www.jeffhamiltononline.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.jeffhamiltononline.com/
Effective URL:
https://www.jeffhamiltononline.com/
Submission: On November 23 via api (November 23rd 2024, 1:32:15 am UTC) from US — Scanned from CA

Summary HTTP 88 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 18 domains to perform 88 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.jeffhamiltononline.com.
TLS certificate: Issued by R10 on November 22nd 2024. Valid for: 3 months.

This is the only time www.jeffhamiltononline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
29	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
1	44.217.230.59 44.217.230.59	14618 (AMAZON-AES) (AMAZON-AES)
5	57.144.180.128 57.144.180.128	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:280... 2600:9000:2801:7a00:14:17ae:9e00:21	16509 (AMAZON-02) (AMAZON-02)
4	117.18.238.236 117.18.238.236	15133 (EDGECAST) (EDGECAST)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:251... 2600:9000:2511:a200:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	44.215.93.192 44.215.93.192	14618 (AMAZON-AES) (AMAZON-AES)
3	18.164.116.22 18.164.116.22	16509 (AMAZON-02) (AMAZON-02)
2	172.217.165.132 172.217.165.132	15169 (GOOGLE) (GOOGLE)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
1	3.163.245.4 3.163.245.4	16509 (AMAZON-02) (AMAZON-02)
2	3.168.122.84 3.168.122.84	16509 (AMAZON-02) (AMAZON-02)
1	100.25.101.138 100.25.101.138	14618 (AMAZON-AES) (AMAZON-AES)
2	63.140.36.145 63.140.36.145	16509 (AMAZON-02) (AMAZON-02)
1 1	44.198.85.65 44.198.85.65	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.250.80.70 142.250.80.70	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.64.102 142.250.64.102	15169 (GOOGLE) (GOOGLE)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2	34.128.179.202 34.128.179.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
3	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c19::9c	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:7... 2600:1901:0:7628::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.198.70.133 104.198.70.133	() ()
88	28

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

www.jeffhamiltononline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.217.230.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-217-230-59.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 57.144.180.128 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-03-lga3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2801:7a00:14:17ae:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

djwmpmz818tx4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 117.18.238.236 (Phoenix, United States)

ASN15133 (EDGECAST, US)

online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2511:a200:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.215.93.192 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-93-192.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.164.116.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-22.jfk50.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.165.132 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.245.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.168.122.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-122-84.jfk52.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.25.101.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-101-138.compute-1.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-145.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.85.65 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-85-65.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.80.70 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.102 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.128.179.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.179.128.34.bc.googleusercontent.com

sst.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c19::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7628:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (None, )

ASN- ()

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 301133 peachy.prod.mirus.io	526 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 903 tr6.snapchat.com — Cisco Umbrella Rank: 1333	930 B
7	doubleclick.net 1 redirects 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 108991 td.doubleclick.net — Cisco Umbrella Rank: 182 ad.doubleclick.net — Cisco Umbrella Rank: 145 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	4 KB
7	statefarm.com online.statefarm.com — Cisco Umbrella Rank: 81907 smetrics.statefarm.com — Cisco Umbrella Rank: 52632 apps.statefarm.com — Cisco Umbrella Rank: 76160 sst.statefarm.com	6 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	530 KB
5	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4813	75 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	165 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 142	621 B
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 67059	3 KB
3	google.ca www.google.ca — Cisco Umbrella Rank: 11557	190 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7200	40 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	490 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1109	24 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531	6 KB
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 18026	6 KB
1	cloudfront.net djwmpmz818tx4.cloudfront.net	891 B
1	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 96891 deel-id-persistence.deel.c1.statefarm Failed	5 KB
1	jeffhamiltononline.com www.jeffhamiltononline.com	153 KB
88	18

	Domain	Requested by
29	ephemera.mirus.io	www.jeffhamiltononline.com
6	tr.snapchat.com	sc-static.net
6	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com
5	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
5	connect.facebook.net	www.jeffhamiltononline.com connect.facebook.net
3	www.google.ca	www.jeffhamiltononline.com
3	dpm.demdex.net	1 redirects www.jeffhamiltononline.com
2	peachy.prod.mirus.io	www.jeffhamiltononline.com
2	analytics.google.com	www.jeffhamiltononline.com
2	sst.statefarm.com	www.googletagmanager.com
2	td.doubleclick.net	www.googletagmanager.com
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	apps.statefarm.com	static1.st8fm.com
2	smetrics.statefarm.com	nexus.ensighten.com www.jeffhamiltononline.com
2	solutions.invocacdn.com	www.jeffhamiltononline.com solutions.invocacdn.com
2	www.google.com	www.googletagmanager.com www.jeffhamiltononline.com
1	tr6.snapchat.com	sc-static.net
1	stats.g.doubleclick.net	www.jeffhamiltononline.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	ad.doubleclick.net	www.jeffhamiltononline.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	sc-static.net	www.jeffhamiltononline.com
1	js.adsrvr.org	www.googletagmanager.com
1	static1.st8fm.com	invocation.deel.c1.statefarm
1	online.statefarm.com	invocation.deel.c1.statefarm
1	djwmpmz818tx4.cloudfront.net	www.jeffhamiltononline.com
1	invocation.deel.c1.statefarm	www.jeffhamiltononline.com
1	www.jeffhamiltononline.com
0	deel-id-persistence.deel.c1.statefarm Failed	invocation.deel.c1.statefarm nexus.ensighten.com
88	30

This site contains links to these domains. Also see Links.

Domain
apps.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.yelp.com
search.google.com
brokercheck.finra.org
www.google.com
get-id-card.delitess.c1.statefarm
www.statefarm.com
financials.statefarm.com
www.youtube.com
twitter.com
static1.st8fm.com
trupanion.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
jeffhamiltononline.com R10	`2024-11-22` - `2025-02-20`	3 months	crt.sh
ephemera.mirus.io E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
sst.statefarm.com WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.google.ca WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
peachy.prod.mirus.io R11	`2024-10-05` - `2025-01-03`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://www.jeffhamiltononline.com/
Frame ID: ED557B4EA28A8C1457C16A9123A46589
Requests: 79 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 73C11C3C5F9675735C961A0400E72D6E
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.jeffhamiltononline.com
Frame ID: 461A5F9FA6D1BAED3A36FE0F0F25019F
Requests: 1 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F
Frame ID: 1DC7B9AB32AFCB7782719E964E898E94
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F
Frame ID: 8FC9CE8A30E6059CC780CAE3A699F576
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11220053904?random=1732325527643&cv=11&fst=1732325527643&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164041519z8849799669za201zb849799669&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&npa=0&pscdl=noapi&auid=1781410299.1732325527&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: B2069AE92DF427AF561C127B50D33826
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=ca0539fb-b70c-4b96-b76a-01c916e41c3f&u_sclid=bd2e7712-7106-40da-ae8a-0c8e4df57a6b
Frame ID: 872AF67C8DDBC366837A8C99FA136AA3
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=ca0539fb-b70c-4b96-b76a-01c916e41c3f&u_sclid=bd2e7712-7106-40da-ae8a-0c8e4df57a6b
Frame ID: 6A0701C51B810ED56A737DE5BBFF0F70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home, Auto Insurance & More in TX | Jeff Hamilton – State Farm®

Page URL History Show full URLs

http://www.jeffhamiltononline.com/ HTTP 307
https://www.jeffhamiltononline.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

88
Requests

94 %
HTTPS

29 %
IPv6

18
Domains

30
Subdomains

28
IPs

2
Countries

1542 kB
Transfer

4336 kB
Size

34
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/356095217513

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jeff-hamilton-9026b832

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jeffhamiltonstatefarm/

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/zqtHDYacrClKP9lvi-gVGQ

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJ-ViR2u-ERoYRxF-KGcl0MkU

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=30.577052%2C-96.28056&query_place_id=ChIJ-ViR2u-ERoYRxF-KGcl0MkU
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/retrieve-saved-quotes/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/residence/surprising-household-hazards#agentAssociateId=BRP941YS000
Title: Surprising household hazards

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving#agentAssociateId=BRP941YS000
Title: The Real Consequences of Drunk Driving

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/small-business/mobile-credit-card-readers-and-your-small-business#agentAssociateId=BRP941YS000
Title: Are mobile credit card readers a good choice for small businesses?

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=BRP941YS000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=H2djPu3wvzE
Title: Savers Ed :15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ZyzQ6qNqsVc
Title: Holy Mackerel :15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=658DzgpgZ9M
Title: Tough :30

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=iwnh-w4i9jU
Title: No-Brainer :30

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jeff.hamilton.5074644?ref=tn_tnmn
Title: Jeff Hamilton - State Farm Agent Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/jshagency
Title: Jeff Hamilton - State Farm Agent LinkedIn Page

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/jeff-hamilton/32/6b8/902/
Title: Jeff Hamilton - State Farm Agent Twitter Page

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.jeffhamiltononline.com/ HTTP 307
https://www.jeffhamiltononline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104

Request Chain 53

https://cm.everesttech.net/cm/dd?d_uuid=71067724757583333213280976416146013107 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwlwAAAKifuBva

Request Chain 58

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jeffhamiltononline.com/
Redirect Chain

http://www.jeffhamiltononline.com/
https://www.jeffhamiltononline.com/

663 KB
153 KB

353ms
84ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 28ab1b75d1bed53b17015cbfc70fd243f4dd0b595006e2e0defc11cc296532fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Sat, 23 Nov 2024 01:32:06 GMT
etag: "66ef1b913808f8ec3d96adba77bc6660"
expires: Sat, 23 Nov 2024 01:32:36 GMT
last-modified: Fri, 22 Nov 2024 16:08:20 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:jeffhamiltononline.com/
x-cheesecrd-path: /
x-goog-generation: 1732291700257098
x-goog-hash: crc32c=TpFJvw== md5=Zu8bkTgI+Ow9lq26d7xmYA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 155917
x-guploader-uploadid: AFiumC7WORziQeKpw8p7G4s7jXXEcNUqvLbKtzdQJ5oEZSxaLeCOL87HcU4CPubtq3i-eWSzMazZjDTanw

Redirect headers

Location: https://www.jeffhamiltononline.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 26 KB
26 KB 115ms
42ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

af693cb19d143c832ca90a57bf46888527bc3d8b65138a87177f6cbbe5b78a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK03R9AVVK1X1P368JZE-yyz
cache-control: public,max-age=604800
via: 2 fly.io
expires: Thu, 28 Nov 2024 00:30:11 GMT
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 26490
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 12 KB
5 KB 134ms
61ms Script
text/javascript 44.217.230.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.217.230.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-217-230-59.compute-1.amazonaws.com
Software: /
Resource Hash: b42d87f83f435663ec749627fc2ee7aca8412ee37f486572ef8ba98bf80ca6b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: BrSHlFq5oAMEm1w=
x-amzn-trace-id: Root=1-67413096-38e764354dc990284d2dbe69;Parent=75b3cead8cfb38f3;Sampled=0;Lineage=1:bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: 59a44a7e-36b4-43c4-997f-5a37ab4581e9
access-control-allow-origin: *
server-timing: generated;dur=8.28717300016433
content-length: 5051
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 55ms
26ms Script
application/x-javascript 57.144.180.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-lga3.fbcdn.net

Software

Resource Hash

618b759345faaf0bdc21fdf857289b7ca9edd62efea1c6985d5961663b8b4f4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

content-md5: bDDjgVX2EpMKa+uN6UGnAQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "c94c665fb9ac7451f8c052e3e2b02232"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 01:39:25 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 9bc00ba04c11f84d9d49b73e6bb2faa8
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=4463, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: 7duqOrHy+th3Vhcbo6NJ9YimBJMIV/Ph6OjDR72bhDqCYvbfdLZsj511ifJ3ArvuFdUFTgh3+54j6H/NT3w7OA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 9 KB
10 KB 683ms
613ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

272f0ace53f0400f823ff960164bb9bb118aa21b947ff29cb1e6b968e777dafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK037VQJNGH4PG99EX9B-yyz
cache-control: public,max-age=604800
via: 2 fly.io
expires: Thu, 28 Nov 2024 19:51:54 GMT
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 9530
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/ 20 KB
20 KB 1306ms
1237ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

1f8539d89c61cf953dd16255d35a8c4365ea71fe107ecc457ff83ced430c8ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK03AXHZZJKVSF9C2Z7X-yyz
cache-control: max-age=7200
via: 2 fly.io
expires: Sat, 30 Nov 2024 01:32:07 GMT
x-cache-key: 50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg--with-webp
content-length: 20494
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 87ms
38ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32208
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:47 GMT
fly-request-id: 01JDBABK09YR37CXPRBB5N1EXV-yyz
x-guploader-uploadid: AD-8ljtWz9m1vMu0jaGZUY9jMSoi6kbplcrGbePD0uWeNAhynJRByFkfGmuYabSFX4panvlQVdw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375807290665
content-length: 32208
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 2500ms
2452ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
etag: "771eb8d7b83cc251776e102fb8ae2972"
age: 59
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32200
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:45 GMT
fly-request-id: 01JDBABK09RN16X2R9Z53H58W3-yyz
x-guploader-uploadid: AD-8ljt2nm3hiC-09HDTtrTFtCoBsyUIhay22vXhwZU7Ft39JgQhJ7Jwo41r73iLjdmQ5iq0lwM
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375805445415
content-length: 32200
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
31 KB 115ms
67ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31812
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:44 GMT
fly-request-id: 01JDBABK09B6S6EBBQVP2ENNT8-yyz
x-guploader-uploadid: AD-8ljvsxBLUy5QS-FG5LSvcbP0qCcoWfYUhtLRZ2FxPv-xjvE1cZSzETKK9UvNVhi0Wk79L8UQ
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375804528343
content-length: 31812
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 1378ms
1330ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 19:00:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31948
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:46 GMT
fly-request-id: 01JDBABK09QQJMGBFJTSC059HX-yyz
x-guploader-uploadid: AD-8ljvlNvauBuA94qAu4RiNbpNR-9267a25aoYAbL98suc3tbSOML2y0fyLhiiEqnKAS3DAbl3XlfbkWw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375806347729
content-length: 31948
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 254 KB
75 KB 28ms
27ms Script
application/x-javascript 57.144.180.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2792938d3f9eb36f9071177313c3eae9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-lga3.fbcdn.net

Software

Resource Hash

9c792c9644bc15a860c2afcf8241f5df49a0d258a23787bad042382cc8824976

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

content-md5: MhO7aDgurjLrpWC3YJ0Jlg==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "129050310a4236cab1064208c531784a"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 00:45:34 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 889a157537abebfaa3c21634306b03d9
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=26, mss=1232, tbw=8287, tp=14, tpl=0, uplat=0, ullat=-1
x-fb-debug: zfdRlfSWlCZ0H/AkHUizVSRgk9RxYi3C6zB3jr0PCdd+Akno7gbCMrEEWdKQrwldyz1/xatC3wI8RnM1EEW0tA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76581
origin-agent-cluster: ?1

GET
H2 200 jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/ 3 KB
3 KB 1374ms
1373ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

504cbaedd27a2dfc913ef7a4089b75f1fe46a9c5e00c27d9259dfb79186b5e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK1N68TA6XDV1PQK1Q0D-yyz
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Sun, 23 Nov 2025 01:32:06 GMT
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png--with-webp
content-length: 2674
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 98-surprising-household-hazards-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 13 KB
13 KB 40ms
39ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

42c44fa5899fbbd1805d74252f8edd7337aecf6c7bd103e96f1eb110ab7ef9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK1Q57CCRVTY8GS1CEPT-yyz
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 18:38:50 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg--with-webp
content-length: 13044
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 10 KB
10 KB 48ms
47ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK1RPCRWVFHQBC1WB2HG-yyz
cache-control: max-age=14400
via: 2 fly.io
expires: Sat, 23 Nov 2024 03:12:22 GMT
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 9952
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 402-mobile-credit-card-readers-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 13 KB
13 KB 44ms
43ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

1dc3ee4a133e6eb7e9f114ad5aa6ccea174d8eecd33664f3b9f7baee80a5b6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK1RXVRPHN70H96DY1CS-yyz
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 22:54:36 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg--with-webp
content-length: 12960
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 39ms
39ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=1UwfBQ==, md5=RpcJsGzTbfZT935fdxXDYw==
etag: "469709b06cd36df653f77e5f7715c363"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 19:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1421
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK1RZ59ZKNK8T5KG82X4-yyz
x-guploader-uploadid: AD-8ljvytnLhLmH-o3QSOTzZ9INckfZN3OruJY5VqXGYlet1hFJ6B00Miq3gvtdc59Rgah7WB6Er5YgdYA
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837158857
content-length: 1421
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
1 KB 45ms
42ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

890265e01c43d8144a48919076e65e4a3b92ffb43db367eb57ac98bfa940ce7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK20D1PX4PXGPAWZ6EZ7-yyz
cache-control: public, max-age=3600
via: 2 fly.io
expires: Wed, 20 Nov 2024 07:37:55 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg--with-webp
content-length: 1134
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
1 KB 759ms
756ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

07259c4d796190e9815d1c4ee240109b4fa222e1276ec031ba52ca067dca7653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK21H629K0P28PP66WGQ-yyz
cache-control: public, max-age=3600
via: 2 fly.io
expires: Sat, 23 Nov 2024 02:32:06 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg--with-webp
content-length: 1030
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 988 B
1 KB 46ms
43ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

6c557f92427f425b2d87dcbf69bb8e1a9f76b224ebe4b84871f60f0fcbc36488

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK212J53FN1JWT8J3WW2-yyz
cache-control: public, max-age=3600
via: 2 fly.io
expires: Thu, 14 Nov 2024 18:20:48 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg--with-webp
content-length: 988
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 876 B
1 KB 1252ms
1249ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

eb3d4090e3f2ca70f75502e27dcf47b158d96dc796a44a820f726856f418ee9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABK2EQT6TF66WD7VW90A5-yyz
cache-control: public, max-age=3600
via: 2 fly.io
expires: Sat, 23 Nov 2024 02:32:06 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg--with-webp
content-length: 876
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 x-twitter-a5a940648e95efaeb764013c7b72d9e3.svg
djwmpmz818tx4.cloudfront.net/packs/media/images/ 431 B
891 B 94ms
26ms Image
image/svg+xml 2600:9000:2801:7a00:14:17ae:9e00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://djwmpmz818tx4.cloudfront.net/packs/media/images/x-twitter-a5a940648e95efaeb764013c7b72d9e3.svg
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2801:7a00:14:17ae:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3761d4cd0b55c2fa44aea032ad60824334f55210c1c497f66feb141860f16d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-amz-cf-pop: JFK50-P9
cache-control: public,max-age=31536000,immutable
etag: "a5a940648e95efaeb764013c7b72d9e3"
age: 3132793
via: 1.1 d298e3c61b79ba9798cab3920faa7aa0.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 431
x-amz-cf-id: yRlMGvwZk1a1LSsKJCtbt8jKdmRYtEea7b8fAjbjO0aHddVP8MzIgQ==
date: Thu, 17 Oct 2024 19:18:54 GMT
content-type: image/svg+xml
last-modified: Thu, 17 Oct 2024 18:37:20 GMT
x-amz-expiration: expiry-date="Sat, 18 Oct 2025 00:00:00 GMT", rule-id="1 Year Asset Expiration"
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 57 KB
20 KB 57ms
55ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
etag: "325cb81db127575cff63b2c1e7498924"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20468
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2ETZWA03BNCT6JCDE1-yyz
x-guploader-uploadid: AD-8ljutPht_MASOvhMRoTcOZajDzCnHTDSRFYhDk1r1OfxK-VZPSu4KMuKhw0PaluyNfRs9Nhw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836631823
content-length: 20468
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 8 KB
4 KB 54ms
52ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
etag: "2fb010765186417da12346886fba3121"
age: 59
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3734
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2E9C32CJ3MW32FVJY2-yyz
x-guploader-uploadid: AD-8ljvT6WFE26S41iCOUFRa6isKnHNQDfwiybc3uLWlzha1y6gDTG7rC9Hw7rR2WBu329AqRAA
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837598472
content-length: 3734
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 471 B
662 B 53ms
51ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=RSR0kQ==, md5=kngY9s1AJeNla8ZK5oeNGg==
etag: "927818f6cd4025e3656bc64ae6878d1a"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 19:02:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 305
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2EYPJDXS92NKGZ1QT7-yyz
x-guploader-uploadid: AD-8ljuiN9udZD_ZseOBFQcwS8y_XunANcczqEjsgpE0lX2fFlyHbhv80I2n6KiHZdq9ulUMsBQ
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837827886
content-length: 305
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 55ms
53ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 19:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1392
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2E0A36ZFFFZNBH443C-yyz
x-guploader-uploadid: AD-8ljvfb8jdqGNQyx0CY9KUwJfwbOOwa2LlFDb11Bf5xsgz3_UIR-6znjmownbQqSuVXMr3BuE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838270863
content-length: 1392
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 122 B
487 B 55ms
54ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
etag: "9c19d54efaecc0a7511f297f8974b2fd"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 19:00:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 134
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2EKBZXWE1QCS8CDSR9-yyz
x-guploader-uploadid: AD-8lju1TcehnJ8GITLBnUNibOp7jAqfuWHpWCtUxJc6GYKrrjd3y23_6XhFJz5UqfAQ6nA3wnIgMoM0LA
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838054871
content-length: 134
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 101 KB
35 KB 56ms
54ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=6XSSRg==, md5=rubEPjqukPKiONSSF6OOKg==
etag: "aee6c43e3aae90f2a238d49217a38e2a"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 19:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 35228
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JDBABK2EB0729FQC8YE3961F-yyz
x-guploader-uploadid: AD-8ljsoFqXLb9nlF19M0hhVTYFrUxmyNVmoeETh3C1fsW7UM2zIXmCQEHzTTGW7O4BU-H8pcwtePzFMew
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836907792
content-length: 35228
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 354ms
224ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C4B) /

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-request-id: 50807323520356309899424025344422727387, 50807323520356309899424025344422727387
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=nyd"}]}
x-edg-mr: 77:0;77:1;77:5;77:6;77:8;77:12;
access-control-allow-origin: https://www.jeffhamiltononline.com
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=nyd,edgio_country;desc=CA
x-edg-version: 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
content-length: 1233
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: text/html
server: ECAcc (dac/9C4B)
x-frame-options: DENY

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
33 KB 40ms
38ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
etag: "5c321170479a815ab790c771bcc8f1d3"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:40 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32960
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:42 GMT
fly-request-id: 01JDBABK4K5H6ND3XJ9W9BFWRF-yyz
x-guploader-uploadid: AD-8ljuguxTtPKnwKZPLHFJYfueIke9XXYEBDy5w_Op6S4mct7lAfNVfKk9hFmvQDSmznxCyZkU
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375802497420
content-length: 32960
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
32 KB 39ms
39ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 19:00:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32844
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:43 GMT
fly-request-id: 01JDBABK4KCEQ8RYFVACBVTK97-yyz
x-guploader-uploadid: AD-8ljucs5wjJzpxmteoufRFoRu-rYrcyeuMF-2CAwMmyAGd0P-WxxvgOHPwfmzashDN51ByU3Q
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375803539954
content-length: 32844
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 98-surprising-household-hazards-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 22 KB
22 KB 39ms
39ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

f2589dd081eab95f91728f2604b640d194e3531af2685f1228125ad8827ed32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABKCW5QWYZBX3HJBE9MMR-yyz
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 19:42:25 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg--with-webp
content-length: 22182
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:06 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/ 19 KB
19 KB 841ms
841ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABKCW3877172WSFPAHHRD-yyz
cache-control: max-age=14400
via: 2 fly.io
expires: Sat, 23 Nov 2024 01:56:00 GMT
x-cache-key: 500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 19486
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H2 200 sfuid.js Show response
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 21 KB
6 KB 389ms
260ms Script
application/javascript 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C39) /

Resource Hash

06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-request-id: 26812646263876631183075785893155001985, 26812646263876631183075785893155001985
content-encoding: gzip
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=nyd"}]}
x-edg-mr: 77:0;77:1;77:2;77:5;77:6;77:8;77:12;
expires: Sat, 23 Nov 2024 05:32:07 GMT
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=nyd,edgio_country;desc=CA
x-edg-version: 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 20:13:01 GMT
vary: Accept-Encoding
x-frame-options: DENY
cache-control: max-age=14400
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5229
server: ECAcc (dac/9C39)

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 780 KB
139 KB 170ms
102ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

abf06f320d183efe7ab6687d34b786adca9fe5da321326518a8eb6f4880d7c59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 23 Nov 2024 01:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 141491
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
30 KB 108ms
29ms Script
application/javascript 2600:9000:2511:a200:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:a200:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ce5f83e79de0394e472caeba3b86728ad59294fea2c4872bf6d9b99a6b27c274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: JY4FgrfwQmrCDtug1BuOGgr2F3AyB__v
etag: W/"e42032d54d0add435f8d58f4e6aa259f"
age: 711512
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: kCpoNmojJt_S4BVw8MZ_nacTxt552apI6oSB9iw4TPQ4lKgZKGuhBw==
date: Thu, 14 Nov 2024 19:53:36 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 14 Nov 2024 19:34:00 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104

1 KB
1 KB

39ms
38ms

XHR
application/json

44.215.93.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Server

44.215.93.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-93-192.compute-1.amazonaws.com

Software

Resource Hash

f4a7f5d57642ef5244e069c2d73712b83ffdeabd9bf0dd6f89c2aabc5f5f7a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-0d9e525bb.edge-va6.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: uiVUVKhXQhc=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 620
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325527104
dcs: dcscanary-prod-va6-1-v084-07282c734.edge-va6.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: 7J0aJtEnSp4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:32:07 GMT
vary: Origin

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 504 B
836 B 40ms
39ms Script
text/javascript 2600:9000:2511:a200:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Nov%2014%2019:33:57%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fwww.jeffhamiltononline.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:a200:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 297b73abf7c8454d4f3b6302db875aa2ca76c8d6ace68ad4817568b0b38eb303

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 5a588475f9a075d76c33229107634f8e.cloudfront.net (CloudFront)
expires: Sat, 23 Nov 2024 01:32:06 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 504
x-amz-cf-id: q1c8MUTXIfIznh-FqgzfIj5jDsl7WgliAhLV8t2i-JRvnoeDBkwWzQ==
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: text/javascript
x-amz-cf-pop: JFK50-P6
server: CloudFront

GET
H3 200 7407b06afc2819178f249b2d8229c049.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 152 KB
41 KB 29ms
28ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/7407b06afc2819178f249b2d8229c049.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 794f44106d45b2eaa51d036975a3f2d3192926e499cb13ea39bef1d10ad1a308

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: KKEUE24f03BWYH2hvPGtBgtfPx0eQaoq
age: 711512
etag: W/"d30b0cce1c141e63a9acc962b67a2db8"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 2mxr3WeBQKxlrroAlxCMhZ6pqOyMoA3-mltTCkldBcRLqO9Tm3o-Gw==
date: Thu, 14 Nov 2024 19:53:36 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 14 Nov 2024 19:34:00 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 1002ca91edaefbd5ced9a815a45c91fc.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 31ms
30ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/1002ca91edaefbd5ced9a815a45c91fc.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
etag: W/"6c07e85833bf1abb3644f87e2b41de69"
age: 2519769
x-amz-version-id: Q1JhtmtuRTybjaI9CRBbKeiLUsbp5bc9
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: MSMrgky9OHBBOIMi2shJmjzcomFBE2lOskl80pHIHCJXPZY6o6fMLw==
date: Thu, 24 Oct 2024 21:35:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 5e334ea84cabc62ff640733a87d598af.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 31ms
30ms Script
application/javascript 18.164.116.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5e334ea84cabc62ff640733a87d598af.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.164.116.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-22.jfk50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
etag: W/"5418d8c4cd6405b507c0398211fa991d"
age: 2519769
x-amz-version-id: qcgHGgKViDglNuNW2WXQDzl6fS.KMh0O
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 76DzKnDqOE5eedaMtVAJIyq4t_e4DT6KkaoLIIKzXmydQ2ch43bJ_Q==
date: Thu, 24 Oct 2024 21:35:59 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 1721c5705940b20c9d951889ca1932b6.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
server: CloudFront
x-amz-server-side-encryption: AES256

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 45 KB
45 KB 740ms
739ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

5ec6df60102ee7a254e9f4f221d5edd42b8afd35accaf2b128aaa802303bfcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABKNQAK23Q1A7DD4X6EKK-yyz
cache-control: public,max-age=604800
via: 2 fly.io
expires: Fri, 29 Nov 2024 16:50:40 GMT
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 45982
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

POST
H3 200 collect
www.google.com/ccm/ 0
0 266ms
52ms Ping
text/plain 172.217.165.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=75646068.1732325527&auid=1781410299.1732325527&npa=0&gtm=45He4bk0v849799669za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732325527265&tfd=1228&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.165.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s70-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 412 KB
132 KB 65ms
64ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

265948d1519a666e7f4afe5532e4dc6a27a00abbd9226d5a624910ac46e30176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 01:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134986
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 51ms
50ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2efd81b7d4c3b7cd7118b5aa19c71767d813eede4273654a1ebcabfa21008157

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 01:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85015
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 29ms
27ms Script
application/x-javascript 57.144.180.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-lga3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-tms7aZOS' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-tms7aZOS' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1825, tp=5, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: ap61fHm3KDXjOuJnfVML6KwsDVLnPiBoNxzmJiz+TNBCBjJixxMlz0s5snf+bcDgnocTpmwqSyburgrV1AhDtw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 51ms
50ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e18c9673315d7e867d2fd22f1aaa57987630617f121231c9fbe34d7fb4168632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 23 Nov 2024 01:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 84946
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 66ms
66ms Script
application/javascript 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fb6f24e4c70b1c6859ed008c8f0d74c64a4db09c46109ea0cecdeb0669c6185

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 23 Nov 2024 01:32:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94040
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 234ms
26ms Script
application/javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"6e81002d3e79d18a41e8712ae4e87c69"
Age: 52624
Connection: keep-alive
Via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 13oLRgprgw0GMrvkT5CkgxZpdV-LdsRSuBUA9SlopPInHLBLaU08rw==
Date: Fri, 22 Nov 2024 10:55:04 GMT
Content-Type: application/javascript
Last-Modified: Thu, 21 Nov 2024 07:37:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 258ms
52ms Script
application/javascript 3.163.245.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.245.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 bc3e3445494dc5a4f9373d4212505c68.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23798
x-amz-cf-id: pJP26pC2He0qTXdpB9Xo17NwCVRz8TmQBpxDC0Ua8fMRTQmIIw0tag==
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: YUL62-P1
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 110 KB
38 KB 236ms
30ms Script
text/javascript 3.168.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-84.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0347ac59cf1dfd775ba07d6c2a43b4966252684f0ab4326a5ca196ecc265c3df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: 1Kl0nNCU9DO8eQczeaAz_hVUU1jebMRg
etag: W/"6b4f04b76a500ff1cfe28607e91a21e8"
age: 3363
x-cache: Hit from cloudfront
x-amz-cf-id: NASEQ95ZoBxqEmA_rVnVJIg-Em8oufS-fAEKy4ljgvZKlBi7EyV-DQ==
date: Sat, 23 Nov 2024 00:36:05 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 18 Nov 2024 18:11:40 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=3600
via: 1.1 016366850df5bc60b2d7b78769c14606.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 73C1 0
0 126ms
32ms Document
text/html 100.25.101.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

100.25.101.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-101-138.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 23 Nov 2024 01:32:07 GMT
dcs: dcs-prod-va6-1-v068-09ad31546.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:06:56 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: hegmE4daTZ4=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
472 B 334ms
101ms XHR
application/x-javascript 63.140.36.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=76012121010526306132762082477578973295&ts=1732325527303

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.145 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-145.data.adobedc.net

Software

jag /

Resource Hash

633281c6b7f5947ba9e4d37b265e07335d11e8539e39b44ee185d7e06a32e7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.jeffhamiltononline.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Sat, 23 Nov 2024 01:32:07 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z0EwlwAAAKifuBva
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=71067724757583333213280976416146013107
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwlwAAAKifuBva

42 B
716 B

38ms
36ms

Image
image/gif

44.215.93.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwlwAAAKifuBva

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Server

44.215.93.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-93-192.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-va6-2-v068-06a88096c.edge-va6.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 6lpKenD1Tk8=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwlwAAAKifuBva
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Sat, 23 Nov 2024 01:32:07 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 461A 0
0 104ms
38ms Document
text/html 2607:f8b0:4006:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.jeffhamiltononline.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: Sun, 23 Nov 2025 01:32:07 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 enterprisesfuid Show response
apps.statefarm.com/sfuidservice/ 50 B
717 B 219ms
218ms XHR
application/json 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

a5d770eb9b62701d5c42463b1b01f29ea2884f8ec18e8f4681ca9d60859a01c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://www.jeffhamiltononline.com/

Response headers

x-request-id: 697730219916482242816398174853791903586, 697730219916482242816398174853791903586
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=nyd"}]}
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
x-edg-mr: 77:0;77:1;77:5;77:6;77:8;77:12;
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=nyd,edgio_country;desc=CA
x-edg-version: 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-store
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
access-control-allow-credentials: true
x-vcap-request-id: 83fd9835-21f5-4091-4da9-f2876630bd78
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 50
x-xss-protection: 1; mode=block
server: ECAcc (dac/9C8A)

OPTIONS
H2 200 enterprisesfuid
apps.statefarm.com/sfuidservice/ Frame 0
0 233ms
215ms Preflight 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.jeffhamiltononline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.jeffhamiltononline.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: 0
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=nyd"}]}
server: ECAcc (dac/9C8A)
server-timing: edgio_cache;desc=NONE,edgio_pop;desc=nyd,edgio_country;desc=CA
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-edg-mr: 77:0;77:1;77:5;77:6;77:8;77:12;
x-edg-version: 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-frame-options: DENY
x-request-id: 17118477674898579111520179518540459726 17118477674898579111520179518540459726
x-vcap-request-id: 5a5109c7-f3bc-4abd-56c8-1cfccd9eb74a
x-xss-protection: 1; mode=block

GET
H3 200 528857779805042 Show response
connect.facebook.net/signals/config/ 75 KB
15 KB 2159ms
2158ms Script
application/x-javascript 57.144.180.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528857779805042?v=2.9.176&r=stable&domain=www.jeffhamiltononline.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-lga3.fbcdn.net

Software

Resource Hash

52a5d2384ee71622d99e3c4a202ce96e6b73f604457afb16adc0a9563f6a3811

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-TvecXIdJ' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:32:09 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-TvecXIdJ' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=75, mss=1232, tbw=68061, tp=64, tpl=0, uplat=2132, ullat=0
pragma: public
x-fb-debug: 1npnDB2M6BmGIlVW8QrPYeJH1b1azVP5AGRgiy/LwV/T7QeFQqXR8RXPhhz3q+Yddxx5amBEWSRd53xm6gEPXQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672...
11264551.fls.doubleclick.net/ Frame 1DC7
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent...

0
0

55ms
49ms

Document
text/html

142.250.80.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.70 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s35-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 387
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: Sat, 23 Nov 2024 01:32:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CJ7g572n8YkDFSlSRwEd990Xdg;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activityi;fledge=1;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;u...
td.doubleclick.net/td/fls/rul/ Frame 8FC9 0
0 339ms
51ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;u...
ad.doubleclick.net/ 0
23 B 322ms
45ms Image
image/png 142.250.64.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=7444443159589;npa=0;auiddc=1781410299.1732325527;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=1672278157;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l3l1l1;dma=0;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fwww.jeffhamiltononline.com%2F?

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.64.102 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 23 Nov 2024 01:32:07 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17451677168069182754"}],"aggregatable_trigger_data":[{"filters":[{"14":["12962750"]}],"key_piece":"0xd89e8248394d586f","source_keys":["12","13","14","15","16","17","18","19","20","21","22972304","22972305","22972306","22972307","22990996","22990997","22990998","22990999","24809972","24809973","24809974","24809975","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","641996976","641996977","641996978","641996979","642033868","642033869","642033870","642033871","905571280","905571281","905571282","905571283"]},{"key_piece":"0x298c7bb1bba9e72d","not_filters":{"14":["12962750"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22972304","22972305","22972306","22972307","22990996","22990997","22990998","22990999","24809972","24809973","24809974","24809975","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","641996976","641996977","641996978","641996979","642033868","642033869","642033870","642033871","905571280","905571281","905571282","905571283"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22972304":65,"22972305":65,"22972306":65,"22972307":6356,"22990996":46,"22990997":46,"22990998":46,"22990999":4540,"24809972":59,"24809973":59,"24809974":59,"24809975":5778,"26351264":54,"26351265":54,"26351266":54,"26351267":5297,"27131696":65,"27131697":65,"27131698":65,"27131699":6356,"27166016":50,"27166017":50,"27166018":50,"27166019":4889,"27171248":72,"27171249":72,"27171250":72,"27171251":7062,"27836104":72,"27836105":72,"27836106":72,"27836107":7062,"27838264":72,"27838265":72,"27838266":72,"27838267":7062,"641996976":655,"641996977":655,"641996978":655,"641996979":63569,"642033868":54,"642033869":54,"642033870":54,"642033871":5297,"905571280":81,"905571281":81,"905571282":81,"905571283":7946},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"16936300069930045873","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17451677168069182754","filters":[{"14":["12962750"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"17451677168069182754","filters":[{"14":["12962750"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"17451677168069182754","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"17451677168069182754","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11264551"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/ 5 KB
2 KB 284ms
49ms Script
text/javascript 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11220053904/?random=1732325527643&cv=11&fst=1732325527643&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164041519z8849799669za201zb849799669&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&npa=0&pscdl=noapi&auid=1781410299.1732325527&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

acbc9771303f52629aa169964a623d47f2f3f1ce013a7f84ca4f7c4c95b887ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2383
date: Sat, 23 Nov 2024 01:32:07 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 11220053904
td.doubleclick.net/td/rul/ Frame B206 0
0 91ms
53ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/11220053904?random=1732325527643&cv=11&fst=1732325527643&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164041519z8849799669za201zb849799669&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&npa=0&pscdl=noapi&auid=1781410299.1732325527&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:32:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 collect Show response
sst.statefarm.com/g/ 985 B
1 KB 420ms
268ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4bk0v9178161793z8849799669za200zb849799669&_p=1732325526980&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=654948959.1732325528&ecid=687627499&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-QC&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.etld=google.ca&sst.tft=1732325526980&sst.ude=0&_s=1&sid=1732325527&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&dt=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&en=page_view&_fv=1&_nsi=1&_ss=1&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000&up.ECID=&tfd=1701&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

8a2064ea11f7af366f9ec79f05abf593c5699a20f0bbf0df2278c27b6c93e40a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 s09149105501643
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
323 B 103ms
102ms Image
image/gif 63.140.36.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s09149105501643?AQB=1&ndh=1&pf=1&t=22%2F10%2F2024%2017%3A32%3A7%205%20480&D=..&mid=76012121010526306132762082477578973295&aamlh=7&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Abrp941ys000&g=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=www.jeffhamiltononline.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m%3Abrp941ys000&h1=home%7Cagent-micro-m%7Cbrp941ys000&c4=sf%3Aagent-micro-m%3Abrp941ys000&v6=www.jeffhamiltononline.com&v8=538466&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=friday%7C8%3A30pm&v50=11%2F22%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F130.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.145 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-145.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3720140743021625344-4618418948063638511
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 01:32:07 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Sat, 23 Nov 2024 01:32:07 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Nov 2024 01:32:07 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/2724/2306363986/ 5 KB
1 KB 91ms
90ms Script
text/javascript 3.168.122.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/2724/2306363986/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.122.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-122-84.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=300
content-encoding: br
x-amz-version-id: WDcvF9IhJbF8ts9jXNci51nKym_IvHxV
etag: W/"bba2ad42c01bffaa3e7409c911586e23"
via: 1.1 016366850df5bc60b2d7b78769c14606.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: DcNuRQx_CabMmI1r68TcbknyegfQ6zQAanUWkhYloyFRGbC0Ma2ATg==
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P7
x-amz-server-side-encryption: AES256

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 100 B
407 B 136ms
104ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.34.0-2411121854

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 42
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google, 1.1 google
access-control-allow-origin: https://www.jeffhamiltononline.com
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 872A 0
0 114ms
73ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=ca0539fb-b70c-4b96-b76a-01c916e41c3f&u_sclid=bd2e7712-7106-40da-ae8a-0c8e4df57a6b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sat, 23 Nov 2024 01:32:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 1

GET
H2 200 2f0ca4be-e310-4347-a688-421e70cfc0e5.js Show response
tr.snapchat.com/config/com/ 209 B
288 B 177ms
111ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/2f0ca4be-e310-4347-a688-421e70cfc0e5.js?v=3.34.0-2411121854

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

930955b3823a0f040f2080eda11fc8268f15f97e4da6714ead3e860a8fa44e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://www.jeffhamiltononline.com
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 41
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
access-control-allow-origin: https://www.jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209
date: Sat, 23 Nov 2024 01:32:07 GMT
content-type: application/javascript
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 6A07 0
0 104ms
66ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=ca0539fb-b70c-4b96-b76a-01c916e41c3f&u_sclid=bd2e7712-7106-40da-ae8a-0c8e4df57a6b

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://www.jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: clear h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 672
content-type: text/html
date: Sat, 23 Nov 2024 01:32:07 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/ 24 KB
24 KB 610ms
610ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

4e7fa25760db71180329c96b2cbee941ef1f4fce9797d083c8be4ffa139747e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABM8WWYHVV2R7N47SH0SP-yyz
cache-control: max-age=7200
via: 2 fly.io
expires: Sat, 30 Nov 2024 01:32:08 GMT
x-cache-key: 250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg--with-webp
content-length: 24738
x-instance: 17811372b31e08
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

GET
H3 200 /
www.google.com/pagead/1p-user-list/11220053904/ 42 B
64 B 86ms
85ms Image
image/gif 172.217.165.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11220053904/?random=1732325527643&cv=11&fst=1732323600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164041519z8849799669za201zb849799669&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&npa=0&pscdl=noapi&auid=1781410299.1732325527&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dXNhn0UMQB9sLV1vFySFX514TxtszJw&random=433674809&rmt_tld=0&ipr=y

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s70-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:32:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/11220053904/ 42 B
64 B 92ms
50ms Image
image/gif 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/11220053904/?random=1732325527643&cv=11&fst=1732323600000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9164041519z8849799669za201zb849799669&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&hn=www.googleadservices.com&frm=0&tiba=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&npa=0&pscdl=noapi&auid=1781410299.1732325527&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dXNhn0UMQB9sLV1vFySFX514TxtszJw&random=433674809&rmt_tld=1&ipr=y

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:32:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/ 59 KB
59 KB 781ms
781ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

c0a3ad55ba9bad79266d475e1d181c8a8f32a5a58a33e9a31adf91a8edac2c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

x-cache-status: MISS
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBABMD4FAKYT95AXXVZ0XV5-yyz
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Sun, 23 Nov 2025 01:32:08 GMT
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png--with-webp
content-length: 60454
x-instance: 3d8d9511a54638
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ord

POST
H3 200 p
tr.snapchat.com/ 0
16 B 92ms
70ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 0
date: Sat, 23 Nov 2024 01:32:08 GMT
server: API Gateway

GET
H2 204 collect
analytics.google.com/g/s/ 0
501 B 107ms
45ms Image
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e4bj1h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485&_gsid=3WRNTYXP84YUxHG6Opt_iOH9GPRg9bmg
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 89ms
88ms Image
image/gif 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-3WRNTYXP84&cid=654948959.1732325528&gtm=45j91e4bj1h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485&aip=1&z=145003791

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:32:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
510 B 112ms
40ms Image
text/plain 2607:f8b0:4004:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=0&npa=0&gcd=13l3l3l3l1l1&tid=G-3WRNTYXP84&cid=654948959.1732325528&gtm=45j91e4bj1h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485&aip=1
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c19::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 p
tr6.snapchat.com/ 0
202 B 113ms
67ms Ping
text/plain 2600:1901:0:7628::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:7628:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.jeffhamiltononline.com/

Response headers

via: 1.1 google, 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Nov 2024 01:32:08 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

GET
H2 200 collect Show response
sst.statefarm.com/g/ 683 B
865 B 97ms
96ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4bk0v9178161793z8849799669za200zb849799669&_p=1732325526980&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=654948959.1732325528&ecid=687627499&ul=en-ca&sr=1600x1200&_fplc=0&ur=CA-QC&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&sst.etld=google.ca&sst.tft=1732325526980&sst.ude=0&_s=2&sid=1732325527&sct=1&seg=0&dl=https%3A%2F%2Fwww.jeffhamiltononline.com%2F&dt=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&en=MS_LP_Stand_AgentM2Site&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000&_et=4&tfd=2211&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

bc2ae18a85b73a6d40af14192f7b658234da6b80af66ddd7904158e302a75b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/plain
server: Google Frontend

GET
H2 204 collect
analytics.google.com/g/s/ 0
56 B 61ms
60ms Image
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analytics.google.com/g/s/collect?dma=0&npa=0&gcd=13l3l3l3l1l1&gtm=45j91e4bj1h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485&_gsid=3WRNTYXP84vrRDPA-Ng0SJ3C8w8Nelsg
Requested by: Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:32:08 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.ca/ads/ 42 B
63 B 90ms
90ms Image
image/gif 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:32:08 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H3 200 p
tr.snapchat.com/ 0
17 B 76ms
73ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
via: 1.1 google, 1.1 google
alt-svc: clear, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 0
date: Sat, 23 Nov 2024 01:32:08 GMT
server: API Gateway

GET
H3 200 1673276772914128 Show response
connect.facebook.net/signals/config/ 76 KB
13 KB 2071ms
2071ms Script
application/x-javascript 57.144.180.128
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1673276772914128?v=2.9.176&r=stable&domain=www.jeffhamiltononline.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C146%2C173%2C159%2C118%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

57.144.180.128 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-03-lga3.fbcdn.net

Software

Resource Hash

4e77815d4d9ea7f514681ea2535bd1a7476c84e9c077b4fbf83903bba2f3bfa4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-E4dzkQ7p' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://www.jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:32:11 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-E4dzkQ7p' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=88, mss=1232, tbw=84557, tp=79, tpl=0, uplat=2044, ullat=0
pragma: public
x-fb-debug: h1dHKSleIr/QjiA0wqJJotvkO4MjfkIBt/aLBix3ryJwSRtjsfTl+wA+45p/BpwMnYAix5FbdPi5QF7ClEo7ng==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET 1936962093151750
connect.facebook.net/signals/config/ 0
0

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
319 B 58ms
57ms Fetch
application/json 104.198.70.133

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: www.jeffhamiltononline.com
URL: https://www.jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

a75a67c76aa464c7ef30022cb774ab67f069c6d51e01ac415822a4642ae7a4e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

keen-sdk: javascript-5.0.1
Authorization: WK
Referer: https://www.jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-origin: https://www.jeffhamiltononline.com
content-length: 66
date: Sat, 23 Nov 2024 01:32:12 GMT
content-type: application/json; charset=utf-8
vary: origin

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 198ms
52ms Preflight 104.198.70.133

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://www.jeffhamiltononline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://www.jeffhamiltononline.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sat, 23 Nov 2024 01:32:12 GMT
strict-transport-security: max-age=15724800; includeSubDomains

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1936962093151750?v=2.9.176&r=stable&domain=www.jeffhamiltononline.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C127%2C146%2C173%2C159%2C118%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 01:13:31	Name: X-AB Value: 669381af4a0f468cb95458c3b530b177
www.jeffhamiltononline.com/	1970-01-21 01:13:31	Name: __cheesecrd_version Value: master
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_gad Value: 1
.demdex.net/	1970-01-21 05:31:17	Name: demdex Value: 71067724757583333213280976416146013107
.jeffhamiltononline.com/	1970-01-21 03:21:41	Name: _gcl_au Value: 1.1.1781410299.1732325527
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.dpm.demdex.net/	1970-01-21 05:31:17	Name: dpm Value: 71067724757583333213280976416146013107
.statefarm.com/	1970-01-21 10:48:05	Name: s_ecid Value: MCMID%7C76012121010526306132762082477578973295
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: _ga Value: GA1.1.654948959.1732325528
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: _ga_3WRNTYXP84 Value: GS1.1.1732325527.1.0.1732325527.0.0.687627499
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3ABRP941YS000
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_pre_v6 Value: www.jeffhamiltononline.com
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_dl Value: 1
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271732325527773%27%5D%5D
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fwww.jeffhamiltononline.com%2F%7Caowsv%3D538466%7CentryProperty%3Dhttps%3A%2F%2Fwww.jeffhamiltononline.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DBRP941YS000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m%3ABRP941YS000%7Cmc%3Ddirect%20load%7C
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20051%7CMCMID%7C76012121010526306132762082477578973295%7CMCAAMLH-1732930327%7C7%7CMCAAMB-1732930327%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1732332727s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20058%7CvVersion%7C5.5.0
.jeffhamiltononline.com/	1970-01-21 10:41:52	Name: _scid Value: V0CoeDDs54NtYvKPDp_TKmVVZPOTzwrj
.jeffhamiltononline.com/	1970-01-21 10:41:52	Name: _scid_r Value: V0CoeDDs54NtYvKPDp_TKmVVZPOTzwrj
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: invoca_session Value: %7B%22ttl%22%3A%222024-12-23T01%3A32%3A07.895Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D
.doubleclick.net/	1970-01-21 01:55:17	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 10:48:05	Name: IDE Value: AHWqTUmzmzNYjLAJaZ3Sj7J1uCcpRGCHNu_02h2C3ibbn4d3KA1Q_WYr7tcUj1imuaE
.doubleclick.net/	1970-01-21 05:31:17	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 01:12:06	Name: test_cookie Value: CheckForPermission
.jeffhamiltononline.com/	1970-01-21 01:22:10	Name: _ScCbts Value: %5B%5D
.adsrvr.org/	1970-01-21 09:57:41	Name: TDID Value: 0d323984-25ac-465b-9536-354031ce2b0f
.adsrvr.org/	1970-01-21 09:57:41	Name: TDCPM Value: CAESEgoDYWFtEgsIvofp1ZXaxT0QBRgFIAEoAjILCLb3wYKs2sU9EAU4AQ..
.demdex.net/	1970-01-21 05:31:17	Name: dextp Value: 771-1-1732325527861\|903-1-1732325527962\|30646-1-1732325528063\|66757-1-1732325528164
.snapchat.com/	1970-01-21 10:33:41	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3JyQ3AIAwEwIosrY8FK93YSqiC4uGZ30hDstMBiTGWRFGlK1XeafUF8m5vDTw63dxIy/0jDjpafcVAAAAA
.tapad.com/	1970-01-21 02:38:29	Name: TapAd_TS Value: 1732325528242
.tapad.com/	1970-01-21 02:38:29	Name: TapAd_DID Value: d6180689-5556-4a1e-81c6-1ff622d96dd2
.tapad.com/	1970-01-21 02:38:29	Name: TapAd_3WAY_SYNCS Value:
.jeffhamiltononline.com/	1970-01-21 10:41:52	Name: _sctr Value: 1%7C1732262400000

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://www.jeffhamiltononline.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://www.jeffhamiltononline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.jeffhamiltononline.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://www.jeffhamiltononline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
ad.doubleclick.net
analytics.google.com
apps.statefarm.com
cm.everesttech.net
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
djwmpmz818tx4.cloudfront.net
dpm.demdex.net
ephemera.mirus.io
googleads.g.doubleclick.net
invocation.deel.c1.statefarm
js.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
sc-static.net
smetrics.statefarm.com
solutions.invocacdn.com
sst.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
stats.g.doubleclick.net
td.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
www.google.ca
www.google.com
www.googletagmanager.com
www.jeffhamiltononline.com
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
100.25.101.138
104.198.70.133
108.139.33.128
117.18.238.236
142.250.64.102
142.250.80.70
142.251.32.98
142.251.40.195
172.217.165.132
18.164.116.22
2001:4860:4802:34::181
2600:1901:0:7628::
2600:9000:2511:a200:2:8f43:5780:93a1
2600:9000:2801:7a00:14:17ae:9e00:21
2607:f8b0:4004:c19::9c
2607:f8b0:4006:81c::2008
2607:f8b0:4006:81d::2002
2a09:8280:1::42:4195
3.163.245.4
3.168.122.84
34.128.179.202
34.69.219.172
35.190.43.134
44.198.85.65
44.215.93.192
44.217.230.59
57.144.180.128
63.140.36.145
0347ac59cf1dfd775ba07d6c2a43b4966252684f0ab4326a5ca196ecc265c3df
06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f
07259c4d796190e9815d1c4ee240109b4fa222e1276ec031ba52ca067dca7653
0de7beadf73727d4f4f2b1fe7383e5a8f5481ca4dc3c0d0cfc13ac41818630b3
1dc3ee4a133e6eb7e9f114ad5aa6ccea174d8eecd33664f3b9f7baee80a5b6a2
1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d
1f8539d89c61cf953dd16255d35a8c4365ea71fe107ecc457ff83ced430c8ab9
21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc
265948d1519a666e7f4afe5532e4dc6a27a00abbd9226d5a624910ac46e30176
272f0ace53f0400f823ff960164bb9bb118aa21b947ff29cb1e6b968e777dafd
28ab1b75d1bed53b17015cbfc70fd243f4dd0b595006e2e0defc11cc296532fc
297b73abf7c8454d4f3b6302db875aa2ca76c8d6ace68ad4817568b0b38eb303
2efd81b7d4c3b7cd7118b5aa19c71767d813eede4273654a1ebcabfa21008157
42c44fa5899fbbd1805d74252f8edd7337aecf6c7bd103e96f1eb110ab7ef9d5
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4e77815d4d9ea7f514681ea2535bd1a7476c84e9c077b4fbf83903bba2f3bfa4
4e7fa25760db71180329c96b2cbee941ef1f4fce9797d083c8be4ffa139747e4
4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061
504cbaedd27a2dfc913ef7a4089b75f1fe46a9c5e00c27d9259dfb79186b5e34
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52a5d2384ee71622d99e3c4a202ce96e6b73f604457afb16adc0a9563f6a3811
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5ec6df60102ee7a254e9f4f221d5edd42b8afd35accaf2b128aaa802303bfcd8
618b759345faaf0bdc21fdf857289b7ca9edd62efea1c6985d5961663b8b4f4a
633281c6b7f5947ba9e4d37b265e07335d11e8539e39b44ee185d7e06a32e7cc
6c557f92427f425b2d87dcbf69bb8e1a9f76b224ebe4b84871f60f0fcbc36488
7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314
794f44106d45b2eaa51d036975a3f2d3192926e499cb13ea39bef1d10ad1a308
810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce
83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf
890265e01c43d8144a48919076e65e4a3b92ffb43db367eb57ac98bfa940ce7b
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8a2064ea11f7af366f9ec79f05abf593c5699a20f0bbf0df2278c27b6c93e40a
930955b3823a0f040f2080eda11fc8268f15f97e4da6714ead3e860a8fa44e7a
9c792c9644bc15a860c2afcf8241f5df49a0d258a23787bad042382cc8824976
9fb6f24e4c70b1c6859ed008c8f0d74c64a4db09c46109ea0cecdeb0669c6185
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a5d770eb9b62701d5c42463b1b01f29ea2884f8ec18e8f4681ca9d60859a01c9
a75a67c76aa464c7ef30022cb774ab67f069c6d51e01ac415822a4642ae7a4e7
abf06f320d183efe7ab6687d34b786adca9fe5da321326518a8eb6f4880d7c59
acbc9771303f52629aa169964a623d47f2f3f1ce013a7f84ca4f7c4c95b887ca
af693cb19d143c832ca90a57bf46888527bc3d8b65138a87177f6cbbe5b78a6a
b42d87f83f435663ec749627fc2ee7aca8412ee37f486572ef8ba98bf80ca6b5
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bc2ae18a85b73a6d40af14192f7b658234da6b80af66ddd7904158e302a75b9e
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c0a3ad55ba9bad79266d475e1d181c8a8f32a5a58a33e9a31adf91a8edac2c11
c3761d4cd0b55c2fa44aea032ad60824334f55210c1c497f66feb141860f16d8
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
ce5f83e79de0394e472caeba3b86728ad59294fea2c4872bf6d9b99a6b27c274
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a
e18c9673315d7e867d2fd22f1aaa57987630617f121231c9fbe34d7fb4168632
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3d4090e3f2ca70f75502e27dcf47b158d96dc796a44a820f726856f418ee9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2589dd081eab95f91728f2604b640d194e3531af2685f1228125ad8827ed32d
f4a7f5d57642ef5244e069c2d73712b83ffdeabd9bf0dd6f89c2aabc5f5f7a42

www.jeffhamiltononline.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

94 %HTTPS

29 %IPv6

18 Domains

30 Subdomains

28 IPs

2 Countries

1542 kBTransfer

4336 kBSize

34 Cookies

34 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.jeffhamiltononline.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

94 %
HTTPS

29 %
IPv6

18
Domains

30
Subdomains

28
IPs

2
Countries

1542 kB
Transfer

4336 kB
Size

34
Cookies

88 HTTP transactions
0 data transactions