS-WLXdIwXjOctYMqVxFxQrMiFl_s4_hGQ0kw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
last-modified
Wed, 18 Oct 2023 15:25:19 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGH3HESYMNZ2FZX0SZ1-fra
etag
"c70a1c53c93d0cc0e3d2f08b8ac52e4d"
vary
Accept-Encoding
x-goog-generation
1697642718992090
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=FHIsDA==, md5=xwocU8k9DMDj0vCLisUuTQ==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
286
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:35:38 GMT
utils.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/utils.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/utils.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdtAyCEFsWdXmLToXDle3HDZXG5tf-BqE_XsLELIAuzdHoLBCQq1sNMY5eS7VR7TYdhoLl4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1395
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGH9HZXT2QTJ9R6H070-fra
etag
"36f4471b4160e6d89ee77ba9c0213adc"
vary
Accept-Encoding
x-goog-generation
1695416699035641
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=924yCQ==, md5=NvRHG0Fg5tie53upwCE63A==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
1395
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
svgIcon.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		122 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/svgIcon.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
age
0
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/svgIcon.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdtLkuxpF2kIu4vNjY0kPTYhN4yi_7ry0jKu55XzhfeL1z7-W-gSfqPzClKwJ5NwW_ZETNHk3Fl27A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
last-modified
Wed, 18 Oct 2023 15:25:19 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGJ65F6281AYHGMRAFH-fra
etag
"57bac84f80e6a823cd39957f03af5a68"
vary
Accept-Encoding
x-goog-generation
1697474050685894
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=u5pJlA==, md5=V7rIT4DmqCPNOZV/A69aaA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
135
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:35:38 GMT
alpineContactForm.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineContactForm.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
699d5a77e7eeaf46b32e1238e02e4d6cded67a6d743b631fa2f549b7c2183e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineContactForm.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduNS9gleacqp25ASe3xy3gmpb7ehWAoA8TuIBm79_YJaPERxVDGYKP9qkP7CGVzT4XTJ-6nI4-gSQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39564
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARGHHC78SMEPGP29HD8G-fra
etag
"6b29739ef83c76db8d54d7a3379cffa6"
vary
Accept-Encoding
x-goog-generation
1695416699030166
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=vQ1u7A==, md5=aylznvg8dtuNVNejN5z/pg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
39564
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 38F1 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.139.113 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-139-113.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcscanary-prod-irl1-1-v066-0e00029ba.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
xaAR96PjRuU=
content-encoding
gzip
date
Tue, 31 Oct 2023 13:56:21 GMT
last-modified
Thu, 26 Oct 2023 09:21:31 GMT
vary
accept-encoding
id
smetrics.statefarm.com/ 		48 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=09144542022709766090392419866473299682&ts=1698760581650
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.108 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-108.data.adobedc.net
Software
jag /
Resource Hash
7b4216a114c3fa7046b9a9ff988ea564a82a2195b3fb7db0f2d12480e38d2373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friscoed.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://friscoed.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZUEHhQAAAGzJwgOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=05349327966833381731057952294975288638
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUEHhQAAAGzJwgOJ
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUEHhQAAAGzJwgOJ
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
HTTP/1.1
Server
34.255.171.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v053-0da6b0dfe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
T1BDybRyTXY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUEHhQAAAGzJwgOJ
Date
Tue, 31 Oct 2023 13:56:21 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Medium.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
2 fly.io
age
212
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Medium.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdvjaLeGAlMn8uTD2ncK4vJXb7XifmQ7-GMq7wABj6Wiu2JTJYEHWhY-5WgEtcbLMK4BSOY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32960
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE30ARKFST2M9DT38V5B99RQ-fra
etag
"5c321170479a815ab790c771bcc8f1d3"
x-goog-generation
1694794012063448
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32960
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
s24270160133049
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s24270160133049?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=31%2F9%2F2023%2014%3A56%3A21%202%20-60&d.&nsid=0&jsonv=1&.d&D=..&mid=09144542022709766090392419866473299682&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000&g=https%3A%2F%2Ffriscoed.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=friscoed.com&events=event31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Ahome%3Aed-forster&c4=sf%3Aagent-micro-m%3Aqzzw31ys000&v6=friscoed.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Ffriscoed.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=tuesday%7C8%3A30am&v50=10%2F31%2F2023&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F118.0.5993.117%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.108 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-108.data.adobedc.net
Software
jag /
Resource Hash
aa3d502c832fce9b7e1275b1f7fd0b21fd20c5f39535bc7aa94cf4f92121a65a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-aam-tid
Lb1KmstjRQ0=
date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
1098
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v053-06ec0c431.edge-irl1.demdex.com 8 ms
pragma
no-cache
last-modified
Wed, 01 Nov 2023 13:56:21 GMT
server
jag
etag
3648060570919436288-4617876017664531854
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Mon, 30 Oct 2023 13:56:21 GMT
resize
ephemera.mirus.io/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
17410
fly-request-id
01HE30ARQSP21ZFGS0Q2WQ90FS-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Wed, 01 Nov 2023 18:43:26 GMT
resize
ephemera.mirus.io/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
671bac6edcc329a5fa3b484ccde4be4b28426250f45d0b0f28ffd96d6e911431
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
x-cache-status
HIT
x-region
ewr
content-length
5024
fly-request-id
01HE30ARQSJEKN4JMWR3QFVAMP-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Sat, 04 Nov 2023 13:27:08 GMT
365868.gif
idsync.rlcdn.com/ Frame 38F1 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=05349327966833381731057952294975288638
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
e.gif
nexus.ensighten.com/error/ 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27querySelectorAll%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F54c629785cafd7b5f5af83b21c2501bf.js%3FconditionId0%3D423109%3A311%3A284)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=3956884&did=710940&errorName=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:7c00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:41:06 GMT
via
1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
server
CloudFront
age
29715
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
B5n5vqIqnQ0r6E3pvCix1bMMXDKtAvComaMXfa-UDlzgCV4_zTc73w==
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,keen-sdk
Access-Control-Request-Method
POST
Origin
https://friscoed.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods
POST
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 		80 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
c321a453b26c25b2395ecf4e0b9d892867c665d34e1b99cfcc68d3c7da58b6e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://friscoed.com/
keen-sdk
javascript-5.0.1
accept-language
de-DE,de;q=0.9
Authorization
WK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
80
ibs:dpid=771&dpuuid=CAESED67irp-mTCOQZgf_XtzGNY&google_cver=1
dpm.demdex.net/ Frame 38F1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDUzNDkzMjc5NjY4MzMzODE3MzEwNTc5NTIyOTQ5NzUyODg2Mzg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDUzNDkzMjc5NjY4MzMzODE3MzEwNTc5NTIyOTQ5NzUyODg2Mzg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED67irp-mTCOQZgf_XtzGNY&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED67irp-mTCOQZgf_XtzGNY&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.255.171.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v053-05bd6d36e.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Sp9NGITjS/w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:22 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESED67irp-mTCOQZgf_XtzGNY&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
resize
ephemera.mirus.io/img/ 		0
0
resize
ephemera.mirus.io/img/ 		0
0
resize
ephemera.mirus.io/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
251ade8a418767faf7cbb22c12c33c1238da26b5feeacace7ad7e9eeac4bada6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
x-cache-status
HIT
x-region
ewr
content-length
5400
fly-request-id
01HE30ARWVRWYMNERNGYQ46XCP-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Thu, 02 Nov 2023 17:51:27 GMT
resize
ephemera.mirus.io/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
2e27872a7e512d8daa917d35a6c6c48ebc91392a1dbe3d56a25569550bc4653d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
x-cache-status
HIT
x-region
ewr
content-length
19196
fly-request-id
01HE30ARWWVKE9MJ4VQP2C1BX8-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 19:44:16 GMT
resize
ephemera.mirus.io/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
af03e77d62fbc792d45f6385ceb338f45e61065af9d0eb98c6992a5c3681dede
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
x-cache-status
HIT
x-region
ewr
content-length
19358
fly-request-id
01HE30ARWWY42E2GTYEF0A4VJ5-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 07:08:55 GMT
generic
match.adsrvr.org/track/cmf/ Frame 38F1 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=friscoed.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:22 GMT
server
Kestrel
content-length
70
content-type
image/gif
ibs:dpid=30646
dpm.demdex.net/ Frame 38F1
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=05349327966833381731057952294975288638&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=05349327966833381731057952294975288638&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-fAYhsQ5E2pFnCKSIXLf3BDVcFC76zHvBOmY-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-fAYhsQ5E2pFnCKSIXLf3BDVcFC76zHvBOmY-~A
Protocol
HTTP/1.1
Server
34.255.171.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-171-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-078c32db7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qW+CqLQJQfI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-fAYhsQ5E2pFnCKSIXLf3BDVcFC76zHvBOmY-~A
date
Tue, 31 Oct 2023 13:56:22 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame 38F1
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=05349327966833381731057952294975288638
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=05349327966833381731057952294975288638
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=05349327966833381731057952294975288638
Protocol
H2
Server
63.33.100.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-100-143.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Tue, 31 Oct 2023 13:56:22 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1698760582
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=05349327966833381731057952294975288638
date
Tue, 31 Oct 2023 13:56:22 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
resize
ephemera.mirus.io/img/ 		0
0
resize
ephemera.mirus.io/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
3b4635c37f0e2939e822653ec24d7e43948d361119519acad9f4926b4a441dc0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
x-cache-status
HIT
x-region
ewr
content-length
14606
fly-request-id
01HE30ASTG3P28822JH5M1AWNT-fra
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 15:34:23 GMT
gtm.js
www.googletagmanager.com/ 		460 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1a51e199a5afbac75a97742d3133ad1d9090d59705a9ece0abbc527cea52cd88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95315
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 31 Oct 2023 13:56:23 GMT
activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=1...
11264551.fls.doubleclick.net/ Frame A4AE
Redirect Chain
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gc...
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzz...
513 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f3b3b106d18feb7f5542c65db964051f9164d047a8b4321422b154328ce549ec
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
301
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 13:56:23 GMT
expires
Tue, 31 Oct 2023 13:56:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 31 Oct 2023 13:56:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/?random=1698760583733&cv=11&fst=1698760583733&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v849799669&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&auid=846632747.1698760584&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ba4e6fce7b32ccdd7150afb61f7a4eed61c82d5d259c0dddc42d36575909dce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		199 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 13:56:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53588
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
r76wpXsuJp1+8TXH8uJT98rT107aZzgoE3nsM9p16WzJUvW75I6sIPnycfRCBsSAvtixK+PjS+sTBPi4pLjpUw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl
7200
content-encoding
br
x-cdn
akamai
etag
"66ed613455bccaf1999994a009075941"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
content-length
1792
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 08:00:38 GMT
Content-Encoding
gzip
Via
1.1 86b463b2b2449ea5ba66d271a3c29922.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
21346
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
PvOoCdAskqcDUFC0DU2GLfawH2v-35otL-rbAR0SUAe184cQXVZEkg==
1673276772914128
connect.facebook.net/signals/config/ 		157 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1673276772914128?v=2.9.135&r=stable&domain=friscoed.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b5abe44e272d2f935ee53b709eee2bd909bc94329be64a2b41a22648c5f4baf8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 31 Oct 2023 13:56:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Muq2wUnMIsJf+HpDX04njtfABH+vkq/lpGA2LTEcfxUYaZBcBAOUTqDEmauQ9Y+GCwmTLIBX1/06hOYCUXQAaA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.aa348ee1.js
s.pinimg.com/ct/lib/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.aa348ee1.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89b::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

akamai-x-true-ttl
1209600
content-encoding
br
x-cdn
akamai
etag
"b57dfbe384f7bce1a8478d2898254ba1"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=1209600
accept-ranges
bytes
content-length
18916
up
insight.adsrvr.org/track/ Frame 9A06 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Ffriscoed.com%2F&upid=t8xbszz&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 31 Oct 2023 13:56:23 GMT
server
Kestrel
up
insight.adsrvr.org/track/ Frame 3F10 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Ffriscoed.com%2F&upid=9nilek2&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Tue, 31 Oct 2023 13:56:23 GMT
server
Kestrel
/
ct.pinterest.com/user/ 		303 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1698760583804&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.aa348ee1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 13:56:23 GMT
content-encoding
gzip
x-cdn
fastly
x-envoy-upstream-service-time
3
x-pinterest-rid
1173076299743531
content-length
172
pin-unauth
dWlkPU0yRXpOVFV6WkdFdFlqUmpZUzAwWXpFM0xUbGpPVEV0Tm1ObE9XTXlZVEprTVdVeQ
pragma
no-cache
referrer-policy
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffriscoed.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22aa348ee1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698760583805
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:23 GMT
referrer-policy
origin
x-cdn
fastly
content-type
image/gif
access-control-allow-origin
*
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
x-pinterest-rid
2548227559319854
content-length
35
expires
Sat, 01 Jan 2000 00:00:00 GMT
ct.html
ct.pinterest.com/ Frame 9883 		565 B
404 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.aa348ee1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Tue, 31 Oct 2023 13:56:23 GMT
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
referrer-policy
origin
x-cdn
fastly
x-envoy-upstream-service-time
0
x-pinterest-rid
3649966249184053
/
www.google.com/pagead/1p-user-list/11220053904/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11220053904/?random=1698760583733&cv=11&fst=1698757200000&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v849799669&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&fmt=3&is_vtc=1&random=390503669&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11220053904/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11220053904/?random=1698760583733&cv=11&fst=1698757200000&bg=ffffff&guid=ON&async=1&gtm=45He3ap0v849799669&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&fmt=3&is_vtc=1&random=390503669&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;ua...
adservice.google.com/ddm/fls/z/ Frame A4AE 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F
Requested by
Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=CP6ypqm4oIIDFRoJogMdRioLyg;src=11264551;type=micro0;cat=micro006;ord=9263012197728;auiddc=846632747.1698760584;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3ap0v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11264551.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 31 Oct 2023 13:56:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1936962093151750
connect.facebook.net/signals/config/ 		0
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Ffriscoed.com&rl=&if=false&ts=1698760585636&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=28&fbp=fb.1.1698760585631.211279842&pm=1&hrl=65c085&ler=empty&it=1698760583785&coo=false&cs_cc=1&cas=1214633611919409%2C5230493466989894&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 31 Oct 2023 13:56:25 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ephemera.mirus.io
URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
Domain
ephemera.mirus.io
URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Domain
ephemera.mirus.io
URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1936962093151750?v=2.9.135&r=stable&domain=friscoed.com

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer object| dl function| initSubmenu object| FB object| __buffer object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| visitor function| setImmediate function| clearImmediate object| peachyClient function| initQuoteForm function| errorLogging string| sName string| h string| p string| t function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq boolean| _frstRun undefined| _scTempPrevURL object| _scHtml object| _langButtons number| _i string| s_account function| DIL number| s_objectID number| s_giq object| s string| s_urlPathEmber boolean| s_emberIndicator boolean| screenChange string| s_testsplitpath string| str string| newstr string| _scLang function| intentEvent string| v function| initFacebookFeed function| initFileInput function| initM2TabControl function| initContactForm string| k string| s_campaignSet undefined| prop31 object| s_i_sfglobalprod object| Alpine object| lazySizes function| scrollToElement object| __mirus_utilities function| svgIcon object| GTMdataLayer function| daGTMAdd object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| fbq function| _fbq function| pintrk function| ttd_dom_ready function| TTDUniversalPixelApi

27 Cookies

Domain/Path Name / Value
friscoed.com/ Name: __cheesecrd_version
Value: master
.friscoed.com/ Name: s_gad
Value: 1
.demdex.net/ Name: demdex
Value: 05349327966833381731057952294975288638
.friscoed.com/ Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 1
.statefarm.com/ Name: s_ecid
Value: MCMID%7C09144542022709766090392419866473299682
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUEHhQAAAGzJwgOJ
.friscoed.com/ Name: s_pre_pn
Value: sf%3Aus%3Aagent-micro-m%3AQZZW31YS000
.friscoed.com/ Name: s_pre_v6
Value: friscoed.com
.friscoed.com/ Name: s_dl
Value: 1
.friscoed.com/ Name: s_cm
Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.friscoed.com/ Name: s_ev32
Value: %5B%5B%27direct%2520load%27%2C%271698760581808%27%5D%5D
.friscoed.com/ Name: s_session
Value: s_prev_url%3Dhttps%3A%2F%2Ffriscoed.com%2F%7CentryProperty%3Dhttps%3A%2F%2Ffriscoed.com%2F%7Cs_prev_channel%3Dundefined%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DQZZW31YS000%7Cs_prev_pageName%3Dundefined%7Cmc%3Ddirect%20load%7C
.friscoed.com/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 05349327966833381731057952294975288638
.friscoed.com/ Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 690614123%7CMCIDTS%7C19662%7CMCMID%7C09144542022709766090392419866473299682%7CMCAAMLH-1699365381%7C6%7CMCAAMB-1699365381%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1698767781s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19669%7CvVersion%7C3.1.0
.friscoed.com/ Name: AAMC_statefarmmutualautomobileinsurancecompany_0
Value: REGION%7C6
.friscoed.com/ Name: aam_uuid
Value: 05349327966833381731057952294975288638
friscoed.com/ Name: keen
Value: {%22uuid%22:%22ca903831-c9a2-46d1-abc1-5f27884327f0%22%2C%22initialReferrer%22:null}
.doubleclick.net/ Name: IDE
Value: AHWqTUlJKZv34OR7lNDNyup_xyGulHkFU27wEV8bi7C2w8ywg8Fe2ePz0yuz9G3CdFI
.yahoo.com/ Name: A3
Value: d=AQABBIYHQWUCEKNh67M8in-dzQQH-Ltk2tIFEgEBAQFZQmVKZeAKyiMA_eMAAA&S=AQAAAmoz7-aEbV1CkeQtARaYMZY
.analytics.yahoo.com/ Name: IDSYNC
Value: 19cu~2esd
.demdex.net/ Name: dextp
Value: 60-1-1698760581903|771-1-1698760582004|903-1-1698760582105|30646-1-1698760582207|66757-1-1698760582309
.krxd.net/ Name: _kuid_
Value: P41JodFA
.friscoed.com/ Name: _gcl_au
Value: 1.1.846632747.1698760584
.pinterest.com/ Name: ar_debug
Value: 1
.friscoed.com/ Name: _pin_unauth
Value: dWlkPU0yRXpOVFV6WkdFdFlqUmpZUzAwWXpFM0xUbGpPVEV0Tm1ObE9XTXlZVEprTVdVeQ
.friscoed.com/ Name: _fbp
Value: fb.1.1698760585631.211279842

3 Console Messages

Source Level URL
Text
network error URL: https://deel-id-persistence.deel.c1.statefarm/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=05349327966833381731057952294975288638
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://friscoed.com/
Message:
The resource https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
friscoed.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
connect.facebook.net
ephemera.mirus.io
104.198.70.133
108.138.15.119
142.250.185.162
142.250.186.38
151.101.128.84
18.66.112.124
2600:9000:206f:7c00:2:8f43:5780:93a1
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a02:26f0:3500:89b::1931
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a09:8280:1::42:4195
3.33.220.150
3.75.62.37
34.255.171.99
34.69.219.172
35.244.174.68
52.86.191.86
54.228.139.113
63.140.62.108
63.33.100.143
63.34.189.164
004780e9fe55a1f6ba742bdd8abfd766b235a363abb9fc8f5aded8a1130ffa68
0bdf06dc091381410fbe8009f54f0226e5c255436a143f8ea11dfd32dbd0db47
0e6c7e23937ade1b4b85bf25491b98e857afb071651fd7d9db8aab444a8f0506
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
1a51e199a5afbac75a97742d3133ad1d9090d59705a9ece0abbc527cea52cd88
251ade8a418767faf7cbb22c12c33c1238da26b5feeacace7ad7e9eeac4bada6
2e27872a7e512d8daa917d35a6c6c48ebc91392a1dbe3d56a25569550bc4653d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73
3b4635c37f0e2939e822653ec24d7e43948d361119519acad9f4926b4a441dc0
3ba4e6fce7b32ccdd7150afb61f7a4eed61c82d5d259c0dddc42d36575909dce
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4827435fcfd42c683b7d01464eb8ec5608b2b94395959757246bdf2a56d2dd56
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
512b4ce70e98f602fdd8dfba328c4d253fa93ee904eaf6aff4e032f94776a425
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598
6439b22d4c25113ac778a742af6f8b4b3977776b6b41cac05094566513e0589f
671bac6edcc329a5fa3b484ccde4be4b28426250f45d0b0f28ffd96d6e911431
699d5a77e7eeaf46b32e1238e02e4d6cded67a6d743b631fa2f549b7c2183e40
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159
7b4216a114c3fa7046b9a9ff988ea564a82a2195b3fb7db0f2d12480e38d2373
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8022739735e996c35d233705d2b58085d95f13c9ddcd7f29a93c3cbaa53cfe34
8076f9015c3206c45e6b126361bcd20de5d0e5b7adf44f39f6e7341655009109
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96e7c5c3e9b518bf5dd5c3a950f8c7b6e90d9df5adbb3c92c32808516e6be50c
a8698232be142af1bf06f60a79b984cba651c1ff6776bb6e8ea8d6f3716bb17d
aa3d502c832fce9b7e1275b1f7fd0b21fd20c5f39535bc7aa94cf4f92121a65a
af03e77d62fbc792d45f6385ceb338f45e61065af9d0eb98c6992a5c3681dede
b5abe44e272d2f935ee53b709eee2bd909bc94329be64a2b41a22648c5f4baf8
b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bb541189b278878aefae5de6dbde862c635b6075eddee851b3b14d45e61e0cd4
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c321a453b26c25b2395ecf4e0b9d892867c665d34e1b99cfcc68d3c7da58b6e3
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e1265c63c26a2819976f9314c5a47d11f81d7ed83f4cbe51ff1cafe28abc9e02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48
ee13515c645105dc080804da7d84bc4075b3d61673999d770153266d5a3b3c91
ee3ff0c7a460959a89057e7343c7e004ef49f7cf1a6ed8c32cfbc2b3a2a07b07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3b3b106d18feb7f5542c65db964051f9164d047a8b4321422b154328ce549ec
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e