gregjareczek.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gregjareczek.com/
Submission: On December 17 via api (December 17th 2024, 6:02:26 pm UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 17 domains to perform 84 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is gregjareczek.com.
TLS certificate: Issued by R10 on November 20th 2024. Valid for: 3 months.

This is the only time gregjareczek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
28	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
1	54.91.59.80 54.91.59.80	14618 (AMAZON-AES) (AMAZON-AES)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	117.18.238.236 117.18.238.236	15133 (EDGECAST) (EDGECAST)
2	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.21.20.12 2.21.20.12	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
7	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:6800:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.212.200.255 52.212.200.255	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.103 65.9.66.103	16509 (AMAZON-02) (AMAZON-02)
1	52.211.121.244 52.211.121.244	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.27 63.140.62.27	16509 (AMAZON-02) (AMAZON-02)
1 1	34.255.155.228 34.255.155.228	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.60 18.245.31.60	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
2	34.128.179.202 34.128.179.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
84	26

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

gregjareczek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.91.59.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-80.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 117.18.238.236 (Phoenix, United States)

ASN15133 (EDGECAST, US)

online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
apps.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-21-20-12.deploy.static.akamaitechnologies.com

static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:6800:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.212.200.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-200-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.121.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-121-244.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-27.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.255.155.228 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-155-228.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-60.fra56.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.134 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.128.179.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.179.128.34.bc.googleusercontent.com

sst.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 301133 peachy.prod.mirus.io — Cisco Umbrella Rank: 360831	604 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 903 tr6.snapchat.com — Cisco Umbrella Rank: 1333	1004 B
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	541 KB
7	statefarm.com online.statefarm.com — Cisco Umbrella Rank: 81907 smetrics.statefarm.com — Cisco Umbrella Rank: 52632 sst.statefarm.com apps.statefarm.com — Cisco Umbrella Rank: 76160	6 KB
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4813	77 KB
4	doubleclick.net 1 redirects 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 108991 ad.doubleclick.net — Cisco Umbrella Rank: 145 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	1 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 67059	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	154 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 960	6 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	557 B
2	google.de www.google.de — Cisco Umbrella Rank: 10745	126 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7200	40 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1109	24 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	490 B
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 18026	5 KB
1	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 96891 deel-id-persistence.deel.c1.statefarm Failed	6 KB
1	gregjareczek.com gregjareczek.com	150 KB
84	17

	Domain	Requested by
28	ephemera.mirus.io	gregjareczek.com
7	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com nexus.ensighten.com
6	tr.snapchat.com	sc-static.net
6	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
4	connect.facebook.net	gregjareczek.com connect.facebook.net
3	dpm.demdex.net	1 redirects
2	www.google.de
2	region1.analytics.google.com
2	insight.adsrvr.org	js.adsrvr.org
2	apps.statefarm.com	static1.st8fm.com
2	sst.statefarm.com	www.googletagmanager.com
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	solutions.invocacdn.com	gregjareczek.com solutions.invocacdn.com
2	smetrics.statefarm.com	nexus.ensighten.com
2	peachy.prod.mirus.io	gregjareczek.com
1	stats.g.doubleclick.net
1	tr6.snapchat.com	sc-static.net
1	ad.doubleclick.net
1	sc-static.net	gregjareczek.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	static1.st8fm.com	invocation.deel.c1.statefarm
1	online.statefarm.com	invocation.deel.c1.statefarm
1	invocation.deel.c1.statefarm	gregjareczek.com
1	gregjareczek.com
0	deel-id-persistence.deel.c1.statefarm Failed	invocation.deel.c1.statefarm nexus.ensighten.com
84	28

This site contains links to these domains. Also see Links.

Domain
apps.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
search.google.com
www.statefarm.com
financials.statefarm.com
www.google.com
get-id-card.delitess.c1.statefarm
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
gregjareczek.com R10	`2024-11-20` - `2025-02-18`	3 months	crt.sh
ephemera.mirus.io E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-26` - `2024-12-25`	3 months	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
peachy.prod.mirus.io R11	`2024-12-04` - `2025-03-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.doubleclick.net WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
sst.statefarm.com WR3	`2024-12-14` - `2025-03-14`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.google.de WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://gregjareczek.com/
Frame ID: DCFD09B3B1817D8C3036B34CBF8EF25D
Requests: 75 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: E7D0849ED9FBC89FD58803AE14F6CBB1
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fgregjareczek.com
Frame ID: 547F15ED4F87EE9EE36CB1243807F8AA
Requests: 1 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F
Frame ID: ACA1B4BB27E99F35C8D59E48156F24F1
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=a997f768-2f04-4b8c-aada-1b22d64d9570&u_sclid=249961fb-69db-4451-9e18-84f6a41fdbb0
Frame ID: 8C31EE71C5D976FB7662DE5A31FF4FE4
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=a997f768-2f04-4b8c-aada-1b22d64d9570&u_sclid=249961fb-69db-4451-9e18-84f6a41fdbb0
Frame ID: 4E0E8E72DD53F97216F9DB98E0428F37
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fgregjareczek.com%2F&upid=t8xbszz&upv=1.1.0&paapi=1
Frame ID: 3532A8A505E4BEA38321CE9A53A5AC7F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fgregjareczek.com%2F&upid=9nilek2&upv=1.1.0&paapi=1
Frame ID: 9B6480E604375FC28046BBAC4248A45C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IL Auto & Home Insurance Agent Greg Jareczek - State Farm®

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

84
Requests

94 %
HTTPS

19 %
IPv6

17
Domains

28
Subdomains

26
IPs

4
Countries

1616 kB
Transfer

5142 kB
Size

26
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/322512751124127

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/greg-jareczek-2318b59

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJNwnCyknSD4gR37YX_FPmDM4

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/retrieve-saved-quotes/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=41.954607%2C-87.665448&query_place_id=ChIJNwnCyknSD4gR37YX_FPmDM4
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving#agentAssociateId=WFMSG1YS000
Title: The Real Consequences of Drunk Driving

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/new-vs-used-car-calculate-cost-of-ownership#agentAssociateId=WFMSG1YS000
Title: New vs. used car — calculate cost of ownership

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/family/how-big-will-my-cat-get#agentAssociateId=WFMSG1YS000
Title: How big will my cat get?

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=WFMSG1YS000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839

Request Chain 45

https://cm.everesttech.net/cm/dd?d_uuid=20528179710131096281365190461812083583 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2G8rAAAADdbGQOV

Request Chain 57

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gregjareczek.com/ 646 KB
150 KB 530ms
226ms Document
text/html 34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f18dbd8450b99f64f234a949081b822f7b6dd983290db9c16ca04f4505838672

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Tue, 17 Dec 2024 18:02:18 GMT
etag: "b1d794e9635a230dd8de5ba72ebbf7f2"
expires: Tue, 17 Dec 2024 18:02:48 GMT
last-modified: Tue, 17 Dec 2024 12:22:09 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:gregjareczek.com/
x-cheesecrd-path: /
x-goog-generation: 1734438129793325
x-goog-hash: crc32c=dR9Qjg== md5=sdeU6WNaIw3Y3lunLrv38g==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 152765
x-guploader-uploadid: AFiumC4Vcm0ge2IsEhGsS-9GVRoQm2nNw3eJszbSreIFwHa0SFUvQd2NM5MThEsra4ZagYXs

GET
H2 200 m1_web_143073040_ainis6.jpg
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 59 KB
59 KB 139ms
90ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

eb4c8b6102122aba58c6a5c7cbada31360d8393df40db953c64c6cd6f0df5f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHYVQC8CJ4859TGBDPY09-fra
cache-control: public,max-age=604800
via: 2 fly.io
expires: Tue, 17 Dec 2024 19:37:22 GMT
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg--with-webp
content-length: 60232
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 12 KB
6 KB 370ms
122ms Script
text/javascript 54.91.59.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.91.59.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-91-59-80.compute-1.amazonaws.com
Software: /
Resource Hash: 6830cb8cceb6226901558a5de6ffc9d51d9c868b1dbc6fff7c0550744d393266

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: C8pqzHZ9oAMEPyQ=
x-amzn-trace-id: Root=1-6761bcab-1d6c61b7235eefe9408da1fb;Parent=0e2dd8c95b30880e;Sampled=0;Lineage=1:bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: c72ee0c6-4a62-45ec-8d56-bc11dec662b7
access-control-allow-origin: *
server-timing: generated;dur=5.399660000111908
content-length: 5439
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 18ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

f3d3d621498f6834effc5417ae1921c2c6fe9c8a0e2726a10c4d076714158745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

content-md5: PivtSYn/GmTRk5FkGt1CFw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "f8bc5ba2f4db39ed1b600126b3fd09b4"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Tue, 17 Dec 2024 18:20:03 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 9d671e1d0f9aadd2f1ec87315459fb67
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4494, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: WLr/KqYDlDv2XKfxS0gXdkFPJkgqnWYKCya6JGsxuhjFtvlMGKJgxYwXbPgGixrXqRnp43TlHtz0cu4O8SEI9Q==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1686
origin-agent-cluster: ?1

GET
H2 200 m1_web_143073040_ainis6.jpg
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 19 KB
19 KB 137ms
89ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

d074776be5e45fa359623c533a51390fcd4f94cfb2748839ada752c20ea85c81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHYVQB0BCQJPBRS9QKVEJ-fra
cache-control: public,max-age=604800
via: 2 fly.io
expires: Tue, 17 Dec 2024 19:42:16 GMT
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg--with-webp
content-length: 19304
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/50x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/ 646 B
817 B 314ms
267ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/50x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/formalColorFull.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

83b57a0b738992a35a8ee9bd4c5f6c54b2599c68323067da08ff1e4d41a4de5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHYVQA9V7H20AB4T9GJH2-fra
cache-control: max-age=7200
via: 2 fly.io
expires: Tue, 24 Dec 2024 15:31:28 GMT
x-cache-key: 50x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/formalColorFull.jpg--with-webp
content-length: 646
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 123ms
87ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32208
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:47 GMT
fly-request-id: 01JFAWHYVRQKHABH2M171YZFM8-fra
x-guploader-uploadid: AD-8ljt_ysebbx1Qlg2Qq-UHZi9otwe94fIR8OBKgToxAFXH9TNS1arLAoqlKvaji69BXlXaN04
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375807290665
content-length: 32208
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 124ms
88ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-stored-content-encoding: identity
expires: Wed, 03 Dec 2025 18:32:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32200
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: font/woff2
last-modified: Tue, 03 Dec 2024 17:26:38 GMT
fly-request-id: 01JFAWHYVRT1CD5XCBRS7RTG3M-fra
x-guploader-uploadid: AFiumC4NC1N47Z-Y-2nZ_kPHcEU7Dw9-iX6IuZv5KQonAirlQB9FeouB90eBZrvj4vJDbbijo8dgpGuHJg
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1733246798637844
content-length: 32200
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 137ms
102ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31948
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:46 GMT
fly-request-id: 01JFAWHYVR27Q1258R21JM4J4B-fra
x-guploader-uploadid: AD-8ljsayx8lglBR3-g2bWUvF0pOJWyliuM1swYMefchjDexZyfztsoV_z3s8SgQP85iRHFHGA4
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375806347729
content-length: 31948
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 254 KB
75 KB 8ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7be09fbc8287feb96b4d2ced30163dc8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

7629f3019901862e994464416642a443c651d51286d80df7e7632406e5f3de90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

content-md5: tZzvK8wuFZP47itehHp4IQ==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "116ade64f4887089c9dedb508dbf8091"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 17:04:04 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 5fa3bd9f8eeb969fc85e47ec4027cd59
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=26, mss=1232, tbw=8318, tp=14, tpl=0, uplat=0, ullat=-1
x-fb-debug: xEdZTiA+6QueqZMoGCoNLZlGVqNl58YbVOHkRXfnjkoRVo4fARX2xbOfpwfmJc9eGeLa22JzYJRYDug6aw8L+A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76613
origin-agent-cluster: ?1

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
31 KB 88ms
87ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31812
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:18 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:44 GMT
fly-request-id: 01JFAWHYY9JPFAN73PBSE8TRF2-fra
x-guploader-uploadid: AD-8ljvvvovpP0W6V8lkYV-fWLJ6E-qHAy_VDIMqjJj3y6LUQmMATDdQ5L5h1AbvzkT5P_y_oP0
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375804528343
content-length: 31812
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleSlab-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 33 KB
34 KB 134ms
134ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSlab-Regular.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=R7hKEQ==, md5=XnMD4p1rk7II6fQJx+1wRQ==
etag: "5e7303e29d6b93b208e9f409c7ed7045"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 33916
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:48 GMT
fly-request-id: 01JFAWHYYAMZSDK395MPGBRVW9-fra
x-guploader-uploadid: AD-8ljsPjLMGZrwRnZ_dImM6KI2zkiFuHQbCTuJYmjTtOmVvkBchkumyhwAOy618hYc-wLwfIJY
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSlab-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375808220943
content-length: 33916
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/ 3 KB
4 KB 88ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

8fe094b5e27e310c4c148d8588bcebcaad06501f9e9f8d3f2d8e8ce15a87d41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ16W7VBQ6JDF4Y4V217-fra
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Wed, 25 Jun 2025 23:41:40 GMT
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png--with-webp
content-length: 3422
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 1 KB
2 KB 87ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

81214bb74d398bca1bd710a3c6062414e22370dd7229ae1e0d131e1aa6cbf042

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ17VZ8Q7VAZESG7N9DJ-fra
cache-control: max-age=14400
via: 2 fly.io
expires: Tue, 17 Dec 2024 18:44:08 GMT
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 1372
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 new-vs-used-car-calculate-cost-of-ownership.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 2 KB
2 KB 89ms
89ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/new-vs-used-car-calculate-cost-of-ownership.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

df1c6cf30e51668e15b541e9cd78a5a4fffd780536eb6163a5e07eae019ce056

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ18BE1Z01DN2YSANPA3-fra
cache-control: max-age=14400, public
via: 2 fly.io
expires: Tue, 24 Dec 2024 16:54:26 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/new-vs-used-car-calculate-cost-of-ownership.jpg--with-webp
content-length: 1834
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 how-big-will-my-cat-get.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 2 KB
2 KB 90ms
89ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/how-big-will-my-cat-get.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

739f31db4541b575d1a8f46ff55481ae933a0535f0d089d380ff8ca7c9fdeb6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ185PQ9GFCCT341HR1E-fra
cache-control: max-age=14400, public
via: 2 fly.io
expires: Tue, 24 Dec 2024 14:15:03 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/how-big-will-my-cat-get.jpg--with-webp
content-length: 1594
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 87ms
87ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=1UwfBQ==, md5=RpcJsGzTbfZT935fdxXDYw==
etag: "469709b06cd36df653f77e5f7715c363"
age: 31
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1421
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ18TGW2DWZ7WYS7DSS7-fra
x-guploader-uploadid: AD-8ljsc4NDfkzM0nCPAzUK-8SmRhmWgCTyx64eB5Mazg8uC-yEaHUxR5ejtoqwPa1by5WRb01c
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837158857
content-length: 1421
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 57 KB
20 KB 88ms
88ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
etag: "325cb81db127575cff63b2c1e7498924"
age: 32
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20468
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1AE2P25DASAJW1ZNBF-fra
x-guploader-uploadid: AD-8ljucwko1kDxdhzZBu6L4Obew_wT02S97fAF8ThOdtTRS9ZJLkouF5XWqeRqbP-gGVCiYTi8
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836631823
content-length: 20468
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 8 KB
4 KB 89ms
89ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
etag: "2fb010765186417da12346886fba3121"
age: 32
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3734
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1AP7GZS23T7RPRKX1A-fra
x-guploader-uploadid: AD-8ljs6Qnvjr3TMqw81r9nBekDBK1iKM3Z-fhthjBFyIp3ST0dJpIRnDmwlgOHqRcDE-o6eQM8
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837598472
content-length: 3734
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 471 B
666 B 92ms
92ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=RSR0kQ==, md5=kngY9s1AJeNla8ZK5oeNGg==
etag: "927818f6cd4025e3656bc64ae6878d1a"
age: 25
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 305
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1AVFTSVCVMJ7EE8DJ4-fra
x-guploader-uploadid: AD-8ljuo9VEtyBhw1eLfBCRMMUIuMJ0Y78rzJvHzmzU1Znx3BWftfxuOmPQO3LAarO01xW0zBOE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837827886
content-length: 305
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 89ms
89ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1392
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1A0C47PJXR29VP9TBC-fra
x-guploader-uploadid: AD-8ljs0_7doJSgK2ZI1Tlt1jNivnCva9zJ-rCnl2F8hWmP7v928ULz_vYGv5LjWMeR5hAo_JtY
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838270863
content-length: 1392
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 122 B
480 B 92ms
91ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
etag: "9c19d54efaecc0a7511f297f8974b2fd"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 134
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1D470FPAT9S8TPKA7D-fra
x-guploader-uploadid: AD-8lju0kJ8WH-4pNdL8UV0BVBvE4VH592Wm_NZVPdsonXeJVKTkl9-9Yg4W737eGLl0tLuU-aI
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838054871
content-length: 134
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 101 KB
35 KB 93ms
93ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=6XSSRg==, md5=rubEPjqukPKiONSSF6OOKg==
etag: "aee6c43e3aae90f2a238d49217a38e2a"
age: 58
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 35228
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JFAWHZ1A2NWSKMD0PWHBQ6S4-fra
x-guploader-uploadid: AD-8ljtpkAwA2LMcaEyDD-dQsdrsol1aOua2PHjw9F3AfAuRDyA9k8Z9ZP7X80-McQdUEGxjLcs
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836907792
content-length: 35228
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
33 KB 101ms
101ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
etag: "5c321170479a815ab790c771bcc8f1d3"
age: 31
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32960
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:42 GMT
fly-request-id: 01JFAWHZ4H2TBSP1E9FRC81AK7-fra
x-guploader-uploadid: AD-8ljv1TE_OY5Si-WhZp1BDg8bAkH3CIS-YCZ8i1W8yOJhCSBQnXapYHgz8yhSJrVpXmm0iqIE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375802497420
content-length: 32960
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
32 KB 88ms
87ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32844
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:43 GMT
fly-request-id: 01JFAWHZ4HD7SEGS7522XC4WX2-fra
x-guploader-uploadid: AD-8ljuQnXbhyq8U5g4PVLXGAe0rsyhRxdGHPwz5l62gQ2NQGoeUdEOs_baUQu4HHu40fMyKRjc
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375803539954
content-length: 32844
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 m1_web_143073040_ainis6.jpg
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 99 KB
99 KB 88ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

78b1433b276c49c09ff8349ac00a7c63f34cd8f165a5ae572b4b61f3efd57edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ5PF47F6928G51ZJ73S-fra
cache-control: public,max-age=604800
via: 2 fly.io
expires: Tue, 17 Dec 2024 22:20:26 GMT
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg--with-webp
content-length: 101312
x-instance: 3287444ec4d918
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/250x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/ 5 KB
5 KB 87ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/formalColorFull.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

ca151f1aabec182cdd5dc707a55d29b20839ae69630d8b00094892c53c63c6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZ5PXYVM3X8C9RHEJKYZ-fra
cache-control: max-age=7200
via: 2 fly.io
expires: Sun, 22 Dec 2024 06:33:36 GMT
x-cache-key: 250x0/https://ac2.st8fm.com/associate-photos/W/WFMSG1YS000/formalColorFull.jpg--with-webp
content-length: 5386
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1 KB
2 KB 572ms
254ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8D) /

Resource Hash

c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-request-id: 592250636543409524214616205215802390505, 592250636543409524214616205215802390505
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=dce"}]}
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
access-control-allow-origin: https://gregjareczek.com
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=dce,edgio_country;desc=DE
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
content-length: 1233
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: text/html
server: ECAcc (dac/9C8D)
x-frame-options: DENY

GET
H2 200 gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/ 97 KB
98 KB 88ms
88ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

4dfb9db2bf2dcd8e3bab7e93b5b69f005c0a7c10ff57e078ec2617fd89cb5d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZAN5XJT3JPQSQEZTF9K-fra
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Wed, 25 Jun 2025 23:41:42 GMT
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/gr/gregjareczek.com/gregjareczek.com-sidebar-md-4301c879976ea828bf8bde197cc681a6.png--with-webp
content-length: 99798
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/250x0/https://static1.st8fm.com/en_US/img/si/750/ 4 KB
5 KB 87ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

fba675b1df2a2ed0dfc5250f9ad4942cfeb7c3a90a9de558c891ad0ec9cba0aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWHZANT9P287SDHNV6YH7B-fra
cache-control: max-age=14400
via: 2 fly.io
expires: Mon, 16 Dec 2024 09:24:14 GMT
x-cache-key: 250x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 4470
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 favicon.webp
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/ 6 KB
6 KB 170ms
169ms Other
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/favicon.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/fbf74ca1c (2024-12-13) /
Resource Hash: 41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=5NQfJQ==, md5=vg/FG8wgWq9f3nbClU3krg==
etag: "be0fc51bcc205aaf5fde76c2954de4ae"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5902
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: image/webp
last-modified: Thu, 26 Sep 2024 18:36:49 GMT
fly-request-id: 01JFAWHZF543ZR9KJCZF0BVXMC-fra
x-guploader-uploadid: AD-8ljv_6DEZXiUpm9ciiHLeCtY3VzZ9lryiGi6lpwhJEvjYPrTHWpENEtk8M77SyFnhqMTcsW8
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/favicon.webp
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375809111362
content-length: 5902
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 362ms
115ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://gregjareczek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://gregjareczek.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Tue, 17 Dec 2024 18:02:19 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
312 B 119ms
118ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

ca5c060845b9a6c45e56ef1908d4028aae5b35b59d0f54a8f85aa061de8ccd4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

keen-sdk: javascript-5.0.1
Authorization: WK
Referer: https://gregjareczek.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-origin: https://gregjareczek.com
content-length: 66
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/json; charset=utf-8
vary: origin

GET
H2 200 sfuid.js Show response
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 21 KB
5 KB 465ms
46ms Script
application/javascript 2.21.20.12
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.20.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-21-20-12.deploy.static.akamaitechnologies.com

Software

Resource Hash

06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
akamai-request-bc: [a=23.51.23.76,b=2398555287,c=g,n=DE_HE_FRANKFURT,o=20940]
expires: Tue, 17 Dec 2024 10:36:21 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=93600
access-control-allow-origin: *
content-length: 5229
akamai-cache-status: RefreshHit from child, Hit from parent
date: Tue, 17 Dec 2024 18:02:20 GMT
last-modified: Wed, 30 Oct 2024 20:13:01 GMT
content-type: application/javascript
vary: Accept-Encoding
x-frame-options: DENY

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 785 KB
140 KB 125ms
47ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0451c8590e8ddadce83fcae3859586c229edef9c57709cdc42603f102bfe05c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 17 Dec 2024 18:02:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142603
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
31 KB 54ms
10ms Script
application/javascript 2600:9000:206f:6800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f3ed9c54472b252d450187dd55bbb009b8d29e2ce1175de51b804f474a91d3f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
x-amz-version-id: muNSpvjxQ03i.koy0Ae7aF6Sf0tBX4Rf
etag: W/"9a34e9cb2da1ba59cedd865a26c151d6"
age: 84894
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: nuf0zHugiJSQwjyLhWA5pF-kZbsUH8MbSUA9K_8JGtzq4Wnbc9s81g==
date: Mon, 16 Dec 2024 18:27:26 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 16 Dec 2024 18:26:51 GMT
x-amz-replication-status: PENDING
cache-control: max-age=300
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839

1 KB
1 KB

33ms
32ms

XHR
application/json

52.212.200.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839

Protocol

Server

52.212.200.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-200-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

94cd607a51ad086c33e45550f820653f367ef82a64f997946eaf93aed910a097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-01e27cda2.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: gXn8Ehq8QpY=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://gregjareczek.com
content-length: 614
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1734458539839
dcs: dcs-prod-irl1-2-v069-03eaf70c6.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: fkbUjBz5Syw=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://gregjareczek.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 17 Dec 2024 18:02:19 GMT
vary: Origin

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 504 B
836 B 19ms
19ms Script
text/javascript 2600:9000:206f:6800:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Mon%20Dec%2016%2018:26:49%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fgregjareczek.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:6800:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 43da34fb2ddb8179f48688c6883256121e0dd610361f0e688b93708293ec8648

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
expires: Tue, 17 Dec 2024 18:02:18 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 504
x-amz-cf-id: rHSzn5IoLMNmgMZ7DtdFAnqKcDxu9V5-B7suDoWkv_MkLQLxqjPdoA==
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H3 200 62c6a9fbf3aaaab53d073b1cf5f23cfa.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 152 KB
42 KB 12ms
11ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/62c6a9fbf3aaaab53d073b1cf5f23cfa.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 3ae0dbc8c140b472652e66416b77d4d276815bc0589245fbc8135c8704b47d1b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
x-amz-version-id: Gxt4ed9yrJCPepNlhOfR7kEo88ZPi6dd
age: 84893
etag: W/"0e91fca2b241d03ef43e1f5a603a2268"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4gYkZIFxCykOEahtiMoszlhZLwyXUYESYUkvy_2ICusu0GuJRqRWDw==
date: Mon, 16 Dec 2024 18:27:27 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 16 Dec 2024 18:26:51 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 1002ca91edaefbd5ced9a815a45c91fc.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 9ms
9ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/1002ca91edaefbd5ced9a815a45c91fc.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
etag: W/"6c07e85833bf1abb3644f87e2b41de69"
age: 4653084
x-amz-version-id: Q1JhtmtuRTybjaI9CRBbKeiLUsbp5bc9
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: L9fyxxiQ74rvokDe16V9UHOaFJ0tRxz3AkqGiAZ6H7IU14dJcTr4Ew==
date: Thu, 24 Oct 2024 21:30:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 5e334ea84cabc62ff640733a87d598af.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 11ms
11ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5e334ea84cabc62ff640733a87d598af.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
etag: W/"5418d8c4cd6405b507c0398211fa991d"
age: 4653084
x-amz-version-id: qcgHGgKViDglNuNW2WXQDzl6fS.KMh0O
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: a8xkEIPEv6AEAstrV5x5MMxTxKjFwHbS-r-7JM8pxJ9d-mAYRJe3oQ==
date: Thu, 24 Oct 2024 21:30:56 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: PENDING
cache-control: max-age=315360000
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
217 B 9ms
9ms Image
text/plain 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F62c6a9fbf3aaaab53d073b1cf5f23cfa.js%3FconditionId0%3D423109%3A86%3A101)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=4108389&did=710940&errorName=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store
age: 3300
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: M7F5KVDcsPabdqKfvIsmzYx6bQ_LGVbxljwlsHoR2Wd3v358bBVqwA==
date: Tue, 17 Dec 2024 17:07:19 GMT
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame E7D0 0
0 307ms
31ms Document
text/html 52.211.121.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.211.121.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-211-121-244.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 17 Dec 2024 18:02:20 GMT
dcs: dcs-prod-irl1-2-v069-0ce637afc.edge-irl1.demdex.com 1 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:47:49 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: UEaMgJv2SX4=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
466 B 479ms
19ms XHR
application/x-javascript 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=17028343881748676161814560006242189475&ts=1734458539996

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

e16271d0c8b38f4405a8d962526546482a5facabca4dc3c86798204921726064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://gregjareczek.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Tue, 17 Dec 2024 18:02:20 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z2G8rAAAADdbGQOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=20528179710131096281365190461812083583
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2G8rAAAADdbGQOV

42 B
715 B

32ms
32ms

Image
image/gif

52.212.200.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2G8rAAAADdbGQOV

Protocol

Server

52.212.200.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-200-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-02ffa2a9c.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: P5FcRBI0TbM=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z2G8rAAAADdbGQOV
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Tue, 17 Dec 2024 18:02:20 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

POST
H3 200 collect
www.google.com/ccm/ 0
0 273ms
46ms Ping
text/plain 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fgregjareczek.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1912489353.1734458540&dt=IL%20Auto%20%26%20Home%20Insurance%20Agent%20Greg%20Jareczek%20-%20State%20Farm%C2%AE&auid=435485730.1734458540&navt=n&npa=1&gtm=45He4cc1v849799669za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734458540040&tfd=1772&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 442 KB
141 KB 77ms
77ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fcf53e6f63edcefe96b3c5619df925357b45e6d5cc6a6a53da072c61ed891c2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 17 Dec 2024 18:02:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 144498
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 64ms
63ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ea8f7adbbb7e24ac2ee369a7959169fca2eb54d959f527d89a0ce0dc58b7d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 17 Dec 2024 18:02:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85130
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 10ms
9ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gregjareczek.com
URL: https://gregjareczek.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-6pgcR4Pq' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-6pgcR4Pq' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1889, tp=5, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 3dGvHBTz9yr2WwoYVVqwR+xuBfUZrUqq+LL9UIAARiWN+qItd6Y2IYsqzHpuBhHt4uviXjTO9T7IJmbiQxnB1A==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62283
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
84 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d854231970c7f36729329d520ce2efcff6ecac1dd299f64ae94b0f0ab845e2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 17 Dec 2024 18:02:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85146
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 93ms
93ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

625132354b8dd1c2a74a6dc0b1affd9c050cc2af401b6e166a5da8883979c16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 17 Dec 2024 18:02:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94612
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 157ms
20ms Script
application/javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"dd635a85604f92ec6b3a600d010dd4e3"
Age: 21286
Connection: keep-alive
Via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: FcWKSKRbBqwvErgPGdQiYB0R77t0GjpctJuyViwnYUypoUEULhnQEg==
Date: Tue, 17 Dec 2024 12:07:35 GMT
Content-Type: application/javascript
Last-Modified: Sun, 15 Dec 2024 12:06:55 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 163ms
25ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: a3d4c1535d563d94e47dfc36fddbd24895428ac102e00b279b363b18cbc8ccb1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23827
x-amz-cf-id: iS3UZ_QWxR8mb7pc8bg5Ny7gQWWKRGF0sLBnK2_p-o6mh_y52hVv-w==
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: FRA56-P6
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 110 KB
38 KB 302ms
9ms Script
text/javascript 18.245.31.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: gregjareczek.com
URL: https://gregjareczek.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a40163c3ab8634b09e5c717a2b6d73318cfa57a190f467f9deba6501ce95df0d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
x-amz-version-id: 5hqBNyRnDQNTIU_1fq7iaRKxwEN5uqqJ
etag: W/"a05e920321d977d3e0f2e0d87ca33a24"
age: 902
x-cache: Hit from cloudfront
x-amz-cf-id: k4HwUoZQn5NSbfb4MfeIvm6ev5dmty-SU3YNV2htfcDVDCPldAqisg==
date: Tue, 17 Dec 2024 17:47:19 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 09 Dec 2024 22:29:38 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=3600
via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 547F 0
0 128ms
46ms Document
text/html 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fgregjareczek.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 18:02:20 GMT
expires: Wed, 17 Dec 2025 18:02:20 GMT
last-modified: Thu, 12 Dec 2024 10:18:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 528857779805042 Show response
connect.facebook.net/signals/config/ 77 KB
16 KB 2366ms
2366ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528857779805042?v=2.9.179&r=stable&domain=gregjareczek.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

a98f8d1e199aa78ae014598a0bba160a2ff319bb74c94ab41121876120c34743

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-pDA6MY6N' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 17 Dec 2024 18:02:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pDA6MY6N' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=75, mss=1232, tbw=68384, tp=64, tpl=0, uplat=2358, ullat=1
pragma: public
x-fb-debug: 9UEJSvUGXudw1+9fsC+3c5U2pnPWkAiuHvrta6BARbzWstDUBn6a2zgGwOeKBFXQAnnLaK3aovAsy+GW5+47qA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=10613...
11264551.fls.doubleclick.net/ Frame ACA1
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=10...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-...

0
0

57ms
53ms

Document
text/html

142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 18:02:20 GMT
expires: Tue, 17 Dec 2024 18:02:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 17 Dec 2024 18:02:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CPC9u8mxr4oDFQ-DgwcdgEQJpA;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;ua...
ad.doubleclick.net/ 0
23 B 300ms
72ms Image
image/png 216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=9702582223847;npa=1;auiddc=435485730.1734458540;u9=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000;ps=1;pcor=1061382376;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4cc1v9189994286z8849799669za201zb849799669;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102081485~102198178;epver=2;~oref=https%3A%2F%2Fgregjareczek.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 17 Dec 2024 18:02:20 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"15529360729199220103"}],"aggregatable_trigger_data":[{"filters":[{"14":["12962750"]}],"key_piece":"0xbb8fc58510b74ce2","source_keys":["12","13","14","15","16","17","18","19","20","21","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","31083952","31083953","31083954","31083955","31089408","31089409","31089410","31089411","905571280","905571281","905571282","905571283"]},{"key_piece":"0x441b806384d92976","not_filters":{"14":["12962750"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","31083952","31083953","31083954","31083955","31089408","31089409","31089410","31089411","905571280","905571281","905571282","905571283"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"26351264":54,"26351265":54,"26351266":54,"26351267":5297,"27131696":65,"27131697":65,"27131698":65,"27131699":6356,"27166016":50,"27166017":50,"27166018":50,"27166019":4889,"27171248":72,"27171249":72,"27171250":72,"27171251":7062,"27836104":72,"27836105":72,"27836106":72,"27836107":7062,"27838264":72,"27838265":72,"27838266":72,"27838267":7062,"31083952":46,"31083953":46,"31083954":46,"31083955":4540,"31089408":65,"31089409":65,"31089410":65,"31089411":6356,"905571280":81,"905571281":81,"905571282":81,"905571283":7946},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"17170833590815327655","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15529360729199220103","filters":[{"14":["12962750"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15529360729199220103","filters":[{"14":["12962750"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15529360729199220103","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15529360729199220103","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11264551"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 collect Show response
sst.statefarm.com/g/ 1 KB
1 KB 755ms
161ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4cc1v9178161793z8849799669za200zb849799669&_p=1734458539774&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&cid=1833289019.1734458540&ecid=1968014496&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1734458539774&sst.ude=0&_s=1&sid=1734458540&sct=1&seg=0&dl=https%3A%2F%2Fgregjareczek.com%2F&dt=IL%20Auto%20%26%20Home%20Insurance%20Agent%20Greg%20Jareczek%20-%20State%20Farm%C2%AE&en=page_view&_fv=1&_nsi=1&_ss=1&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000&up.ECID=&tfd=1974&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

f1a26c6c2fd73a44a4af078e27db7e0af1f670e31c5aaceb7e41f74ba4cb0d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 enterprisesfuid Show response
apps.statefarm.com/sfuidservice/ 50 B
1 KB 523ms
247ms XHR
application/json 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Requested by

Host: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

5cefc0cd238bfe0dbfbf9c90ed1f5ddcb4c255650364c667bf83d93c2c32a872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://gregjareczek.com/

Response headers

x-request-id: 134399671306619022641882353657240166662, 134399671306619022641882353657240166662
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=dce"}]}
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=dce,edgio_country;desc=DE
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
x-frame-options: DENY
strict-transport-security: max-age=31536000 ; includeSubDomains
cache-control: no-store
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
access-control-allow-credentials: true
x-vcap-request-id: 15809d9b-ba81-47d5-7ef4-815c63bd0dc6
access-control-allow-origin: https://gregjareczek.com
content-length: 50
x-xss-protection: 1; mode=block
server: ECAcc (dac/9C8A)

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 101 B
195 B 335ms
122ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.35.0-2412161852

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 96
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 8C31 0
0 235ms
24ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=a997f768-2f04-4b8c-aada-1b22d64d9570&u_sclid=249961fb-69db-4451-9e18-84f6a41fdbb0

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 17 Dec 2024 18:02:20 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 2f0ca4be-e310-4347-a688-421e70cfc0e5.js Show response
tr.snapchat.com/config/com/ 210 B
479 B 400ms
117ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/2f0ca4be-e310-4347-a688-421e70cfc0e5.js?v=3.35.0-2412161852

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9d64d9e6207590d3593b8a33dcd21f2b5c61241ae565b0063617bd878f34b5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://gregjareczek.com
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 92
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: application/javascript
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 4E0E 0
0 234ms
25ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=a997f768-2f04-4b8c-aada-1b22d64d9570&u_sclid=249961fb-69db-4451-9e18-84f6a41fdbb0

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 17 Dec 2024 18:02:20 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 up
insight.adsrvr.org/track/ Frame 3532 0
0 291ms
35ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fgregjareczek.com%2F&upid=t8xbszz&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 17 Dec 2024 18:02:20 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame 9B64 0
0 292ms
37ms Document
text/html 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fgregjareczek.com%2F&upid=9nilek2&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://gregjareczek.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Tue, 17 Dec 2024 18:02:20 GMT
server: Kestrel

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/2724/2306363986/ 5 KB
1 KB 308ms
308ms Script
text/javascript 18.245.31.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/2724/2306363986/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-60.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=300
content-encoding: br
x-amz-version-id: WDcvF9IhJbF8ts9jXNci51nKym_IvHxV
etag: W/"bba2ad42c01bffaa3e7409c911586e23"
via: 1.1 b8455bc5c5405f573b6e4da5524ee9e2.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: K1IbGUcx0Gx1I8ZJ5k3WD0PYD9TqrQUkfN7ex0ARd06_fHxpu8Tdgg==
date: Tue, 17 Dec 2024 18:02:21 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P8
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 enterprisesfuid
apps.statefarm.com/sfuidservice/ Frame 0
0 750ms
257ms Preflight 117.18.238.236
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.statefarm.com/sfuidservice/enterprisesfuid

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C8A) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://gregjareczek.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://gregjareczek.com
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Tue, 17 Dec 2024 18:02:20 GMT
expires: 0
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=dce"}]}
server: ECAcc (dac/9C8A)
server-timing: edgio_cache;desc=NONE,edgio_pop;desc=dce,edgio_country;desc=DE
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options: nosniff
x-edg-mr: 84:0;84:1;84:5;84:6;84:8;
x-edg-version: 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e 208 84 70 NA 2024-12-05T22:33:27Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
x-frame-options: DENY
x-request-id: 98846197568815486006705205277746756018 98846197568815486006705205277746756018
x-vcap-request-id: f742d0ca-3701-44b4-633a-f0b62ced3a40
x-xss-protection: 1; mode=block

POST
H2 200 p
tr.snapchat.com/ 0
241 B 127ms
42ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 17
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 17 Dec 2024 18:02:20 GMT
server: API Gateway

GET
H2 200 s81178134225170
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
324 B 23ms
23ms Image
image/gif 63.140.62.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s81178134225170?AQB=1&ndh=1&pf=1&t=17%2F11%2F2024%2019%3A2%3A20%202%20-60&D=..&mid=17028343881748676161814560006242189475&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Awfmsg1ys000&g=https%3A%2F%2Fgregjareczek.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=gregjareczek.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m%3Awfmsg1ys000&h1=home%7Cagent-micro-m%7Cwfmsg1ys000&c4=sf%3Aagent-micro-m%3Awfmsg1ys000&v6=gregjareczek.com&v8=133372&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fgregjareczek.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=tuesday%7C12%3A00pm&v50=12%2F17%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F131.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-27.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3724721354161061888-4618459610354778744
x-content-type-options: nosniff
expires: Mon, 16 Dec 2024 18:02:20 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Tue, 17 Dec 2024 18:02:20 GMT
x-xss-protection: 1; mode=block
last-modified: Wed, 18 Dec 2024 18:02:20 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 new-vs-used-car-calculate-cost-of-ownership.jpg
ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 7 KB
7 KB 88ms
87ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/new-vs-used-car-calculate-cost-of-ownership.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

21683b390d7054cdf02650e23862e9dd5c187bc229af7bf9009c01d8acb76234

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWJ0F45R3KS6C54ME2T6F3-fra
cache-control: max-age=14400, public
via: 2 fly.io
expires: Tue, 17 Dec 2024 15:10:55 GMT
x-cache-key: 250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/new-vs-used-car-calculate-cost-of-ownership.jpg--with-webp
content-length: 7352
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 how-big-will-my-cat-get.jpg
ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 6 KB
6 KB 89ms
89ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/how-big-will-my-cat-get.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/fbf74ca1c (2024-12-13) /

Resource Hash

14518e18eb9c031a694cb874798f610238094986d463e8e4f64cba635212bb09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JFAWJ0F43K3QSP6FYFD49FWE-fra
cache-control: max-age=14400, public
via: 2 fly.io
expires: Tue, 24 Dec 2024 13:37:52 GMT
x-cache-key: 250x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/how-big-will-my-cat-get.jpg--with-webp
content-length: 5670
x-instance: 080eee0c157798
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/fbf74ca1c (2024-12-13)
x-region: ewr

GET
H2 200 collect Show response
sst.statefarm.com/g/ 744 B
1 KB 219ms
137ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4cc1v9178161793z8849799669za200zb849799669&_p=1734458539774&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&cid=1833289019.1734458540&ecid=1968014496&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1734458539774&sst.ude=0&_s=2&sid=1734458540&sct=1&seg=0&dl=https%3A%2F%2Fgregjareczek.com%2F&dt=IL%20Auto%20%26%20Home%20Insurance%20Agent%20Greg%20Jareczek%20-%20State%20Farm%C2%AE&en=MS_LP_Stand_AgentM2Site&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000&_et=4&tfd=2486&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4cc1v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

cfe53913e5c9bb723cf5c53917cf648196f6eabb7b2df19b21c8a0e01979cd4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:20 GMT
content-type: text/plain
server: Google Frontend

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 65ms
26ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gregjareczek.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 17 Dec 2024 18:02:20 GMT
x-envoy-upstream-service-time: 1
server: API Gateway

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
501 B 261ms
23ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&gtm=45j91e4c50h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&_gsid=3WRNTYXP84VtmgtKaU8uNTo4HurRHunQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:21 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 332ms
74ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&tid=G-3WRNTYXP84&cid=1833289019.1734458540&gtm=45j91e4c50h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&aip=1&z=815923761

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 18:02:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
56 B 241ms
30ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&gtm=45j91e4c50h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&_gsid=3WRNTYXP84yu8v9hwUC8LURH9gRhv0Dg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:21 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 307ms
75ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 17 Dec 2024 18:02:21 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
510 B 252ms
20ms Image
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&tid=G-3WRNTYXP84&cid=1833289019.1734458540&gtm=45j91e4c50h1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102081485~102198178~102262855&aip=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:21 GMT
content-type: text/plain
server: Golfe2

POST
H2 200 p
tr.snapchat.com/ 0
44 B 28ms
26ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://gregjareczek.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://gregjareczek.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 17 Dec 2024 18:02:21 GMT
server: API Gateway

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 785 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0451c8590e8ddadce83fcae3859586c229edef9c57709cdc42603f102bfe05c3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://gregjareczek.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Tue, 17 Dec 2024 18:02:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 18:02:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 142603
x-xss-protection: 0
server: Google Tag Manager

GET 1673276772914128
connect.facebook.net/signals/config/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1673276772914128?v=2.9.179&r=stable&domain=gregjareczek.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C164%2C198%2C200%2C123%2C158%2C146%2C152%2C130%2C236%2C117%2C128%2C147%2C174%2C160%2C119%2C237%2C166%2C120%2C239%2C167%2C137%2C124%2C155%2C149%2C195%2C114%2C129

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 01:49:04	Name: X-AB Value: 49c899aa23974ef3a3863a2944d923ca
gregjareczek.com/	1970-01-21 01:49:04	Name: __cheesecrd_version Value: master
.gregjareczek.com/	1970-01-21 01:47:40	Name: s_gad Value: 1
.demdex.net/	1970-01-21 06:06:50	Name: demdex Value: 20528179710131096281365190461812083583
.gregjareczek.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.gregjareczek.com/	1970-01-21 03:57:14	Name: _gcl_au Value: 1.1.435485730.1734458540
.dpm.demdex.net/	1970-01-21 06:06:50	Name: dpm Value: 20528179710131096281365190461812083583
.gregjareczek.com/	1970-01-21 11:23:38	Name: _ga Value: GA1.1.1833289019.1734458540
.gregjareczek.com/	1970-01-21 11:23:38	Name: _ga_3WRNTYXP84 Value: GS1.1.1734458540.1.0.1734458540.0.0.1968014496
.gregjareczek.com/	1970-01-21 11:17:25	Name: _scid Value: 4U5A_gQNaz1ATQS5rLY4uvdTDHnmBL6P
.gregjareczek.com/	1970-01-21 11:17:25	Name: _scid_r Value: 4U5A_gQNaz1ATQS5rLY4uvdTDHnmBL6P
.doubleclick.net/	1970-01-21 02:30:50	Name: ar_debug Value: 1
.statefarm.com/	1970-01-21 11:23:38	Name: s_ecid Value: MCMID%7C17028343881748676161814560006242189475
.gregjareczek.com/	1970-01-21 01:47:40	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3AWFMSG1YS000
.gregjareczek.com/	1970-01-21 01:47:40	Name: s_pre_v6 Value: gregjareczek.com
.gregjareczek.com/	1970-01-21 01:47:40	Name: s_dl Value: 1
.gregjareczek.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.gregjareczek.com/	1970-01-21 11:23:38	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271734458540485%27%5D%5D
.gregjareczek.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fgregjareczek.com%2F%7Caowsv%3D133372%7CentryProperty%3Dhttps%3A%2F%2Fgregjareczek.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DWFMSG1YS000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m%3AWFMSG1YS000%7Cmc%3Ddirect%20load%7C
.gregjareczek.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.gregjareczek.com/	1970-01-21 11:23:38	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20075%7CMCMID%7C17028343881748676161814560006242189475%7CMCAAMLH-1735063339%7C6%7CMCAAMB-1735063339%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1734465740s%7CNONE%7CMCSYNCSOP%7C411-20082%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.doubleclick.net/	1970-01-21 06:06:50	Name: receive-cookie-deprecation Value: 1
.gregjareczek.com/	1970-01-21 11:23:38	Name: invoca_session Value: %7B%22ttl%22%3A%222025-01-16T18%3A02%3A20.688Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%2C%22rn%22%3Atrue%7D%7D
.demdex.net/	1970-01-21 06:06:50	Name: dextp Value: 771-1-1734458540571\|903-1-1734458540673\|30646-1-1734458540774\|66757-1-1734458540879
.gregjareczek.com/	1970-01-21 01:57:43	Name: _ScCbts Value: %5B%5D
.doubleclick.net/	1970-01-21 11:09:14	Name: IDE Value: AHWqTUlSGOTxDB9FIAivt6WcqaHv5Tp8opMk7f7fGmHcoHnAudE46p-3td-HF93q2Z8

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://gregjareczek.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://gregjareczek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://gregjareczek.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://gregjareczek.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://gregjareczek.com/ Message: The resource https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_143073040_ainis6.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
ad.doubleclick.net
apps.statefarm.com
cm.everesttech.net
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
dpm.demdex.net
ephemera.mirus.io
gregjareczek.com
insight.adsrvr.org
invocation.deel.c1.statefarm
js.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
region1.analytics.google.com
sc-static.net
smetrics.statefarm.com
solutions.invocacdn.com
sst.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
www.google.com
www.google.de
www.googletagmanager.com
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
104.198.70.133
108.138.15.119
117.18.238.236
142.250.185.100
142.250.185.102
157.240.0.6
172.217.18.3
18.245.31.60
2.21.20.12
2001:4860:4802:32::36
216.58.212.134
2600:9000:206f:6800:2:8f43:5780:93a1
2a00:1450:4001:80f::2008
2a00:1450:400c:c0c::9d
2a09:8280:1::42:4195
3.163.248.4
34.128.179.202
34.255.155.228
34.69.219.172
35.190.43.134
52.211.121.244
52.212.200.255
52.223.40.198
54.91.59.80
63.140.62.27
65.9.66.103
0451c8590e8ddadce83fcae3859586c229edef9c57709cdc42603f102bfe05c3
06a074fccbce7830a8a826c4748e8e47d01e971f2b6bb7190d2c9542337fb88f
14518e18eb9c031a694cb874798f610238094986d463e8e4f64cba635212bb09
21683b390d7054cdf02650e23862e9dd5c187bc229af7bf9009c01d8acb76234
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
3ae0dbc8c140b472652e66416b77d4d276815bc0589245fbc8135c8704b47d1b
41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9
43da34fb2ddb8179f48688c6883256121e0dd610361f0e688b93708293ec8648
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4dfb9db2bf2dcd8e3bab7e93b5b69f005c0a7c10ff57e078ec2617fd89cb5d5f
4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5cefc0cd238bfe0dbfbf9c90ed1f5ddcb4c255650364c667bf83d93c2c32a872
625132354b8dd1c2a74a6dc0b1affd9c050cc2af401b6e166a5da8883979c16b
6830cb8cceb6226901558a5de6ffc9d51d9c868b1dbc6fff7c0550744d393266
7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
739f31db4541b575d1a8f46ff55481ae933a0535f0d089d380ff8ca7c9fdeb6b
7629f3019901862e994464416642a443c651d51286d80df7e7632406e5f3de90
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314
78b1433b276c49c09ff8349ac00a7c63f34cd8f165a5ae572b4b61f3efd57edf
7ea8f7adbbb7e24ac2ee369a7959169fca2eb54d959f527d89a0ce0dc58b7d8a
81214bb74d398bca1bd710a3c6062414e22370dd7229ae1e0d131e1aa6cbf042
83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf
83b57a0b738992a35a8ee9bd4c5f6c54b2599c68323067da08ff1e4d41a4de5d
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8fe094b5e27e310c4c148d8588bcebcaad06501f9e9f8d3f2d8e8ce15a87d41e
94cd607a51ad086c33e45550f820653f367ef82a64f997946eaf93aed910a097
9d64d9e6207590d3593b8a33dcd21f2b5c61241ae565b0063617bd878f34b5f9
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a3d4c1535d563d94e47dfc36fddbd24895428ac102e00b279b363b18cbc8ccb1
a40163c3ab8634b09e5c717a2b6d73318cfa57a190f467f9deba6501ce95df0d
a98f8d1e199aa78ae014598a0bba160a2ff319bb74c94ab41121876120c34743
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
bb19cc9bb9e4e0f0237ee1f0c213487452c77e6f9fa6fa9edcb87f4de9f0c21a
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c55f527e536de44c7980fecece7428ae5a765647495e47008a8a54fa1e434736
c96463100e774599fbb9784785ca4e09f5ae7fa77c12d234cb972f1465d0b0e2
ca151f1aabec182cdd5dc707a55d29b20839ae69630d8b00094892c53c63c6ec
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
ca5c060845b9a6c45e56ef1908d4028aae5b35b59d0f54a8f85aa061de8ccd4c
cfe53913e5c9bb723cf5c53917cf648196f6eabb7b2df19b21c8a0e01979cd4e
d074776be5e45fa359623c533a51390fcd4f94cfb2748839ada752c20ea85c81
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d854231970c7f36729329d520ce2efcff6ecac1dd299f64ae94b0f0ab845e2e0
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
df1c6cf30e51668e15b541e9cd78a5a4fffd780536eb6163a5e07eae019ce056
e16271d0c8b38f4405a8d962526546482a5facabca4dc3c86798204921726064
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4c8b6102122aba58c6a5c7cbada31360d8393df40db953c64c6cd6f0df5f9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1
f18dbd8450b99f64f234a949081b822f7b6dd983290db9c16ca04f4505838672
f1a26c6c2fd73a44a4af078e27db7e0af1f670e31c5aaceb7e41f74ba4cb0d91
f3d3d621498f6834effc5417ae1921c2c6fe9c8a0e2726a10c4d076714158745
f3ed9c54472b252d450187dd55bbb009b8d29e2ce1175de51b804f474a91d3f4
fba675b1df2a2ed0dfc5250f9ad4942cfeb7c3a90a9de558c891ad0ec9cba0aa
fcf53e6f63edcefe96b3c5619df925357b45e6d5cc6a6a53da072c61ed891c2e

gregjareczek.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

94 %HTTPS

19 %IPv6

17 Domains

28 Subdomains

26 IPs

4 Countries

1616 kBTransfer

5142 kBSize

26 Cookies

22 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gregjareczek.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

94 %
HTTPS

19 %
IPv6

17
Domains

28
Subdomains

26
IPs

4
Countries

1616 kB
Transfer

5142 kB
Size

26
Cookies

84 HTTP transactions
0 data transactions