urlscan.io logo urlscan.io
SecurityTrails logo

friscoed.com Open in urlscan Pro
34.69.219.172  Public Scan

Go To Rescan Add Verdict Report
URL: https://friscoed.com/
Submission Tags: phishingrod
Submission: On November 01 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 19 domains to perform 67 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is friscoed.com.
TLS certificate: Issued by R3 on October 31st 2023. Valid for: 3 months.
This is the only time friscoed.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 34.69.219.172 396982 (GOOGLE-CL...)
26 2a09:8280:1::... 40509 (FLY)
7 2600:9000:206... 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 5 54.76.136.163 16509 (AMAZON-02)
1 18.66.112.124 16509 (AMAZON-02)
1 54.229.208.26 16509 (AMAZON-02)
2 63.140.62.135 16509 (AMAZON-02)
1 1 3.248.147.241 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2 142.250.185.226 15169 (GOOGLE)
2 104.198.70.133 15169 (GOOGLE)
3 15.197.193.217 16509 (AMAZON-02)
2 2 3.71.149.231 16509 (AMAZON-02)
1 1 52.86.191.86 14618 (AMAZON-AES)
1 52.31.202.102 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 142.250.186.70 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:8e::84 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 104.75.88.209 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f17... ()
67 23
1    34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
friscoed.com
26    2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)
ephemera.mirus.io
7    2600:9000:206f:fe00:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
4    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    54.76.136.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.66.112.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-124.fra56.r.cloudfront.net
deel-id-persistence.deel.c1.statefarm
1    54.229.208.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-208-26.eu-west-1.compute.amazonaws.com
statefarmmutualautomobileinsurancecompany.demdex.net
2    63.140.62.135 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-135.data.adobedc.net
smetrics.statefarm.com
1    3.248.147.241 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-147-241.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net
2    104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com
peachy.prod.mirus.io
3    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
1    52.86.191.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-191-86.compute-1.amazonaws.com
usermatch.krxd.net
1    52.31.202.102 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
11264551.fls.doubleclick.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a04:4e42:8e::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f176:84:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
Apex Domain
Subdomains		 Transfer
28 mirus.io
ephemera.mirus.io — Cisco Umbrella Rank: 279854
peachy.prod.mirus.io — Cisco Umbrella Rank: 314815
384 KB
7 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3744
74 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 10918
8 KB
5 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
11264551.fls.doubleclick.net — Cisco Umbrella Rank: 93407
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
4 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
js.adsrvr.org — Cisco Umbrella Rank: 1610
insight.adsrvr.org — Cisco Umbrella Rank: 584
3 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
180 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 849
2 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 105
856 B
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 847
21 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1979
beacon.krxd.net — Cisco Umbrella Rank: 758
529 B
2 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
611 B
2 statefarm.com
smetrics.statefarm.com — Cisco Umbrella Rank: 29231
2 KB
1 facebook.com
www.facebook.com
185 B
1 google.de
www.google.de — Cisco Umbrella Rank: 6862
455 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
94 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
98 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1275
517 B
1 c1.statefarm
deel-id-persistence.deel.c1.statefarm — Cisco Umbrella Rank: 79381
1 KB
1 friscoed.com
friscoed.com
146 KB
67 19
Domain Requested by
26 ephemera.mirus.io friscoed.com
7 nexus.ensighten.com friscoed.com
nexus.ensighten.com
5 dpm.demdex.net 1 redirects friscoed.com
4 connect.facebook.net friscoed.com
connect.facebook.net
3 ct.pinterest.com s.pinimg.com
2 insight.adsrvr.org js.adsrvr.org
2 s.pinimg.com friscoed.com
s.pinimg.com
2 11264551.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 peachy.prod.mirus.io friscoed.com
2 cm.g.doubleclick.net 2 redirects
2 smetrics.statefarm.com nexus.ensighten.com
friscoed.com
1 www.facebook.com
1 adservice.google.com 11264551.fls.doubleclick.net
1 www.google.de
1 www.google.com
1 js.adsrvr.org www.googletagmanager.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com nexus.ensighten.com
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 match.adsrvr.org
1 idsync.rlcdn.com friscoed.com
1 cm.everesttech.net 1 redirects
1 statefarmmutualautomobileinsurancecompany.demdex.net nexus.ensighten.com
1 deel-id-persistence.deel.c1.statefarm nexus.ensighten.com
1 friscoed.com
67 28
Subject Issuer Validity Valid
friscoed.com
R3		 2023-10-31 -
2024-01-29		 3 months crt.sh
ephemera.mirus.io
R3		 2023-09-25 -
2023-12-24		 3 months crt.sh
nexus.ensighten.com
Amazon RSA 2048 M02		 2023-09-29 -
2024-10-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-10 -
2023-11-08		 3 months crt.sh
deel-id-persistence.deel.c1.statefarm
Amazon RSA 2048 M02		 2023-08-01 -
2024-08-29		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
smetrics.statefarm.com
Entrust Certification Authority - L1K		 2023-01-20 -
2024-02-19		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
peachy.prod.mirus.io
R3		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.pinterest.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-31 -
2024-08-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://friscoed.com/
Frame ID: 448AD4396919346B22E6657BB235B564
Requests: 55 HTTP requests in this frame

Frame: https://deel-id-persistence.deel.c1.statefarm/
Frame ID: 6CDC1A4D6C76CED717E45C6B669F3054
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: F19F89FB9A3DC58CDF37C5D85EA078C6
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F
Frame ID: 37396BF3D78C6B36672B30C959A2B112
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Ffriscoed.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: F8E877B9CA3750F8CC14AE8006CB538E
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Ffriscoed.com%2F&upid=9nilek2&upv=1.1.0
Frame ID: 34714667D32998C323D5E68CB608D510
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 0BA8A06FBF623FFDA408F671D4D60B4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ed Forster – Frisco, TX State Farm® Agent

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

67
Requests

91 %
HTTPS

38 %
IPv6

19
Domains

28
Subdomains

23
IPs

3
Countries

917 kB
Transfer

2581 kB
Size

27
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551
Request Chain 32
  • https://cm.everesttech.net/cm/dd?d_uuid=71864588945861710161691536141640438947 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUG_RAAAAIbMCwO-
Request Chain 38
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzE4NjQ1ODg5NDU4NjE3MTAxNjE2OTE1MzYxNDE2NDA0Mzg5NDc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzE4NjQ1ODg5NDU4NjE3MTAxNjE2OTE1MzYxNDE2NDA0Mzg5NDc=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHIXivqeOojWPTOQnJT0L7Y&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 46
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=71864588945861710161691536141640438947&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=71864588945861710161691536141640438947&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ABOFkVBE2pH2.UYJQ1U2SxaladUnUCBfAQA-~A
Request Chain 47
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=71864588945861710161691536141640438947 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=71864588945861710161691536141640438947
Request Chain 50
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F HTTP 302
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
friscoed.com/ 		626 KB
146 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.219.69.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ee3ff0c7a460959a89057e7343c7e004ef49f7cf1a6ed8c32cfbc2b3a2a07b07

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, max-age=30
content-encoding
gzip
content-type
text/html
date
Wed, 01 Nov 2023 02:56:04 GMT
etag
"7ebf481c20fd5ad4af99d6e21f4f6ab5"
expires
Wed, 01 Nov 2023 02:56:34 GMT
last-modified
Tue, 31 Oct 2023 13:35:26 GMT
server
UploadServer
vary
Accept-Encoding
x-cheesecrd-backend
mx-gcs
x-cheesecrd-lookup
master:friscoed.com/
x-cheesecrd-path
/
x-goog-generation
1698759326336790
x-goog-hash
crc32c=yGjAZQ== md5=fr9IHCD9WtSvmdbiH09qtQ==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
148262
x-guploader-uploadid
ABPtcPqiajEHFvfgFdPBcEN_qOjoTS2tkfWGKGDVSMOxdH9-kyCYU6o38ahQ51TiO4KNFbt-psVhDdgwUw
resize
ephemera.mirus.io/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
17410
fly-request-id
01HE4CYEY542GG4RNPVC25J547-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Sun, 29 Oct 2023 20:09:43 GMT
Bootstrap.js
nexus.ensighten.com/statefarm/mirus/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
558a4cb58fca5ff87e63196e14a18b3895ded0809b273f56621f250c1a0b93e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 20:12:02 GMT
x-amz-version-id
bGwc3SeotA4HTPdBgugJN.WMG2zz4j8p
content-encoding
br
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
24243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 31 Oct 2023 20:11:36 GMT
server
CloudFront
etag
W/"3b7e71dc71f23c6c58f157a6e79d0842"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
7FxXnLyN3xG8ard8baknbRgaIBQbGFuTBVAwSkHr1nm7E0dYzg0f-g==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
664482183004c3215870671726f114df09afd995fd601154f721fb2ba99d59c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 02:56:04 GMT
content-md5
ZufVVM0BsmuDn1yqXTSJfQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
x-fb-debug
/98EcEEtVDGHJ6msjVUSiMHrLAS/lv6/RmQ1yp4UT8B4+JRXBIkMSGU2Vsl6T37P9kUvyqOcl1E/K478hBRR3w==
x-fb-content-md5
50e25ed027548f00195fa9b937cd18da
cross-origin-opener-policy
same-origin-allow-popups
etag
"e93c021925208b7d9aadc11af54a4e80"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 01 Nov 2023 03:15:50 GMT
resize
ephemera.mirus.io/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
e1265c63c26a2819976f9314c5a47d11f81d7ed83f4cbe51ff1cafe28abc9e02
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=600&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
5838
fly-request-id
01HE4CYEY533236WZE0Q24CCM8-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Sun, 29 Oct 2023 20:09:43 GMT
resize
ephemera.mirus.io/img/ 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
a8698232be142af1bf06f60a79b984cba651c1ff6776bb6e8ea8d6f3716bb17d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=50&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
x-cache-status
HIT
x-region
ewr
content-length
878
fly-request-id
01HE4CYEY57A3DD1A0D5FHTP3D-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Fri, 03 Nov 2023 18:07:45 GMT
MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-SemiBold.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-SemiBold.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdsmU2v0xy0oXM7m82rRT1dlEekMRrYXuM2Crwp5d1jna0HK8D0uTXWO92z_RprgYG2RiqpLzm_J9b-N4oHAhjVICezuHIzn
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32208
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYEYS056F316SH0MDCGXK-ams
etag
"1d27c68fab3bc57c0eb1b742cb355160"
x-goog-generation
1694794012520792
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32208
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:24 GMT
MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Regular.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Regular.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtHXMnSCO8Y8vccaolDsHNO_fwu5ljmQPzUz0cZD4kn6tGjrcxiNEI6NFIDMWATZoIfq7w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31948
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYEYS8JZSVHKH52Z2XDNN-ams
etag
"45568a98b8085b944e9b8c47a2947646"
x-goog-generation
1694794012452758
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
31948
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:24 GMT
MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Bold.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Bold.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdvBNnKqRnAwnFG_7x216N8CcVZrdzc51JQ4GOW1XZNFNykrX_lqDcChAfZpHqacZeNR45U
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31812
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYEYSRGCZ27WB1W6FFE2H-ams
etag
"7cc9632b9df119aed25a6812b1c59569"
x-goog-generation
1694794012232162
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
31812
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:53:48 GMT
MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Medium.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
age
24
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleSans-Medium.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtJhAcaCOFLrR8dRVI1lmPFlx8vjfqw3lfQBKFoY8LPq7RDCd7Ik2FvnKU983g34ee-6B1oTKEZFcCt5wbp2lTVYSrc2inN
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32200
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYEYSBKRYT3DZF4CN59E7-ams
etag
"771eb8d7b83cc251776e102fb8ae2972"
x-goog-generation
1694794012415593
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32200
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
HTTP/1.1
Server
54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3a8f38fb775bae78f4c20c0242391da91fc754e2060f472d4d18c2fc417286b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-0b2cf23e5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
gMtMMZ9BTdE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://friscoed.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
639
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v053-0eba41301.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3oV/y510SbY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://friscoed.com
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1698807364551
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/statefarm/mirus/ 		498 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Tue%20Oct%2031%2020:11:34%20GMT%202023&ClientID=603&PageID=https%3A%2F%2Ffriscoed.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
004adc5c193c0ec959aabe82135f90e1aa6ac6bfe0c8c4ec9dd2bc692b2ba499

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
content-length
498
x-amz-cf-id
eJxt0HO-Hw3BQHp-7lJQw5YCmLxFWLoxsB53jcRFM57S6sC0vQRtSg==
expires
Wed, 01 Nov 2023 02:56:03 GMT
sdk.js
connect.facebook.net/en_US/ 		302 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=89830b76e33817e67ea8614b0155ddcf
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7cd9f287a9c06b2bf9d622063831035b19457ce70b021eb13ce8d9d01da1539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 01 Nov 2023 02:56:04 GMT
content-md5
kvuPJH4L+3LGy2DzDaVQxQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88330
reporting-endpoints
x-fb-debug
XKk8C/2cPbgyBHqSrhg33dCg/CDjZtD/fnJwGwn6xRHztBnsQJ0aEAk5FMJ3qAXBeGdcUnwa9XiL8E737juZyg==
x-fb-content-md5
dd32dca4235e112b4d3ed185f5690446
cross-origin-opener-policy
same-origin-allow-popups
etag
"9598f5b994507437b2088e2594a4d97d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Thu, 31 Oct 2024 00:49:08 GMT
truncated
/ 		191 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Regular.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Regular.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdtjAVvvHYumgayh4PvBmUyQnQ2SDXs_xp-eReBfuttyohKr27L3MF6Pe3wVZ9UnYH6sN5PDl_lrPg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32844
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF0P25GVNYYPFNZD9QR5-ams
etag
"523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-generation
1694794012125378
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32844
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:52:08 GMT
54c629785cafd7b5f5af83b21c2501bf.js
nexus.ensighten.com/statefarm/mirus/code/ 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 27 Oct 2023 18:44:37 GMT
x-amz-version-id
FDeOzAHXgTyj2jXJB8lMNF0hrh1q1oFk
content-encoding
br
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
age
375088
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 27 Oct 2023 18:44:32 GMT
server
CloudFront
etag
W/"04204da7fbd370a1130c3efa7af88796"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
sxxWp4gn39KAd9Ui1R5NpmENQrcPwIMcF0ivbK878mQy0gga0FrRPQ==
329fbdab9636170eedfc1422b36a9201.js
nexus.ensighten.com/statefarm/mirus/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/329fbdab9636170eedfc1422b36a9201.js?conditionId0=1539709
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 18:40:46 GMT
x-amz-version-id
OuUtqcbhtGGaOSf08MnJmyHMdVrlO6kx
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
age
3399319
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Sep 2023 18:39:58 GMT
server
CloudFront
etag
W/"8a23a755163613af04888609d47b4180"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
t-ZH03PGm2oqUbhcFyf6Q-_GleYp_7nvw4HbRRZWiacnlQNzhnT9sg==
490ca4ccefe20cf502ab771ba0b689e4.js
nexus.ensighten.com/statefarm/mirus/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/490ca4ccefe20cf502ab771ba0b689e4.js?conditionId0=567025
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 22 Sep 2023 18:40:46 GMT
x-amz-version-id
GXEkxy20k_QHgRk9R9sJLzPLYY9n6IMi
content-encoding
gzip
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
age
3399319
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 22 Sep 2023 18:39:58 GMT
server
CloudFront
etag
W/"513d0d3858eefa5cd26ba48fe9d67289"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
Nj06YPJww7KPIR56uIzju5DDXPk8TK744dkq1SqJgWJl3E0i-8Z3Sg==
/
deel-id-persistence.deel.c1.statefarm/ Frame 6CDC 		986 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://deel-id-persistence.deel.c1.statefarm/
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/code/54c629785cafd7b5f5af83b21c2501bf.js?conditionId0=423109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-124.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
d431276d9c97e572a24727e916af2a762295b975526fcc8e33f3c59e970b56c1

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
986
content-type
text/html
date
Wed, 01 Nov 2023 02:56:04 GMT
server
CloudFront
via
1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-id
P1qn4eKu527CfhXMv3BRZj2TJ6-c8DEfIxAZ_uF_tt6ig3yLYK3ChQ==
x-amz-cf-pop
FRA56-P5
x-cache
Error from cloudfront
e.gif
nexus.ensighten.com/error/ 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20undefined%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F54c629785cafd7b5f5af83b21c2501bf.js%3FconditionId0%3D423109%3A23%3A433)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=SC%3A%20Microsites%20Prod&cid=603&client=statefarm&publishPath=mirus&rid=3956230&did=486748&errorName=
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:41:06 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server
CloudFront
age
76498
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
WW15zTXsbPc68DsdEnHvra1q3hSXPnp048OuVTxz7Sbtb8jT5MkWag==
resize
ephemera.mirus.io/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
0bdf06dc091381410fbe8009f54f0226e5c255436a143f8ea11dfd32dbd0db47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
x-cache-status
HIT
x-region
ewr
content-length
1432
fly-request-id
01HE4CYF4566EMP0ENVZXX747M-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Tue, 31 Oct 2023 11:07:27 GMT
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
96e7c5c3e9b518bf5dd5c3a950f8c7b6e90d9df5adbb3c92c32808516e6be50c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
x-cache-status
HIT
x-region
ewr
content-length
3284
fly-request-id
01HE4CYF450RJ0B3Z9M06YS35Y-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Sat, 04 Nov 2023 20:57:52 GMT
resize
ephemera.mirus.io/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
8076f9015c3206c45e6b126361bcd20de5d0e5b7adf44f39f6e7341655009109
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
x-cache-status
HIT
x-region
ewr
content-length
9958
fly-request-id
01HE4CYF45EJ5R8NC98CEVFHE6-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Sat, 04 Nov 2023 19:36:12 GMT
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
4827435fcfd42c683b7d01464eb8ec5608b2b94395959757246bdf2a56d2dd56
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=100&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
x-cache-status
HIT
x-region
ewr
content-length
2872
fly-request-id
01HE4CYF45AY83E81X2XV4N2CM-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Wed, 01 Nov 2023 10:29:18 GMT
alpineFileInput.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineFileInput.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
age
1
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineFileInput.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdt7pCwMwMUrYv4JZYaGRImZgKgQCTA9AvKUhMXbdF4FA7u1oC4uX20RLyJEEtuK1VMCCwUALCLXKw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1413
last-modified
Wed, 18 Oct 2023 15:25:18 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF46K0E0A7Y14QB00NHR-ams
etag
"e44e870405bb74d4741978373876eff2"
vary
Accept-Encoding
x-goog-generation
1697642718974225
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ZGxCsg==, md5=5E6HBAW7dNR0GXg3OHbv8g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
1413
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:35:38 GMT
alpine.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpine.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpine.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduWPJuRcN8hC5U8MXwN2aV9rFJaeXZ5T8-2hK_-pcvY1Vp6AXHSRJGSX2AWjpUBR03_5d7ipPCj9g
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20482
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4M6F26QSAWEGPBPPR8-ams
etag
"68d73e7579e8b2c31844444b7c13d8fe"
vary
Accept-Encoding
x-goog-generation
1695416699032312
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=BxpYzg==, md5=aNc+dXnossMYRERLfBPY/g==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
20482
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
lazysizes.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/lazysizes.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/lazysizes.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdsVa2lngTlb9JjGaI64UEMkMNaXA6eN-BK2EARnQd3bPVt9cM81aTEYdRVXVc_19Mk9nT0UFeBdGEcJ5qscnPtrRQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3710
last-modified
Fri, 15 Sep 2023 16:06:53 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4MQCY463NA9QAV51A3-ams
etag
"66e2c475889355007106289d66656548"
vary
Accept-Encoding
x-goog-generation
1694794013722129
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=T/5Iog==, md5=ZuLEdYiTVQBxBiidZmVlSA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
3710
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:52:09 GMT
scrollToElement.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		567 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/scrollToElement.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
6439b22d4c25113ac778a742af6f8b4b3977776b6b41cac05094566513e0589f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/scrollToElement.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduz2TyZQoUkkdTqSPDyA0pEQxY4F9I2xmDa70MVal091G1pLTbOsiuce7nhHPv-NuoxHAffacUl9w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
last-modified
Tue, 03 Oct 2023 20:13:15 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4MBJ9VSJ4PC5DAFVGG-ams
etag
"c70a1c53c93d0cc0e3d2f08b8ac52e4d"
vary
Accept-Encoding
x-goog-generation
1696363995349425
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=FHIsDA==, md5=xwocU8k9DMDj0vCLisUuTQ==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
286
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Fri, 04 Oct 2024 16:50:03 GMT
utils.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/utils.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/utils.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdtAyCEFsWdXmLToXDle3HDZXG5tf-BqE_XsLELIAuzdHoLBCQq1sNMY5eS7VR7TYdhoLl4
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1395
last-modified
Fri, 22 Sep 2023 21:04:59 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4M5SG11PFD75591C3R-ams
etag
"36f4471b4160e6d89ee77ba9c0213adc"
vary
Accept-Encoding
x-goog-generation
1695416699035641
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=924yCQ==, md5=NvRHG0Fg5tie53upwCE63A==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
1395
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Tue, 24 Sep 2024 16:50:01 GMT
svgIcon.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		122 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/svgIcon.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
age
0
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/svgIcon.js
x-cache-status
HIT
x-guploader-uploadid
ADPycdtLkuxpF2kIu4vNjY0kPTYhN4yi_7ry0jKu55XzhfeL1z7-W-gSfqPzClKwJ5NwW_ZETNHk3Fl27A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
135
last-modified
Wed, 18 Oct 2023 15:25:19 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4MTH0BET5JHEZBTPD7-ams
etag
"57bac84f80e6a823cd39957f03af5a68"
vary
Accept-Encoding
x-goog-generation
1697474050685894
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=u5pJlA==, md5=V7rIT4DmqCPNOZV/A69aaA==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
135
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Thu, 17 Oct 2024 19:35:38 GMT
alpineContactForm.js
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/ 		111 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineContactForm.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
699d5a77e7eeaf46b32e1238e02e4d6cded67a6d743b631fa2f549b7c2183e40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
content-encoding
gzip
via
2 fly.io
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/js/alpineContactForm.js
x-cache-status
HIT
x-guploader-uploadid
ADPycduRf37jSem1yI7K76OnbrfoV-VWj2xLKFAO8oTPJlTjNDh-9lTfV6nzEWOdii6I9yvg0uDjETfICQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39564
last-modified
Tue, 03 Oct 2023 20:13:15 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF4MMGA0JCBW04G0CD12-ams
etag
"6b29739ef83c76db8d54d7a3379cffa6"
vary
Accept-Encoding
x-goog-generation
1696363995338905
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=vQ1u7A==, md5=aylznvg8dtuNVNejN5z/pg==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
39564
x-instance
3287444ec4d918
accept-ranges
bytes
expires
Fri, 04 Oct 2024 16:52:10 GMT
dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame F19F 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.208.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-229-208-26.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v053-03bc4317c.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
1ffmhBZ/Ryk=
content-encoding
gzip
date
Wed, 1 Nov 2023 02:56:04 GMT
last-modified
Thu, 26 Oct 2023 11:20:23 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.statefarm.com/ 		48 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=75232142571819840842064116353937923967&ts=1698807364774
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
4f889890040d0090b6937630be03ad6b0cfa5019f76a95d293af856397d8bd27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friscoed.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://friscoed.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=ZUG_RAAAAIbMCwO-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=71864588945861710161691536141640438947
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUG_RAAAAIbMCwO-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUG_RAAAAIbMCwO-
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
HTTP/1.1
Server
54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-05d957516.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
q/3EO/BRQrI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZUG_RAAAAIbMCwO-
Date
Wed, 01 Nov 2023 02:56:04 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Medium.woff2
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

Referer
https://friscoed.com/
Origin
https://friscoed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:04 GMT
via
2 fly.io
age
212
x-cache-key
https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/c298258e1a4386c583858714bfecb762eaab87cd/fonts/sf/MecherleLegal-Medium.woff2
x-cache-status
HIT
x-guploader-uploadid
ADPycdvjaLeGAlMn8uTD2ncK4vJXb7XifmQ7-GMq7wABj6Wiu2JTJYEHWhY-5WgEtcbLMK4BSOY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
x-region
ewr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32960
last-modified
Fri, 15 Sep 2023 16:06:52 GMT
server
Fly/7328d5b5 (2023-10-27)
fly-request-id
01HE4CYF813SFPP6EP7F1Z2BT2-ams
etag
"5c321170479a815ab790c771bcc8f1d3"
x-goog-generation
1694794012063448
content-type
font/woff2
access-control-allow-origin
*
x-goog-hash
crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
cache-control
public,max-age=31536000,immutable
x-goog-stored-content-length
32960
x-instance
9080eee0c27998
accept-ranges
bytes
expires
Sat, 14 Sep 2024 16:50:00 GMT
s69126502062167
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s69126502062167?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=1%2F10%2F2023%203%3A56%3A5%203%20-60&d.&nsid=0&jsonv=1&.d&D=..&mid=75232142571819840842064116353937923967&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000&g=https%3A%2F%2Ffriscoed.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=friscoed.com&events=event31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Ahome%3Aed-forster&c4=sf%3Aagent-micro-m%3Aqzzw31ys000&v6=friscoed.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Ffriscoed.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=tuesday%7C9%3A30pm&v50=10%2F31%2F2023&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F118.0.5993.117%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
fd5b2609df3aa800b4f3db3cb08a3ff45936bade2f367d1d261c539cbfbe6f67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-aam-tid
yRfU2XeYSpY=
date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy"
content-length
1098
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v053-0621cfb10.edge-irl1.demdex.com 5 ms
pragma
no-cache
last-modified
Thu, 02 Nov 2023 02:56:05 GMT
server
jag
etag
3648161039576268800-4617964817160965789
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 31 Oct 2023 02:56:05 GMT
365868.gif
idsync.rlcdn.com/ Frame F19F 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=71864588945861710161691536141640438947
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
resize
ephemera.mirus.io/img/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1920&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png
x-cache-status
HIT
x-region
ewr
content-length
17410
fly-request-id
01HE4CYFHF08XE2TKKYCX9QHB4-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Wed, 01 Nov 2023 18:43:26 GMT
resize
ephemera.mirus.io/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
671bac6edcc329a5fa3b484ccde4be4b28426250f45d0b0f28ffd96d6e911431
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FQ%2FQZZW31YS000%2FformalColorFull.jpg
x-cache-status
HIT
x-region
ewr
content-length
5024
fly-request-id
01HE4CYFHF5EQ6H5014M5Y02GW-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Sat, 04 Nov 2023 13:27:08 GMT
ibs:dpid=771&dpuuid=CAESEHIXivqeOojWPTOQnJT0L7Y&google_cver=1
dpm.demdex.net/ Frame F19F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzE4NjQ1ODg5NDU4NjE3MTAxNjE2OTE1MzYxNDE2NDA0Mzg5NDc=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzE4NjQ1ODg5NDU4NjE3MTAxNjE2OTE1MzYxNDE2NDA0Mzg5NDc=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHIXivqeOojWPTOQnJT0L7Y&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHIXivqeOojWPTOQnJT0L7Y&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
HTTP/1.1
Server
54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-0f055f6d4.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GCBy/S9+S2E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHIXivqeOojWPTOQnJT0L7Y&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.gif
nexus.ensighten.com/error/ 		0
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27querySelectorAll%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F54c629785cafd7b5f5af83b21c2501bf.js%3FconditionId0%3D423109%3A311%3A284)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=3956884&did=710940&errorName=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:206f:fe00:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 05:41:06 GMT
via
1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
server
CloudFront
age
76499
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront
cache-control
no-cache, no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
1ltXO1Im152UHNofoPOnbmi7XLC06jkyZlY0ZMsxKVTj6hOuiYoimQ==
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 		80 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
569b94089de9bd27ad33f1c5af5d5cbe4326d00ebd184728549ccc4bb0564a26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://friscoed.com/
keen-sdk
javascript-5.0.1
accept-language
de-DE,de;q=0.9
Authorization
WK
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
content-length
80
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,keen-sdk
Access-Control-Request-Method
POST
Origin
https://friscoed.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods
POST
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame F19F 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=friscoed.com&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
server
Kestrel
content-length
70
content-type
image/gif
resize
ephemera.mirus.io/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
251ade8a418767faf7cbb22c12c33c1238da26b5feeacace7ad7e9eeac4bada6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=1000&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-sidebar-md-265412ce5c8fea92318e70b243e6af1c.png
x-cache-status
HIT
x-region
ewr
content-length
5400
fly-request-id
01HE4CYFPJV20SQ7KAQ961ZY55-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Thu, 02 Nov 2023 17:51:27 GMT
resize
ephemera.mirus.io/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
2e27872a7e512d8daa917d35a6c6c48ebc91392a1dbe3d56a25569550bc4653d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fcommon-rental-and-landlord-scams.jpg
x-cache-status
HIT
x-region
ewr
content-length
19196
fly-request-id
01HE4CYFPKA5FKZZ8F4NP1SVPP-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 19:44:16 GMT
resize
ephemera.mirus.io/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
af03e77d62fbc792d45f6385ceb338f45e61065af9d0eb98c6992a5c3681dede
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fthe-real-consequences-of-drunk-driving-wide.jpg
x-cache-status
HIT
x-region
ewr
content-length
19358
fly-request-id
01HE4CYFPKJ7PXXNFP589J2XSY-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
9080eee0c27998
expires
Wed, 01 Nov 2023 07:15:09 GMT
ibs:dpid=30646
dpm.demdex.net/ Frame F19F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=71864588945861710161691536141640438947&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=71864588945861710161691536141640438947&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ABOFkVBE2pH2.UYJQ1U2SxaladUnUCBfAQA-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ABOFkVBE2pH2.UYJQ1U2SxaladUnUCBfAQA-~A
Protocol
HTTP/1.1
Server
54.76.136.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-136-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-0e3f7714d.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
k7S6BZanQT0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ABOFkVBE2pH2.UYJQ1U2SxaladUnUCBfAQA-~A
date
Wed, 01 Nov 2023 02:56:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame F19F
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=71864588945861710161691536141640438947
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=71864588945861710161691536141640438947
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=71864588945861710161691536141640438947
Protocol
H2
Server
52.31.202.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-202-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

x-served-by
beacon-n007-dub-prod.krxd.net
date
Wed, 01 Nov 2023 02:56:05 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1698807365
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=71864588945861710161691536141640438947
date
Wed, 01 Nov 2023 02:56:05 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a018-ash-prod.krxd.net
resize
ephemera.mirus.io/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/7328d5b5 (2023-10-27) /
Resource Hash
3b4635c37f0e2939e822653ec24d7e43948d361119519acad9f4926b4a441dc0
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:06 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
2 fly.io
x-cache-key
https://imaginary.prod.mirus.io/resize?width=500&type=auto&url=https%3A%2F%2Fwww.statefarm.com%2Fcontent%2Fdam%2Fsf-library%2Fen-us%2Fsecure%2Flegacy%2Fsimple-insights%2Fadvantages-of-eating-organic.jpg
x-cache-status
HIT
x-region
ewr
content-length
14606
fly-request-id
01HE4CYGMP6RP1ZZKHT6Z843R6-ams
server
Fly/7328d5b5 (2023-10-27)
vary
Accept
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-ratelimit-reset
1
x-ratelimit-limit
101
x-instance
3287444ec4d918
expires
Wed, 01 Nov 2023 15:34:23 GMT
gtm.js
www.googletagmanager.com/ 		461 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ab499337c719bec0caf3722749cd47251a34225b499d6411007673362314fca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95708
x-xss-protection
0
last-modified
Wed, 01 Nov 2023 00:23:37 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 01 Nov 2023 02:56:06 GMT
activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=1...
11264551.fls.doubleclick.net/ Frame 3739
Redirect Chain
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gc...
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzz...
512 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
25127952789d0e5424b993083aed79211adb33bc03aa831f3cb3827eb73dd78b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
300
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 02:56:07 GMT
expires
Wed, 01 Nov 2023 02:56:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 01 Nov 2023 02:56:07 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/?random=1698807366919&cv=11&fst=1698807366919&bg=ffffff&guid=ON&async=1&gtm=45He3au1v849799669&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&hn=www.googleadservices.com&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&auid=1245423858.1698807367&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29c6b1b4f452e401569678bdd470078df23d55105777400424ed8cb96bdc5bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Nov 2023 02:56:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
metwAOVPwCILWyW6abUCUGoH2419z1hDRrtcE6Gh+i7VQxEJhq/DkGz1kgbxUUt75EgMo/OTEIKPItZ0HSB1lA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: friscoed.com
URL: https://friscoed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:07 GMT
content-encoding
br
x-cdn
fastly
etag
"66ed613455bccaf1999994a009075941"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600
content-length
1792
up_loader.1.1.0.js
js.adsrvr.org/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Tue, 31 Oct 2023 08:00:38 GMT
Content-Encoding
gzip
Via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Aug 2023 20:10:44 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
68130
x-amz-server-side-encryption
AES256
ETag
W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
blvrOYzIYUEX-nF8KYDKfd54bOCg9sPSkI9EX88NKLjYFm1KEHZPFg==
1673276772914128
connect.facebook.net/signals/config/ 		158 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1673276772914128?v=2.9.138&r=stable&domain=friscoed.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
032c7a5045188d511ab1e9112436b55e8b9b20e2e61cd049c35bfd31bd7afb2b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 01 Nov 2023 02:56:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
7W3Eji26KPIYg7e2aKcK1K6vlMuKJSzy0uhW+UYXx4L01Ll0H2Dj+GcjXPTrg+2pAF3r4OQa3TG5ZXNuK7MpGA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.aa348ee1.js
s.pinimg.com/ct/lib/ 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.aa348ee1.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:8e::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:07 GMT
content-encoding
br
x-cdn
fastly
etag
"b57dfbe384f7bce1a8478d2898254ba1"
x-amz-server-side-encryption
AES256
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600
content-length
18916
up
insight.adsrvr.org/track/ Frame F8E8 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Ffriscoed.com%2F&upid=t8xbszz&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Wed, 01 Nov 2023 02:56:07 GMT
server
Kestrel
up
insight.adsrvr.org/track/ Frame 3471 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Ffriscoed.com%2F&upid=9nilek2&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
content-type
text/html
date
Wed, 01 Nov 2023 02:56:07 GMT
server
Kestrel
/
www.google.com/pagead/1p-user-list/11220053904/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11220053904/?random=1698807366919&cv=11&fst=1698804000000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v849799669&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&fmt=3&is_vtc=1&random=1418156696&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11220053904/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11220053904/?random=1698807366919&cv=11&fst=1698804000000&bg=ffffff&guid=ON&async=1&gtm=45He3au1v849799669&u_w=1600&u_h=1200&url=https%3A%2F%2Ffriscoed.com%2F&frm=0&tiba=Ed%20Forster%20%E2%80%93%20Frisco%2C%20TX%20State%20Farm%C2%AE%20Agent&fmt=3&is_vtc=1&random=1418156696&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:07 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/user/ 		303 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1698807367162&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.aa348ee1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 01 Nov 2023 02:56:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.8c6656b8.1698807367.28d67e77
x-envoy-upstream-service-time
4
content-length
172
x-pinterest-rid
1057609779466600
pin-unauth
dWlkPVpHSXdZalU1WlRFdE1UQTBOQzAwTkdWaUxUazRZbU10WldNd05XUmxaV0ZpTWpJMw
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://friscoed.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Ffriscoed.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22aa348ee1%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1698807367164
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:07 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.8c6656b8.1698807367.28d67e79
content-type
image/gif
access-control-allow-origin
*
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
content-length
35
x-pinterest-rid
7594112110526859
expires
Sat, 01 Jan 2000 00:00:00 GMT
dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uam...
adservice.google.com/ddm/fls/z/ Frame 3739 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=*;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F
Requested by
Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=CIqVo83moYIDFcmW_Qcdx6wJQA;src=11264551;type=micro0;cat=micro006;ord=174253283294;auiddc=1245423858.1698807367;u9=sf%3Aus%3Aagent-micro-m%3Aqzzw31ys000;gtm=45He3au1v849799669;gcd=11l1l1l1l1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Ffriscoed.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11264551.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 01 Nov 2023 02:56:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ct.html
ct.pinterest.com/ Frame 0BA8 		565 B
625 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.aa348ee1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-209.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://friscoed.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.8c6656b8.1698807367.28d67eb1
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 01 Nov 2023 02:56:07 GMT
pinterest-version
d5e81ee886163611a3e8f7face49fee6e4fb67ca
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
1
x-pinterest-rid
1419279289206648
1936962093151750
connect.facebook.net/signals/config/ 		0
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1673276772914128&ev=PageView&dl=https%3A%2F%2Ffriscoed.com&rl=&if=false&ts=1698807369025&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1698807369023.1327767372&pm=1&hrl=65c085&ler=empty&it=1698807366987&coo=false&cs_cc=1&cas=1214633611919409%2C5230493466989894&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://friscoed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 01 Nov 2023 02:56:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect.facebook.net
URL
https://connect.facebook.net/signals/config/1936962093151750?v=2.9.138&r=stable&domain=friscoed.com

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture object| dataLayer object| dl function| initSubmenu object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| visitor object| FB function| setImmediate function| clearImmediate object| peachyClient function| initQuoteForm object| __buffer function| errorLogging string| sName string| h string| p string| t function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq boolean| _frstRun undefined| _scTempPrevURL object| _scHtml object| _langButtons number| _i string| s_account function| DIL number| s_objectID number| s_giq object| s string| s_urlPathEmber boolean| s_emberIndicator boolean| screenChange string| s_testsplitpath string| str string| newstr string| _scLang function| intentEvent string| v function| initFacebookFeed function| initFileInput function| initM2TabControl function| initContactForm string| k string| s_campaignSet undefined| prop31 object| s_i_sfglobalprod object| Alpine object| lazySizes function| scrollToElement object| __mirus_utilities function| svgIcon object| GTMdataLayer function| daGTMAdd object| google_tag_manager object| google_tag_data object| GooglebQhCsO function| fbq function| _fbq function| pintrk function| ttd_dom_ready function| TTDUniversalPixelApi

27 Cookies

Domain/Path Name / Value
friscoed.com/ Name: __cheesecrd_version
Value: master
.friscoed.com/ Name: s_gad
Value: 1
.demdex.net/ Name: demdex
Value: 71864588945861710161691536141640438947
.friscoed.com/ Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 1
.statefarm.com/ Name: s_ecid
Value: MCMID%7C75232142571819840842064116353937923967
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZUG_RAAAAIbMCwO-
.dpm.demdex.net/ Name: dpm
Value: 71864588945861710161691536141640438947
.friscoed.com/ Name: s_pre_pn
Value: sf%3Aus%3Aagent-micro-m%3AQZZW31YS000
.friscoed.com/ Name: s_pre_v6
Value: friscoed.com
.friscoed.com/ Name: s_dl
Value: 1
.friscoed.com/ Name: s_cm
Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.friscoed.com/ Name: s_ev32
Value: %5B%5B%27direct%2520load%27%2C%271698807365025%27%5D%5D
.friscoed.com/ Name: s_session
Value: s_prev_url%3Dhttps%3A%2F%2Ffriscoed.com%2F%7CentryProperty%3Dhttps%3A%2F%2Ffriscoed.com%2F%7Cs_prev_channel%3Dundefined%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DQZZW31YS000%7Cs_prev_pageName%3Dundefined%7Cmc%3Ddirect%20load%7C
.friscoed.com/ Name: s_cc
Value: true
.friscoed.com/ Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 690614123%7CMCIDTS%7C19663%7CMCMID%7C75232142571819840842064116353937923967%7CMCAAMLH-1699412164%7C6%7CMCAAMB-1699412164%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1698814564s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19670%7CvVersion%7C3.1.0
.friscoed.com/ Name: AAMC_statefarmmutualautomobileinsurancecompany_0
Value: REGION%7C6
.friscoed.com/ Name: aam_uuid
Value: 71864588945861710161691536141640438947
.doubleclick.net/ Name: IDE
Value: AHWqTUlxXjhigavEMD21KOClY2qpCjsGmcOPXEPZI6Tzrd2ho2Jb4eDhldviVKWC_uw
friscoed.com/ Name: keen
Value: {%22uuid%22:%22b87e88bc-499e-49fa-bf99-db08bbd4d9b0%22%2C%22initialReferrer%22:null}
.yahoo.com/ Name: A3
Value: d=AQABBEW-QWUCEIw3zmIejBx_5Z10BGjbaO8FEgEBAQEPQ2VLZeAPyiMA_eMAAA&S=AQAAAuwbgdfmNMbA0ZvjgwfvxTs
.analytics.yahoo.com/ Name: IDSYNC
Value: 19cu~2esq
.demdex.net/ Name: dextp
Value: 60-1-1698807365034|771-1-1698807365170|903-1-1698807365287|30646-1-1698807365388|66757-1-1698807365489
.krxd.net/ Name: _kuid_
Value: P45geyxu
.friscoed.com/ Name: _gcl_au
Value: 1.1.1245423858.1698807367
.pinterest.com/ Name: ar_debug
Value: 1
.friscoed.com/ Name: _pin_unauth
Value: dWlkPVpHSXdZalU1WlRFdE1UQTBOQzAwTkdWaUxUazRZbU10WldNd05XUmxaV0ZpTWpJMw
.friscoed.com/ Name: _fbp
Value: fb.1.1698807369023.1327767372

3 Console Messages

Source Level URL
Text
network error URL: https://deel-id-persistence.deel.c1.statefarm/
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=71864588945861710161691536141640438947
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://friscoed.com/
Message:
The resource https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Ffr%2Ffriscoed.com%2Ffriscoed.com-header-16d5fc72a7ae4a832b97318b992da601.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
friscoed.com
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
ups.analytics.yahoo.com
usermatch.krxd.net
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
connect.facebook.net
104.198.70.133
104.75.88.209
108.138.15.119
142.250.185.226
142.250.186.70
15.197.193.217
18.66.112.124
2600:9000:206f:fe00:2:8f43:5780:93a1
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:829::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2004
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:8e::84
2a09:8280:1::42:4195
3.248.147.241
3.71.149.231
34.69.219.172
35.244.174.68
52.31.202.102
52.86.191.86
54.229.208.26
54.76.136.163
63.140.62.135
004adc5c193c0ec959aabe82135f90e1aa6ac6bfe0c8c4ec9dd2bc692b2ba499
032c7a5045188d511ab1e9112436b55e8b9b20e2e61cd049c35bfd31bd7afb2b
0bdf06dc091381410fbe8009f54f0226e5c255436a143f8ea11dfd32dbd0db47
25127952789d0e5424b993083aed79211adb33bc03aa831f3cb3827eb73dd78b
251ade8a418767faf7cbb22c12c33c1238da26b5feeacace7ad7e9eeac4bada6
29c6b1b4f452e401569678bdd470078df23d55105777400424ed8cb96bdc5bc8
2e27872a7e512d8daa917d35a6c6c48ebc91392a1dbe3d56a25569550bc4653d
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a8f38fb775bae78f4c20c0242391da91fc754e2060f472d4d18c2fc417286b1
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73
3b4635c37f0e2939e822653ec24d7e43948d361119519acad9f4926b4a441dc0
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4827435fcfd42c683b7d01464eb8ec5608b2b94395959757246bdf2a56d2dd56
4e7140f58b2b89a1c8ffba6df69a1e845f6e8fee48987276a7523b8244191c3e
4f889890040d0090b6937630be03ad6b0cfa5019f76a95d293af856397d8bd27
558a4cb58fca5ff87e63196e14a18b3895ded0809b273f56621f250c1a0b93e2
569b94089de9bd27ad33f1c5af5d5cbe4326d00ebd184728549ccc4bb0564a26
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
61a9c6943dcbc41ec34c3618adce3c5f3df9ffb54093d342d2ad350a68f44598
6439b22d4c25113ac778a742af6f8b4b3977776b6b41cac05094566513e0589f
664482183004c3215870671726f114df09afd995fd601154f721fb2ba99d59c6
671bac6edcc329a5fa3b484ccde4be4b28426250f45d0b0f28ffd96d6e911431
699d5a77e7eeaf46b32e1238e02e4d6cded67a6d743b631fa2f549b7c2183e40
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
7a2ffbc33855476429b6d831e2affa95bad9ac98656631421c899c7100da0159
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8076f9015c3206c45e6b126361bcd20de5d0e5b7adf44f39f6e7341655009109
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
96e7c5c3e9b518bf5dd5c3a950f8c7b6e90d9df5adbb3c92c32808516e6be50c
a7cd9f287a9c06b2bf9d622063831035b19457ce70b021eb13ce8d9d01da1539
a8698232be142af1bf06f60a79b984cba651c1ff6776bb6e8ea8d6f3716bb17d
ab499337c719bec0caf3722749cd47251a34225b499d6411007673362314fca6
af03e77d62fbc792d45f6385ceb338f45e61065af9d0eb98c6992a5c3681dede
b62a5460aded745f58d0ee048ee9422f7aebb4e1e3958dcf5fc14f6395e5ee91
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
d431276d9c97e572a24727e916af2a762295b975526fcc8e33f3c59e970b56c1
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d8296d3864da28f2489a7a074cc040c3d445155a2783bcb1b7cc196e62dd41e3
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
e1265c63c26a2819976f9314c5a47d11f81d7ed83f4cbe51ff1cafe28abc9e02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8cb4f6486e9fd1ee9050b84f67b2b6d907a0496e5146b0a86c7bc6cd3925f48
ee3ff0c7a460959a89057e7343c7e004ef49f7cf1a6ed8c32cfbc2b3a2a07b07
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f85db4d7473834756e86b48aec0c7cbfd8a1d5bcf3957565f6253c9ffaeae19e
fd5b2609df3aa800b4f3db3cb08a3ff45936bade2f367d1d261c539cbfbe6f67