jeffhamiltononline.com Open in urlscan Pro
34.69.219.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jeffhamiltononline.com/
Effective URL:
https://jeffhamiltononline.com/
Submission: On November 23 via api (November 23rd 2024, 1:31:20 am UTC) from US — Scanned from DE

Summary HTTP 84 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 26 IPs in 4 countries across 18 domains to perform 84 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is jeffhamiltononline.com.
TLS certificate: Issued by R10 on November 22nd 2024. Valid for: 3 months.

This is the only time jeffhamiltononline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.69.219.172 34.69.219.172	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
31	2a09:8280:1::... 2a09:8280:1::42:4195	40509 (FLY) (FLY)
1	3.218.177.249 3.218.177.249	14618 (AMAZON-AES) (AMAZON-AES)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:224... 2600:9000:2240:7800:14:17ae:9e00:21	16509 (AMAZON-02) (AMAZON-02)
1	117.18.238.236 117.18.238.236	15133 (EDGECAST) (EDGECAST)
2	104.198.70.133 104.198.70.133	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
6	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:a000:2:8f43:5780:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.48.124.151 52.48.124.151	16509 (AMAZON-02) (AMAZON-02)
4	65.9.66.24 65.9.66.24	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
1	3.163.248.4 3.163.248.4	16509 (AMAZON-02) (AMAZON-02)
2	13.225.78.124 13.225.78.124	16509 (AMAZON-02) (AMAZON-02)
1	54.154.212.37 54.154.212.37	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	16509 (AMAZON-02) (AMAZON-02)
1 1	54.154.90.74 54.154.90.74	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	34.128.179.202 34.128.179.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
84	26

1 34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com

jeffhamiltononline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a09:8280:1::42:4195 (United States)

ASN40509 (FLY, US)

ephemera.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.218.177.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-177-249.compute-1.amazonaws.com

invocation.deel.c1.statefarm	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:7800:14:17ae:9e00:21 (United States)

ASN16509 (AMAZON-02, US)

djwmpmz818tx4.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 117.18.238.236 (Phoenix, United States)

ASN15133 (EDGECAST, US)

online.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.70.133 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 133.70.198.104.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:a000:2:8f43:5780:93a1 (United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.124.151 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-124-151.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.163.248.4 (United States)

ASN16509 (AMAZON-02, US)

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net

solutions.invocacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.212.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-212-37.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.90.74 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-90-74.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

11264551.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.128.179.202 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.179.128.34.bc.googleusercontent.com

sst.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tr6.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	mirus.io ephemera.mirus.io — Cisco Umbrella Rank: 301133 peachy.prod.mirus.io — Cisco Umbrella Rank: 360831	552 KB
7	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 903 tr6.snapchat.com — Cisco Umbrella Rank: 1333	1013 B
6	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 4813	77 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	538 KB
5	statefarm.com online.statefarm.com — Cisco Umbrella Rank: 81907 smetrics.statefarm.com — Cisco Umbrella Rank: 52632 sst.statefarm.com	5 KB
4	doubleclick.net 1 redirects 11264551.fls.doubleclick.net — Cisco Umbrella Rank: 108991 ad.doubleclick.net — Cisco Umbrella Rank: 145 stats.g.doubleclick.net — Cisco Umbrella Rank: 135	1 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 262 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 67059	3 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 960	6 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3 region1.analytics.google.com — Cisco Umbrella Rank: 4108	557 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	137 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745	126 B
2	invocacdn.com solutions.invocacdn.com — Cisco Umbrella Rank: 7200	40 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1608	490 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1109	24 KB
1	cloudfront.net djwmpmz818tx4.cloudfront.net	891 B
1	c1.statefarm invocation.deel.c1.statefarm — Cisco Umbrella Rank: 96891 deel-id-persistence.deel.c1.statefarm Failed	5 KB
1	jeffhamiltononline.com jeffhamiltononline.com	153 KB
0	st8fm.com Failed static1.st8fm.com Failed
84	18

	Domain	Requested by
31	ephemera.mirus.io	jeffhamiltononline.com
6	tr.snapchat.com	sc-static.net
6	nexus.ensighten.com	invocation.deel.c1.statefarm nexus.ensighten.com
6	www.googletagmanager.com	invocation.deel.c1.statefarm www.googletagmanager.com
3	dpm.demdex.net	1 redirects
3	connect.facebook.net	jeffhamiltononline.com connect.facebook.net
2	www.google.de
2	region1.analytics.google.com
2	sst.statefarm.com	www.googletagmanager.com
2	insight.adsrvr.org	js.adsrvr.org
2	11264551.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	smetrics.statefarm.com	nexus.ensighten.com
2	solutions.invocacdn.com	jeffhamiltononline.com solutions.invocacdn.com
2	peachy.prod.mirus.io	jeffhamiltononline.com
1	stats.g.doubleclick.net
1	tr6.snapchat.com	sc-static.net
1	ad.doubleclick.net
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	nexus.ensighten.com
1	sc-static.net	jeffhamiltononline.com
1	js.adsrvr.org	www.googletagmanager.com
1	www.google.com	www.googletagmanager.com
1	online.statefarm.com	invocation.deel.c1.statefarm
1	djwmpmz818tx4.cloudfront.net	jeffhamiltononline.com
1	invocation.deel.c1.statefarm	jeffhamiltononline.com
1	jeffhamiltononline.com
0	deel-id-persistence.deel.c1.statefarm Failed	invocation.deel.c1.statefarm nexus.ensighten.com
0	static1.st8fm.com Failed	invocation.deel.c1.statefarm
84	28

This site contains links to these domains. Also see Links.

Domain
apps.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
www.instagram.com
www.yelp.com
search.google.com
brokercheck.finra.org
www.google.com
get-id-card.delitess.c1.statefarm
www.statefarm.com
financials.statefarm.com
www.youtube.com
www.jeffhamiltononline.com
twitter.com
static1.st8fm.com
trupanion.com
itunes.apple.com
play.google.com

Subject Issuer	Validity	Valid
jeffhamiltononline.com R10	`2024-11-22` - `2025-02-20`	3 months	crt.sh
ephemera.mirus.io E5	`2024-11-18` - `2025-02-16`	3 months	crt.sh
invocation.deel.c1.statefarm Amazon RSA 2048 M03	`2024-03-20` - `2025-04-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
statefarm.com Entrust Certification Authority - L1K	`2024-04-22` - `2025-04-22`	a year	crt.sh
peachy.prod.mirus.io R11	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
nexus.ensighten.com Amazon RSA 2048 M03	`2024-08-29` - `2025-09-28`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
sc-static.net Amazon RSA 2048 M03	`2024-11-20` - `2025-12-20`	a year	crt.sh
invocacdn.com Amazon RSA 2048 M02	`2024-08-23` - `2025-09-21`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2024-02-07` - `2025-02-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
sst.statefarm.com WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-23` - `2025-07-22`	a year	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://jeffhamiltononline.com/
Frame ID: 23DDB0029FBB049D34AD297AB1585386
Requests: 76 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fjeffhamiltononline.com
Frame ID: 99500901F7669BD512706CE0183CA738
Requests: 1 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 60DCD2667E4EBC55CB72F79651A005D5
Requests: 1 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F
Frame ID: A95B7630C962701E6F07730EF9B11ED2
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fjeffhamiltononline.com%2F&upid=t8xbszz&upv=1.1.0&paapi=1
Frame ID: C5E06914593C1C8CAE0C906B77742A19
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fjeffhamiltononline.com%2F&upid=9nilek2&upv=1.1.0&paapi=1
Frame ID: D122277C29534E36E17F3F197554C0D2
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=65d90393-df1a-4078-9dda-cea4e30b7857&u_sclid=a342f057-832d-473c-af33-90d854135941
Frame ID: 1116F8A11D3A09D56246E4A5413614AA
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=65d90393-df1a-4078-9dda-cea4e30b7857&u_sclid=a342f057-832d-473c-af33-90d854135941
Frame ID: 49A40F1A9A4BB69415B2910182657C19
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home, Auto Insurance & More in TX | Jeff Hamilton – State Farm®

Page URL History Show full URLs

http://jeffhamiltononline.com/ HTTP 307
https://jeffhamiltononline.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Alpine.js (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

/alpine(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

84
Requests

93 %
HTTPS

23 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

1542 kB
Transfer

4210 kB
Size

26
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.statefarm.com/CustomerRegistrationUI/
Title: Create an account

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-ui/login
Title: Log in

Search URL Search Domain Scan URL

URL: https://www.facebook.com/356095217513

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jeff-hamilton-9026b832

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jeffhamiltonstatefarm/

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/zqtHDYacrClKP9lvi-gVGQ

Search URL Search Domain Scan URL

URL: https://search.google.com/local/writereview?placeid=ChIJ-ViR2u-ERoYRxF-KGcl0MkU

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=30.577052%2C-96.28056&query_place_id=ChIJ-ViR2u-ERoYRxF-KGcl0MkU
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://get-id-card.delitess.c1.statefarm/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/retrieve-saved-quotes/
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims/file-a-claim
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/residence/surprising-household-hazards#agentAssociateId=BRP941YS000
Title: Surprising household hazards

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/safety/the-real-consequences-of-drunk-driving#agentAssociateId=BRP941YS000
Title: The Real Consequences of Drunk Driving

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/small-business/mobile-credit-card-readers-and-your-small-business#agentAssociateId=BRP941YS000
Title: Are mobile credit card readers a good choice for small businesses?

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/#agentAssociateId=BRP941YS000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=H2djPu3wvzE
Title: Savers Ed :15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ZyzQ6qNqsVc
Title: Holy Mackerel :15

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=658DzgpgZ9M
Title: Tough :30

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=iwnh-w4i9jU
Title: No-Brainer :30

Search URL Search Domain Scan URL

URL: https://www.jeffhamiltononline.com/
Title: www.jeffhamiltononline.com

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jeff.hamilton.5074644?ref=tn_tnmn
Title: Jeff Hamilton - State Farm Agent Facebook Page

Search URL Search Domain Scan URL

URL: https://twitter.com/jshagency
Title: Jeff Hamilton - State Farm Agent LinkedIn Page

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/pub/jeff-hamilton/32/6b8/902/
Title: Jeff Hamilton - State Farm Agent Twitter Page

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/en_US/downloads/sf/customer-relationship-summary.pdf
Title: State Farm VP Management Corp. Customer Relationship Summary

Search URL Search Domain Scan URL

URL: https://trupanion.com/pet-insurance/policy/view-sample-policy
Title: full policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security
Title: Security & Fraud

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: State Privacy Rights

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jeffhamiltononline.com/ HTTP 307
https://jeffhamiltononline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536

Request Chain 61

https://cm.everesttech.net/cm/dd?d_uuid=37126975941192114313645324725854319768 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwZQAAAFsIUANx

Request Chain 63

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F HTTP 302
https://11264551.fls.doubleclick.net/activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F

84 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
jeffhamiltononline.com/
Redirect Chain

http://jeffhamiltononline.com/
https://jeffhamiltononline.com/

663 KB
153 KB

568ms
207ms

Document
text/html

34.69.219.172
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 172.219.69.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 28ab1b75d1bed53b17015cbfc70fd243f4dd0b595006e2e0defc11cc296532fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache, max-age=30
content-encoding: gzip
content-type: text/html
date: Sat, 23 Nov 2024 01:31:14 GMT
etag: "66ef1b913808f8ec3d96adba77bc6660"
expires: Sat, 23 Nov 2024 01:31:44 GMT
last-modified: Fri, 22 Nov 2024 16:08:20 GMT
server: UploadServer
vary: Accept-Encoding
x-cheesecrd-backend: mx-gcs
x-cheesecrd-lookup: master:jeffhamiltononline.com/
x-cheesecrd-path: /
x-goog-generation: 1732291700257098
x-goog-hash: crc32c=TpFJvw== md5=Zu8bkTgI+Ow9lq26d7xmYA==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 155917
x-guploader-uploadid: AFiumC48aD9FYeKUQXao2scNJD0rePnJL9JXgk3O6DuVFjHFBuY6BhLMcaLUUF55SDg-SEm_1gVSIPBqvQ

Redirect headers

Location: https://jeffhamiltononline.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 26 KB
26 KB 483ms
263ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

af693cb19d143c832ca90a57bf46888527bc3d8b65138a87177f6cbbe5b78a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0HQHSBQDZGQ2Z6J3KHV-ams
cache-control: public,max-age=604800
via: 2 fly.io
expires: Tue, 26 Nov 2024 18:46:22 GMT
x-cache-key: 1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 26490
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 deel.js Show response
invocation.deel.c1.statefarm/ 12 KB
5 KB 407ms
149ms Script
text/javascript 3.218.177.249
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.218.177.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-177-249.compute-1.amazonaws.com
Software: /
Resource Hash: b42d87f83f435663ec749627fc2ee7aca8412ee37f486572ef8ba98bf80ca6b5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-apigw-id: BrR_hG_9IAMEvBQ=
x-amzn-trace-id: Root=1-67413062-3315e03d2a27e845181a363a;Parent=010855c05104a4c9;Sampled=0;Lineage=1:bfbe80d8:0
access-control-allow-methods: OPTIONS,POST,GET,HEAD
x-amzn-requestid: c2bd4241-e2e8-4c78-a239-df369007063d
access-control-allow-origin: *
server-timing: generated;dur=7.284282000269741
content-length: 5051
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: text/javascript
access-control-allow-headers: Content-Type, Referer

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 93ms
38ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

71a15ef06aad42d0a901e7eb7e2099f2ac3b120a81f75dc477acc60a528ba17e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

content-md5: 7ZU9oR6pWsHHZVOemUloOw==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "b3280a77795db2d08f35c3d6794d5e2a"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 23 Nov 2024 01:35:53 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: b4966711b251a6e3a738f20cc65da7fa
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=23, mss=1232, tbw=4430, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: hQBubK2x3reUajQB88ESyC1fHtbNtIodP+DwkIL/FpKQd+3CxxLrgwp8zBgK7KuXduCtlconmCPOcMnvA1n6Vg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 1687
origin-agent-cluster: ?1

GET
H2 200 MecherleSans-SemiBold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 406ms
193ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=08A3Cg==, md5=HSfGj6s7xXwOsbdCyzVRYA==
etag: "1d27c68fab3bc57c0eb1b742cb355160"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32208
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:47 GMT
fly-request-id: 01JDBAA0HRAFZHGNP6RZ7W0K4B-ams
x-guploader-uploadid: AD-8ljt_ysebbx1Qlg2Qq-UHZi9otwe94fIR8OBKgToxAFXH9TNS1arLAoqlKvaji69BXlXaN04
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-SemiBold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375807290665
content-length: 32208
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 MecherleSans-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 408ms
194ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=u4HwWQ==, md5=dx6417g8wlF3bhAvuK4pcg==
etag: "771eb8d7b83cc251776e102fb8ae2972"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32200
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:45 GMT
fly-request-id: 01JDBAA0HRZVTT3ZC4190V5T0N-ams
x-guploader-uploadid: AD-8ljsvtXJZ5fCZ4UdtutROgmukzeYFp78A-ZScZdM7kcW-UC4IrE555I0xrqjdPmtBOEKRFzU
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375805445415
content-length: 32200
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 MecherleSans-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
32 KB 631ms
418ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DAIcBw==, md5=RVaKmLgIW5ROm4xHopR2Rg==
etag: "45568a98b8085b944e9b8c47a2947646"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31948
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:46 GMT
fly-request-id: 01JDBAA0HRFQ744R6HJKHXXPYK-ams
x-guploader-uploadid: AD-8ljsayx8lglBR3-g2bWUvF0pOJWyliuM1swYMefchjDexZyfztsoV_z3s8SgQP85iRHFHGA4
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375806347729
content-length: 31948
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 9 KB
10 KB 403ms
191ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

272f0ace53f0400f823ff960164bb9bb118aa21b947ff29cb1e6b968e777dafd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0HQNM3FFR7AQWYTVQW8-ams
cache-control: public,max-age=604800
via: 2 fly.io
expires: Thu, 28 Nov 2024 18:09:18 GMT
x-cache-key: 600x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 9530
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/ 20 KB
20 KB 328ms
116ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

1f8539d89c61cf953dd16255d35a8c4365ea71fe107ecc457ff83ced430c8ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0HQPWH0SK0TTYBHVVNG-ams
cache-control: max-age=7200
via: 2 fly.io
expires: Fri, 29 Nov 2024 14:28:42 GMT
x-cache-key: 50x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg--with-webp
content-length: 20494
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 MecherleSans-Bold.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 31 KB
31 KB 406ms
202ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=VzL8Pg==, md5=fMljK53xGa7SWmgSscWVaQ==
etag: "7cc9632b9df119aed25a6812b1c59569"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 31812
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:44 GMT
fly-request-id: 01JDBAA0HRA73Z91YQ4549G00Z-ams
x-guploader-uploadid: AD-8ljvvvovpP0W6V8lkYV-fWLJ6E-qHAy_VDIMqjJj3y6LUQmMATDdQ5L5h1AbvzkT5P_y_oP0
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleSans-Bold.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375804528343
content-length: 31812
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 254 KB
75 KB 42ms
41ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2792938d3f9eb36f9071177313c3eae9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

ea43135577a6db7ab25a8cbd12b6f42abcd1d6b960fc9a86f95df8365791110e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

content-md5: UV+SmhLf9mBKBfeNBGHX2g==
access-control-expose-headers: X-FB-Content-MD5
content-encoding: gzip
etag: "129050310a4236cab1064208c531784a"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sun, 23 Nov 2025 00:47:23 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5: 7138e1c39df2fb01331a351e692307a8
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=26, mss=1232, tbw=8254, tp=14, tpl=0, uplat=2, ullat=-1
x-fb-debug: 7URJG0qc8yXxrYWyC3UKLYuBChtQPEw40AsNpSaj0UYdfuX/FSF/cF3H5qaSp4yLtTUEpQbZmohcsqv8dXQwVQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
access-control-allow-origin: *
content-length: 76581
origin-agent-cluster: ?1

GET
H2 200 jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png
ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/ 3 KB
3 KB 114ms
114ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

504cbaedd27a2dfc913ef7a4089b75f1fe46a9c5e00c27d9259dfb79186b5e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0KZRKG848PET376JFW6-ams
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Wed, 02 Apr 2025 19:15:53 GMT
x-cache-key: 100x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png--with-webp
content-length: 2674
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 98-surprising-household-hazards-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 13 KB
13 KB 270ms
270ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

42c44fa5899fbbd1805d74252f8edd7337aecf6c7bd103e96f1eb110ab7ef9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0M5WQ5W1C130SMSEC8E-ams
cache-control: max-age=14400, public
via: 2 fly.io
expires: Sat, 30 Nov 2024 01:24:36 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg--with-webp
content-length: 13044
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/ 10 KB
10 KB 121ms
121ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0M5DGQQPFK3RXSZHVDM-ams
cache-control: max-age=14400
via: 2 fly.io
expires: Sat, 23 Nov 2024 03:53:36 GMT
x-cache-key: 100x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 9952
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 402-mobile-credit-card-readers-wide.jpg
ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 13 KB
13 KB 296ms
296ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

1dc3ee4a133e6eb7e9f114ad5aa6ccea174d8eecd33664f3b9f7baee80a5b6a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0M5CP6RD0N1R9W58QH2-ams
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 20:56:13 GMT
x-cache-key: 100x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg--with-webp
content-length: 12960
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 alpineFileInput.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 133ms
133ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=1UwfBQ==, md5=RpcJsGzTbfZT935fdxXDYw==
etag: "469709b06cd36df653f77e5f7715c363"
age: 31
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1421
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0M64Z8617F0B5BB2MKV-ams
x-guploader-uploadid: AD-8ljsc4NDfkzM0nCPAzUK-8SmRhmWgCTyx64eB5Mazg8uC-yEaHUxR5ejtoqwPa1by5WRb01c
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineFileInput.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837158857
content-length: 1421
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
1 KB 172ms
169ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

890265e01c43d8144a48919076e65e4a3b92ffb43db367eb57ac98bfa940ce7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0MDRFN8F4E71MPF430K-ams
cache-control: public, max-age=3600
via: 2 fly.io
expires: Thu, 21 Nov 2024 16:50:00 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154210Z_jeffhamiltononline_com_gxnqvynrtk.jpg--with-webp
content-length: 1134
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 1 KB
1 KB 295ms
292ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

07259c4d796190e9815d1c4ee240109b4fa222e1276ec031ba52ca067dca7653

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0N3BJYXXA0ZZ5RXQFSP-ams
cache-control: public, max-age=3600
via: 2 fly.io
expires: Sat, 23 Nov 2024 02:24:36 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154205Z_jeffhamiltononline_com_ivjcqihtmw.jpg--with-webp
content-length: 1030
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 988 B
1 KB 294ms
291ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

6c557f92427f425b2d87dcbf69bb8e1a9f76b224ebe4b84871f60f0fcbc36488

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0N3EGJAJ55SNSK51NK4-ams
cache-control: public, max-age=3600
via: 2 fly.io
expires: Sat, 23 Nov 2024 02:24:36 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154214Z_jeffhamiltononline_com_tvoyytyusz.jpg--with-webp
content-length: 988
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg
ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/ 876 B
1 KB 295ms
292ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

eb3d4090e3f2ca70f75502e27dcf47b158d96dc796a44a820f726856f418ee9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA0N3KHTZKQGKSEFJCP87-ams
cache-control: public, max-age=3600
via: 2 fly.io
expires: Fri, 22 Nov 2024 15:28:42 GMT
x-cache-key: 64x0/https://storage.googleapis.com/static.mirus.io/images/dco/mx/approvals/accepted/BRP941YS000_staff_avatar_20240904154213Z_jeffhamiltononline_com_ljholerwlx.jpg--with-webp
content-length: 876
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 x-twitter-a5a940648e95efaeb764013c7b72d9e3.svg
djwmpmz818tx4.cloudfront.net/packs/media/images/ 431 B
891 B 158ms
41ms Image
image/svg+xml 2600:9000:2240:7800:14:17ae:9e00:21
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://djwmpmz818tx4.cloudfront.net/packs/media/images/x-twitter-a5a940648e95efaeb764013c7b72d9e3.svg
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:7800:14:17ae:9e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3761d4cd0b55c2fa44aea032ad60824334f55210c1c497f66feb141860f16d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-amz-cf-pop: FRA60-P1
cache-control: public,max-age=31536000,immutable
etag: "a5a940648e95efaeb764013c7b72d9e3"
age: 3392669
via: 1.1 ec1ac21acdbd36c971eca9d6b61d0744.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 431
x-amz-cf-id: FrhWijlMuvJHLAy0ZdEz9zT9OjNoFYAtcqrtjTtaD9IHP6Ha0RepQw==
date: Mon, 14 Oct 2024 19:06:47 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 18:18:58 GMT
x-amz-expiration: expiry-date="Wed, 15 Oct 2025 00:00:00 GMT", rule-id="1 Year Asset Expiration"
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 alpine.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 57 KB
20 KB 294ms
292ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=LzHgoA==, md5=Mly4HbEnV1z/Y7LB50mJJA==
etag: "325cb81db127575cff63b2c1e7498924"
age: 32
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 20468
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0N3CQ75WM1Z9735ZSAY-ams
x-guploader-uploadid: AD-8ljucwko1kDxdhzZBu6L4Obew_wT02S97fAF8ThOdtTRS9ZJLkouF5XWqeRqbP-gGVCiYTi8
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpine.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836631823
content-length: 20468
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 lazysizes.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 8 KB
4 KB 171ms
169ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=tVVvrw==, md5=L7AQdlGGQX2hI0aIb7oxIQ==
etag: "2fb010765186417da12346886fba3121"
age: 32
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 3734
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0N3ZTCQX1FT59M4Z85V-ams
x-guploader-uploadid: AD-8ljs6Qnvjr3TMqw81r9nBekDBK1iKM3Z-fhthjBFyIp3ST0dJpIRnDmwlgOHqRcDE-o6eQM8
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/lazysizes.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837598472
content-length: 3734
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 scrollToElement.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 471 B
673 B 294ms
293ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=RSR0kQ==, md5=kngY9s1AJeNla8ZK5oeNGg==
etag: "927818f6cd4025e3656bc64ae6878d1a"
age: 25
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 305
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:17 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0N3HWS6KAJGY14W8XF1-ams
x-guploader-uploadid: AD-8ljuo9VEtyBhw1eLfBCRMMUIuMJ0Y78rzJvHzmzU1Znx3BWftfxuOmPQO3LAarO01xW0zBOE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/scrollToElement.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375837827886
content-length: 305
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 utils.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 3 KB
2 KB 292ms
291ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=4ONwJg==, md5=r4lD+PeYC4tdD7TVNUQZ0A==
etag: "af8943f8f7980b8b5d0fb4d5354419d0"
age: 32
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 1392
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0N320VZDX4JD2MWT9X6-ams
x-guploader-uploadid: AD-8ljsjjFJ_uKqLqjLBfmtzuSXWKZVNRVvi76shTtA9IRcqOkg2m2dEoDYcVuInGuVAYGNhrfw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/utils.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838270863
content-length: 1392
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 svgIcon.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 122 B
472 B 294ms
292ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=eftfvQ==, md5=nBnVTvrswKdRHyl/iXSy/Q==
etag: "9c19d54efaecc0a7511f297f8974b2fd"
age: 56
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:58:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 134
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:18 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0N3MH2NPVEPHNM6PZGQ-ams
x-guploader-uploadid: AD-8ljvISXiPkG_kdfVXn9sdSjRiUiXJ6FX24GODUMrZa41Ogseh9yHd5baH8GaNMU4dKnI-ut4
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/svgIcon.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375838054871
content-length: 134
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 alpineContactForm.js Show response
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/ 101 KB
35 KB 127ms
126ms Script
application/javascript 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
content-encoding: gzip
x-goog-hash: crc32c=6XSSRg==, md5=rubEPjqukPKiONSSF6OOKg==
etag: "aee6c43e3aae90f2a238d49217a38e2a"
x-goog-stored-content-encoding: gzip
expires: Fri, 26 Sep 2025 18:59:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 35228
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:14 GMT
content-type: application/javascript
last-modified: Thu, 26 Sep 2024 18:37:16 GMT
vary: Accept-Encoding
fly-request-id: 01JDBAA0MCS77B1D9G6WJJGQCX-ams
x-guploader-uploadid: AD-8ljtm_4mt4wHDkUc7tkYlxt6tuNdeD8ixVCD6vB2ldiOJpkSmrzPgTlZMd46B-t8iG3xKKSA
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/js/alpineContactForm.js
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375836907792
content-length: 35228
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 403 trafficdetection.aspx Show response
online.statefarm.com/ddc/ 1004 B
2 KB 1315ms
343ms Fetch
text/html 117.18.238.236
EDGECAST

General

Check archive.org

Download Go to

Full URL

https://online.statefarm.com/ddc/trafficdetection.aspx

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

117.18.238.236 Phoenix, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (dac/9C12) /

Resource Hash

59f0ba5c76187b437c4d201c329da3c42036a2eefdbfc89f40e08bed85077bfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-request-id: 1647276363650952407816148738600562582733, 1647276363650952407816148738600562582733
report-to: {"group":"default","max_age":1800,"include_subdomains":true,"endpoints":[{"url":"https://report.edgecast.com/nel/v0?envid=d3af5b5b-1757-4d50-996a-390a62a1abed&pop=nyd"}]}
x-content-type-options: nosniff
x-edg-mr: 77:0;77:1;77:5;77:6;77:8;77:12;
server-timing: edgio_cache;desc=CONFIG_NOCACHE,edgio_pop;desc=nyd,edgio_country;desc=DE
x-edg-version: 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e, 190 77 66 NA 2024-11-22T02:30:08Z 0a5d0e7c-2f96-48c8-b81a-68aa7dd4528e
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
cache-control: no-cache
nel: {"report_to":"default","max_age":43200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.001}
pragma: no-cache
access-control-allow-origin: https://jeffhamiltononline.com
content-length: 1004
x-xss-protection: 1; mode=block
server: ECAcc (dac/9C12)

GET
H2 200 MecherleLegal-Medium.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
33 KB 237ms
236ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=+uFDXg==, md5=XDIRcEeagVq3kMdxvMjx0w==
etag: "5c321170479a815ab790c771bcc8f1d3"
age: 31
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32960
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:42 GMT
fly-request-id: 01JDBAA0RVQCS11B5GZ9F16M03-ams
x-guploader-uploadid: AD-8ljv1TE_OY5Si-WhZp1BDg8bAkH3CIS-YCZ8i1W8yOJhCSBQnXapYHgz8yhSJrVpXmm0iqIE
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Medium.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375802497420
content-length: 32960
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 MecherleLegal-Regular.woff2
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/ 32 KB
32 KB 179ms
179ms Font
font/woff2 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=DxtPkQ==, md5=Uj34LMCLu47zM/VQw8Ho4g==
etag: "523df82cc08bbb8ef333f550c3c1e8e2"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:59:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 32844
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: font/woff2
last-modified: Thu, 26 Sep 2024 18:36:43 GMT
fly-request-id: 01JDBAA0RW3NDDRNFPCJXN0VCP-ams
x-guploader-uploadid: AD-8ljttSL4gKbegOlUCICPa6Hcv62qKrMCalACwm_fWm2nPid8D5ywlS8w0QYJX4yxx3i9ZZ84
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/fonts/sf/MecherleLegal-Regular.woff2
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375803539954
content-length: 32844
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 m1_web_206293605.jpg
ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/ 45 KB
45 KB 122ms
122ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

5ec6df60102ee7a254e9f4f221d5edd42b8afd35accaf2b128aaa802303bfcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA11AXZSYXHFFDPVFVDYQ-ams
cache-control: public,max-age=604800
via: 2 fly.io
expires: Thu, 28 Nov 2024 23:52:20 GMT
x-cache-key: 1920x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg--with-webp
content-length: 45982
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 formalColorFull.jpg
ephemera.mirus.io/imgr/250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/ 24 KB
24 KB 155ms
155ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

4e7fa25760db71180329c96b2cbee941ef1f4fce9797d083c8be4ffa139747e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA11APBAGAHDK4Q4F5T3C-ams
cache-control: max-age=7200
via: 2 fly.io
expires: Fri, 29 Nov 2024 14:28:43 GMT
x-cache-key: 250x0/https://ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg--with-webp
content-length: 24738
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png
ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/ 59 KB
59 KB 118ms
117ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

c0a3ad55ba9bad79266d475e1d181c8a8f32a5a58a33e9a31adf91a8edac2c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA166JPEDGBKKKX4KFBHE-ams
cache-control: public,max-age=31536000,immutable
via: 2 fly.io
expires: Wed, 02 Apr 2025 19:15:19 GMT
x-cache-key: 1000x0/https://storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-33578849295b120f109f833b34fe6fb9.png--with-webp
content-length: 60454
x-instance: 080eee0c157798
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 98-surprising-household-hazards-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 22 KB
22 KB 127ms
127ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

f2589dd081eab95f91728f2604b640d194e3531af2685f1228125ad8827ed32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA167A87J4QPAN9J88CXC-ams
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 23:11:39 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/98-surprising-household-hazards-wide.jpg--with-webp
content-length: 22182
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 the-real-consequences-of-drunk-driving-wide.jpg
ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/ 19 KB
19 KB 112ms
112ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: HIT
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA167QVXY21QJ7VQ30AFP-ams
cache-control: max-age=14400
via: 2 fly.io
expires: Sat, 23 Nov 2024 04:29:16 GMT
x-cache-key: 500x0/https://static1.st8fm.com/en_US/img/si/750/the-real-consequences-of-drunk-driving-wide.jpg--with-webp
content-length: 19486
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 0
0 450ms
146ms Preflight 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Access-Control-Request-Method: POST
Origin: https://jeffhamiltononline.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods: POST
access-control-allow-origin: https://jeffhamiltononline.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
access-control-max-age: 86400
cache-control: no-cache
date: Sat, 23 Nov 2024 01:31:16 GMT
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 66 B
316 B 148ms
146ms Fetch
application/json 104.198.70.133
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.70.133 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

133.70.198.104.bc.googleusercontent.com

Software

Resource Hash

04a30645a1b86f066432ca1827971fee315cc9f7d8e27423e9ad1089108b5e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

keen-sdk: javascript-5.0.1
Authorization: WK
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-origin: https://jeffhamiltononline.com
content-length: 66
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/json; charset=utf-8
vary: origin

GET
H2 200 favicon.webp
ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/ 6 KB
6 KB 114ms
114ms Other
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to

Full URL: https://ephemera.mirus.io/cache/storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/favicon.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/e285b5c8a (2024-11-20) /
Resource Hash: 41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-goog-metageneration: 3
x-goog-hash: crc32c=5NQfJQ==, md5=vg/FG8wgWq9f3nbClU3krg==
etag: "be0fc51bcc205aaf5fde76c2954de4ae"
x-goog-stored-content-encoding: identity
expires: Fri, 26 Sep 2025 18:58:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 5902
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:15 GMT
content-type: image/webp
last-modified: Thu, 26 Sep 2024 18:36:49 GMT
fly-request-id: 01JDBAA1BGS01YXS5J5CDA73B3-ams
x-guploader-uploadid: AD-8ljupZDyv893vDMwyI2Xg2Js9woGg1Lm6TYeE_txkOsc6s2Ms3_ITAHWyjs6IXCi10qX28rw
x-cache-status: HIT
cache-control: public,max-age=31536000,immutable
x-goog-storage-class: STANDARD
via: 2 fly.io
x-cache-key: https://storage.googleapis.com/tintype.mirus.io/mx-static-shared-assets/master/a9799ec6fc629dc28ec16d49810016c5710641a8/img/favicon.webp
accept-ranges: bytes
access-control-allow-origin: *
x-goog-generation: 1727375809111362
content-length: 5902
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET sfuid.js
static1.st8fm.com/en_US/applications/dasenblt_static_content/ 0
0

GET index.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 780 KB
139 KB 213ms
130ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Requested by

Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1ab81d47b309b3a88ac2388d016836071c13fef93334930a6801a77b165534e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Sat, 23 Nov 2024 01:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 141510
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/statefarm/mirus/ 94 KB
31 KB 154ms
38ms Script
application/javascript 2600:9000:206f:a000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: invocation.deel.c1.statefarm
URL: https://invocation.deel.c1.statefarm/deel.js?prop=agent&optOut=abtesting,survey
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ce5f83e79de0394e472caeba3b86728ad59294fea2c4872bf6d9b99a6b27c274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
x-amz-version-id: JY4FgrfwQmrCDtug1BuOGgr2F3AyB__v
etag: W/"e42032d54d0add435f8d58f4e6aa259f"
age: 712496
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: c_dl_uQtfhouzmGdXXZht7IxejzTC0OPCHY0Fxq_TB3yucQNq_UO1w==
date: Thu, 14 Nov 2024 19:36:21 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 14 Nov 2024 19:34:00 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=300
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536

1 KB
1 KB

56ms
56ms

XHR
application/json

52.48.124.151
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536

Protocol

Server

52.48.124.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-124-151.eu-west-1.compute.amazonaws.com

Software

Resource Hash

75eed96653279d5ad6cd2c1dba5ef7442b4baf3752948768fe044b7e3446af33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-1-v069-071fddb5c.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: dcucKvD9QRQ=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://jeffhamiltononline.com
content-length: 617
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1732325476536
dcs: dcs-prod-irl1-1-v069-070f80e08.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: Bb5HHfYgTPE=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://jeffhamiltononline.com
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:31:16 GMT
vary: Origin

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 503 B
834 B 50ms
50ms Script
text/javascript 2600:9000:206f:a000:2:8f43:5780:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Nov%2014%2019:33:57%20GMT%202024&ClientID=603&PageID=https%3A%2F%2Fjeffhamiltononline.com%2F
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a000:2:8f43:5780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 360f781a2ec020f03033ed69829169a38b7715e65ff6379a705b93d4e342ce17

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
expires: Sat, 23 Nov 2024 01:31:15 GMT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 503
x-amz-cf-id: ZdAXulsthN3J3pwLKktRRBkaDegWl6FzQ_pXaf08PPsYT5QjT9pcmg==
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: text/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H3 200 7407b06afc2819178f249b2d8229c049.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 152 KB
42 KB 42ms
41ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/7407b06afc2819178f249b2d8229c049.js?conditionId0=423109
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 794f44106d45b2eaa51d036975a3f2d3192926e499cb13ea39bef1d10ad1a308

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
x-amz-version-id: KKEUE24f03BWYH2hvPGtBgtfPx0eQaoq
age: 712494
etag: W/"d30b0cce1c141e63a9acc962b67a2db8"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: AggQ8yMWtqh1vcq1K9b9LDN3pgBFr9KPXPhjVglgtEMushl2gDwwiw==
date: Thu, 14 Nov 2024 19:36:22 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 14 Nov 2024 19:34:00 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 1002ca91edaefbd5ced9a815a45c91fc.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 44ms
44ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/1002ca91edaefbd5ced9a815a45c91fc.js?conditionId0=1539709
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: Q1JhtmtuRTybjaI9CRBbKeiLUsbp5bc9
age: 293180
etag: W/"6c07e85833bf1abb3644f87e2b41de69"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 4D6r7iDqzzIwF-mJmkBOboKUTneEXSacFT8yrhPHh7sYDFU00x4WHw==
date: Tue, 19 Nov 2024 16:04:57 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H3 200 5e334ea84cabc62ff640733a87d598af.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
2 KB 44ms
44ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/5e334ea84cabc62ff640733a87d598af.js?conditionId0=567025
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: qcgHGgKViDglNuNW2WXQDzl6fS.KMh0O
age: 293180
etag: W/"5418d8c4cd6405b507c0398211fa991d"
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: NztIru_WoszoWYap35qsq1GynCQeXkkd1TaUh5k2PMfepZavbwrTag==
date: Tue, 19 Nov 2024 16:04:57 GMT
content-type: application/javascript; charset=utf-8
vary: accept-encoding
last-modified: Thu, 24 Oct 2024 21:30:34 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
server: CloudFront
x-amz-server-side-encryption: AES256

GET dataLayer_logic.js
deel-id-persistence.deel.c1.statefarm/ 0
0

GET
H3 204 e.gif
nexus.ensighten.com/error/ 0
219 B 42ms
42ms Image
text/plain 65.9.66.24
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=TypeError%3A%20Cannot%20read%20properties%20of%20null%20(reading%20%27addEventListener%27)%20at%20c.Rule.code%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2Fcode%2F7407b06afc2819178f249b2d8229c049.js%3FconditionId0%3D423109%3A77%3A364)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A28)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)%20at%20c.Rule.execute%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A11%3A226)%20at%20e.test%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A6%3A484)%20at%20c.testAll%20(https%3A%2F%2Fnexus.ensighten.com%2Fstatefarm%2Fmirus%2FBootstrap.js%3A9%3A90)&lnn=-1&fn=Microsites%20New%20M-Pages&cid=603&client=statefarm&publishPath=mirus&rid=4099729&did=710940&errorName=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store
age: 30237
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: k-lPqXwzWV4ypH9iH7UcIKYUnIEeA0ogvUpWFDPG7u3E5PMPPYWv0w==
date: Fri, 22 Nov 2024 17:07:19 GMT
x-amz-cf-pop: FRA56-C1
server: CloudFront

POST
H3 200 collect
www.google.com/ccm/ 0
0 126ms
48ms Ping
text/plain 142.250.186.36
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fjeffhamiltononline.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=413959842.1732325477&auid=1645495527.1732325477&npa=1&gtm=45He4bk0v849799669za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732325476719&tfd=2800&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 438 KB
140 KB 76ms
73ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2008b50285ae4d9dd18aebeedeaf43f62b306e105338c7af86fbf4623ba1ab99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 01:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 143651
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 56ms
54ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

434fefcfe155b60b5dff1009505eaf37d5b389071c0c5d2a58a5238ab1fa2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sat, 23 Nov 2024 01:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85019
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 40ms
39ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-8moYeFyn' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-8moYeFyn' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: UNKNOWN; q=-1, rtt=-1, rtx=0, c=20, mss=1232, tbw=1826, tp=5, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: LDOpKKKASlvgOjOdiqYXKq+TZYzHWFcac5Fdc3+EHtAPP0yySs7OD1Uyo4ZbWH3o2jF9vLQP456QFhl2h1O7og==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 234 KB
83 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a71be2454325807092184184a82ada4705bdc2812739ebebd1d8e3ebd85a1fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 23 Nov 2024 01:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 85034
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 259 KB
92 KB 97ms
97ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11220053904&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

355824963b53703078284551327b4393df7ab1f97a776696f674a9cbce288d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Sat, 23 Nov 2024 01:31:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 23 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94087
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 132ms
38ms Script
application/javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"6e81002d3e79d18a41e8712ae4e87c69"
Age: 64395
Connection: keep-alive
Via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: ZEihCPqKos49pzntQPwZLs9SVBcyJ7Cv92aah4yOg8x_8rqc-6Bh1Q==
Date: Fri, 22 Nov 2024 17:01:11 GMT
Content-Type: application/javascript
Last-Modified: Thu, 21 Nov 2024 07:37:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
x-amz-server-side-encryption: AES256

GET
H2 200 scevent.min.js Show response
sc-static.net/ 55 KB
24 KB 151ms
58ms Script
application/javascript 3.163.248.4
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.163.248.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: private, s-maxage=0, max-age=600
content-encoding: gzip
via: 1.1 aee4c9903e170ea04f27c2de2e7b8f3c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 23798
x-amz-cf-id: HDG5XKiUYOaHR72biPbc-q86GhzDJQeL2eg5OXQiHqtlVhGUisFzAg==
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: application/javascript;charset=utf-8
x-amz-cf-pop: HAM50-P1
server: CloudFront
access-control-allow-headers: Content-Type

GET
H2 200 invoca-latest.min.js Show response
solutions.invocacdn.com/js/ 110 KB
38 KB 176ms
45ms Script
text/javascript 13.225.78.124
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0347ac59cf1dfd775ba07d6c2a43b4966252684f0ab4326a5ca196ecc265c3df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

content-encoding: gzip
x-amz-version-id: 1Kl0nNCU9DO8eQczeaAz_hVUU1jebMRg
etag: W/"6b4f04b76a500ff1cfe28607e91a21e8"
age: 1000
x-cache: Hit from cloudfront
x-amz-cf-id: N0ZC-gdkSYE8y_w9e2p-WxB_OTp6ypTg0iI50ptkLxs_FUG-f2cqDw==
date: Sat, 23 Nov 2024 01:14:37 GMT
content-type: text/javascript; charset=utf-8
vary: accept-encoding
last-modified: Mon, 18 Nov 2024 18:11:40 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=3600
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 9950 0
0 121ms
38ms Document
text/html 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fjeffhamiltononline.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:24:37 GMT
expires: Sun, 23 Nov 2025 01:24:37 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 402-mobile-credit-card-readers-wide.jpg
ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/ 20 KB
20 KB 113ms
113ms Image
image/webp 2a09:8280:1::42:4195
FLY

General

Check archive.org

Download Go to Show image

Full URL

https://ephemera.mirus.io/imgr/500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a09:8280:1::42:4195 , United States, ASN40509 (FLY, US),

Reverse DNS

Software

Fly/e285b5c8a (2024-11-20) /

Resource Hash

3e55f42cdfeda9d81d771821a073e9fde89ca2621d06ef3705be0f826b9ef723

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

x-cache-status: STALE
strict-transport-security: max-age=15724800; includeSubDomains
fly-request-id: 01JDBAA2DSGMG20D5WHT0SPNKR-ams
cache-control: max-age=14400, public
via: 2 fly.io
expires: Fri, 29 Nov 2024 20:36:10 GMT
x-cache-key: 500x0/https://www.statefarm.com/content/dam/sf-library/en-us/secure/legacy/simple-insights/402-mobile-credit-card-readers-wide.jpg--with-webp
content-length: 20636
x-instance: 3287444ec4d918
date: Sat, 23 Nov 2024 01:31:16 GMT
content-type: image/webp
content-disposition: inline
vary: Accept
server: Fly/e285b5c8a (2024-11-20)
x-region: ewr

GET
H2 200 dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 60DC 0
0 190ms
55ms Document
text/html 54.154.212.37
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.154.212.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-212-37.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sat, 23 Nov 2024 01:31:16 GMT
dcs: dcs-prod-irl1-1-v069-070f80e08.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 11 Nov 2024 10:06:31 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: KZ1hro1URHg=

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
470 B 496ms
50ms XHR
application/x-javascript 63.140.62.17
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=40607284441572645074128242085344280388&ts=1732325476806

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

9ec3254f67931c200b9b753a9f8db270a0d635e51c0c6972684f6ff23bfd019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://jeffhamiltononline.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Sat, 23 Nov 2024 01:31:17 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Z0EwZQAAAFsIUANx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=37126975941192114313645324725854319768
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwZQAAAFsIUANx

42 B
717 B

54ms
54ms

Image
image/gif

52.48.124.151
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwZQAAAFsIUANx

Protocol

Server

52.48.124.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-124-151.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v069-0b0020d8d.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 9K8fSlf8Tuw=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Sat, 23 Nov 2024 01:31:17 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0EwZQAAAFsIUANx
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Sat, 23 Nov 2024 01:31:17 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET 528857779805042
connect.facebook.net/signals/config/ 0
0

GET
H2

200

activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=2077...
11264551.fls.doubleclick.net/ Frame A95B
Redirect Chain

https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=2...
https://11264551.fls.doubleclick.net/activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent...

0
0

55ms
54ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://11264551.fls.doubleclick.net/activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11264551&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 400
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:31:17 GMT
expires: Sat, 23 Nov 2024 01:31:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Nov 2024 01:31:17 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11264551.fls.doubleclick.net/activityi;dc_pre=CKTmz6Wn8YkDFWOh_Qcdcc407A;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;ua...
ad.doubleclick.net/ 0
23 B 141ms
74ms Image
image/png 142.250.185.70
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=11264551;type=micro0;cat=micro006;ord=7350918974140;npa=1;auiddc=1645495527.1732325477;u9=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000;ps=1;pcor=207744364;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4bk0v9189994286z8849799669za201;gcd=13l3l3l2l1l1;dma_cps=syphamo;dma=1;tag_exp=101925629~102067555~102067808~102077855~102081485;epver=2;~oref=https%3A%2F%2Fjeffhamiltononline.com%2F?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Sat, 23 Nov 2024 01:31:16 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"4539999521309514815"}],"aggregatable_trigger_data":[{"filters":[{"14":["12962750"]}],"key_piece":"0xd89e8248394d586f","source_keys":["12","13","14","15","16","17","18","19","20","21","22972304","22972305","22972306","22972307","22990996","22990997","22990998","22990999","24809972","24809973","24809974","24809975","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","641996976","641996977","641996978","641996979","642033868","642033869","642033870","642033871","905571280","905571281","905571282","905571283"]},{"key_piece":"0x298c7bb1bba9e72d","not_filters":{"14":["12962750"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","22972304","22972305","22972306","22972307","22990996","22990997","22990998","22990999","24809972","24809973","24809974","24809975","26351264","26351265","26351266","26351267","27131696","27131697","27131698","27131699","27166016","27166017","27166018","27166019","27171248","27171249","27171250","27171251","27836104","27836105","27836106","27836107","27838264","27838265","27838266","27838267","641996976","641996977","641996978","641996979","642033868","642033869","642033870","642033871","905571280","905571281","905571282","905571283"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"22972304":65,"22972305":65,"22972306":65,"22972307":6356,"22990996":46,"22990997":46,"22990998":46,"22990999":4540,"24809972":59,"24809973":59,"24809974":59,"24809975":5778,"26351264":54,"26351265":54,"26351266":54,"26351267":5297,"27131696":65,"27131697":65,"27131698":65,"27131699":6356,"27166016":50,"27166017":50,"27166018":50,"27166019":4889,"27171248":72,"27171249":72,"27171250":72,"27171251":7062,"27836104":72,"27836105":72,"27836106":72,"27836107":7062,"27838264":72,"27838265":72,"27838266":72,"27838267":7062,"641996976":655,"641996977":655,"641996978":655,"641996979":63569,"642033868":54,"642033869":54,"642033870":54,"642033871":5297,"905571280":81,"905571281":81,"905571282":81,"905571283":7946},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"9962634763030311348","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4539999521309514815","filters":[{"14":["12962750"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"4539999521309514815","filters":[{"14":["12962750"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"4539999521309514815","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"4539999521309514815","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["11264551"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 up
insight.adsrvr.org/track/ Frame C5E0 0
0 309ms
58ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fjeffhamiltononline.com%2F&upid=t8xbszz&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Sat, 23 Nov 2024 01:31:17 GMT
server: Kestrel

GET
H2 200 up
insight.adsrvr.org/track/ Frame D122 0
0 307ms
58ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ijc4snf&ref=https%3A%2F%2Fjeffhamiltononline.com%2F&upid=9nilek2&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-length: 0
content-type: text/html
date: Sat, 23 Nov 2024 01:31:17 GMT
server: Kestrel

GET
H2 200 collect Show response
sst.statefarm.com/g/ 1 KB
1 KB 1124ms
180ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4bk0v9178161793z8849799669za200zb849799669&_p=1732325476362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&cid=1880802233.1732325477&ecid=608130653&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1732325476362&sst.ude=0&_s=1&sid=1732325476&sct=1&seg=0&dl=https%3A%2F%2Fjeffhamiltononline.com%2F&dt=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&en=page_view&_fv=1&_nsi=1&_ss=1&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000&up.ECID=&tfd=3029&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

f367d5bfb30e2197e07a3607ff0261a13417660bb59c0961f6cd642d1297b700

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:18 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 3343c101-8725-4e3e-a691-2052c85e1bce.json Show response
tr.snapchat.com/config/com/ 101 B
195 B 330ms
145ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/config/com/3343c101-8725-4e3e-a691-2052c85e1bce.json?v=3.34.0-2411121854

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
accept: application/json
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 96
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101
date: Sat, 23 Nov 2024 01:31:17 GMT
content-type: application/json
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 1116 0
0 230ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=3343c101-8725-4e3e-a691-2052c85e1bce&u_scsid=65d90393-df1a-4078-9dda-cea4e30b7857&u_sclid=a342f057-832d-473c-af33-90d854135941

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 23 Nov 2024 01:31:17 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 2f0ca4be-e310-4347-a688-421e70cfc0e5.js Show response
tr.snapchat.com/config/com/ 210 B
483 B 328ms
144ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/config/com/2f0ca4be-e310-4347-a688-421e70cfc0e5.js?v=3.34.0-2411121854

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

9d64d9e6207590d3593b8a33dcd21f2b5c61241ae565b0063617bd878f34b5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://jeffhamiltononline.com
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 95
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 210
date: Sat, 23 Nov 2024 01:31:17 GMT
content-type: application/javascript
server: API Gateway

GET
H2 200 i
tr.snapchat.com/cm/ Frame 49A4 0
0 228ms
49ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=2f0ca4be-e310-4347-a688-421e70cfc0e5&u_scsid=65d90393-df1a-4078-9dda-cea4e30b7857&u_sclid=a342f057-832d-473c-af33-90d854135941

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://jeffhamiltononline.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sat, 23 Nov 2024 01:31:17 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 tag-live.js Show response
solutions.invocacdn.com/js/networks/2724/2306363986/ 5 KB
1 KB 441ms
441ms Script
text/javascript 13.225.78.124
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://solutions.invocacdn.com/js/networks/2724/2306363986/tag-live.js
Requested by: Host: solutions.invocacdn.com
URL: https://solutions.invocacdn.com/js/invoca-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

vary: accept-encoding
x-amz-replication-status: COMPLETED
cache-control: max-age=300
content-encoding: br
x-amz-version-id: WDcvF9IhJbF8ts9jXNci51nKym_IvHxV
etag: W/"bba2ad42c01bffaa3e7409c911586e23"
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-cache: RefreshHit from cloudfront
x-amz-cf-id: 8rJtk-Gxs_P4LKN0WuHIfvGdYcwqXNyVMT0qBWLekKhUfRaSLwCgww==
date: Sat, 23 Nov 2024 01:31:18 GMT
content-type: text/javascript
last-modified: Mon, 16 Sep 2024 18:28:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256

POST
H2 200 p
tr.snapchat.com/ 0
244 B 136ms
51ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 5
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Nov 2024 01:31:17 GMT
server: API Gateway

GET
H2 200 s09905815529309
smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/ 43 B
324 B 53ms
53ms Image
image/gif 63.140.62.17
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/1/JS-2.1.0/s09905815529309?AQB=1&ndh=1&pf=1&t=23%2F10%2F2024%202%3A31%3A17%206%20-60&D=..&mid=40607284441572645074128242085344280388&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-m%3Abrp941ys000&g=https%3A%2F%2Fjeffhamiltononline.com%2F&ch=sf%3Aus%3Aagent-micro-m&server=jeffhamiltononline.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-m%3Abrp941ys000&h1=home%7Cagent-micro-m%7Cbrp941ys000&c4=sf%3Aagent-micro-m%3Abrp941ys000&v6=jeffhamiltononline.com&v8=538466&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fjeffhamiltononline.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=friday%7C8%3A30pm&v50=11%2F22%2F2024&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28x11%3B%20linux%20x86_64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F130.0.0.0%20safari%2F537.36&c70=en&v121=ens%7Cdeel&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3720140634905018368-4618253209615937108
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 01:31:17 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Sat, 23 Nov 2024 01:31:17 GMT
x-xss-protection: 1; mode=block
last-modified: Sun, 24 Nov 2024 01:31:17 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

POST
H2 200 p
tr6.snapchat.com/ 0
45 B 84ms
48ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr6.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://jeffhamiltononline.com/

Response headers

via: 1.1 google
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Nov 2024 01:31:17 GMT
x-envoy-upstream-service-time: 0
server: API Gateway

GET
H2 200 collect Show response
sst.statefarm.com/g/ 740 B
1 KB 602ms
162ms Fetch
text/plain 34.128.179.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Download Go to

Full URL

https://sst.statefarm.com/g/collect?v=2&tid=G-3WRNTYXP84&gtm=45je4bk0v9178161793z8849799669za200zb849799669&_p=1732325476362&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&cid=1880802233.1732325477&ecid=608130653&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-NW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1732325476362&sst.ude=0&_s=2&sid=1732325476&sct=1&seg=0&dl=https%3A%2F%2Fjeffhamiltononline.com%2F&dt=Home%2C%20Auto%20Insurance%20%26%20More%20in%20TX%20%7C%20Jeff%20Hamilton%20%E2%80%93%20State%20Farm%C2%AE&en=MS_LP_Stand_AgentM2Site&ep.s_pageName=sf%3Aundefined%3Aagent-micro-m%3ABRP941YS000&_et=3&tfd=3534&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3WRNTYXP84&l=GTMdataLayer&cx=c&gtm=45He4bk0v849799669za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.128.179.202 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

202.179.128.34.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

8d4ed1f2cbcdac4ad8f7a4191a0f417cfd9d1af7423d5bd348c9cefe4e9c283f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:17 GMT
content-type: text/plain
server: Google Frontend

POST
H2 200 p
tr.snapchat.com/ 0
46 B 51ms
48ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://jeffhamiltononline.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 2
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://jeffhamiltononline.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sat, 23 Nov 2024 01:31:17 GMT
server: API Gateway

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
510 B 136ms
45ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&gtm=45j91e4bj1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&_gsid=3WRNTYXP84J0LdM5-SsKJvB_6mTQRNxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:18 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 131ms
84ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&tid=G-3WRNTYXP84&cid=1880802233.1732325477&gtm=45j91e4bj1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&aip=1&z=897299163

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:31:18 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
47 B 156ms
82ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&gtm=45j91e4bj1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&_gsid=3WRNTYXP84LFamgG4Q30vH-kDSELV-eg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:18 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 80ms
49ms Image
image/gif 216.58.206.67
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sat, 23 Nov 2024 01:31:18 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
510 B 154ms
47ms Image
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&npa=1&gcd=13l3l3l2l1l1&tid=G-3WRNTYXP84&cid=1880802233.1732325477&gtm=45j91e4bj1v9178161793z8849799669z99193227662za200zb849799669&tag_exp=101925629~102067555~102067808~102077855~102081485~102114364&aip=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://jeffhamiltononline.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 23 Nov 2024 01:31:18 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static1.st8fm.com
URL: https://static1.st8fm.com/en_US/applications/dasenblt_static_content/sfuid.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/index.js

Domain: deel-id-persistence.deel.c1.statefarm
URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js

Domain: connect.facebook.net
URL: https://connect.facebook.net/signals/config/528857779805042?v=2.9.176&r=stable&domain=jeffhamiltononline.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-21 01:13:31	Name: X-AB Value: 669381af4a0f468cb95458c3b530b177
jeffhamiltononline.com/	1970-01-21 01:13:31	Name: __cheesecrd_version Value: master
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_gad Value: 1
.jeffhamiltononline.com/	1970-01-21 03:21:41	Name: _gcl_au Value: 1.1.1645495527.1732325477
.demdex.net/	1970-01-21 05:31:17	Name: demdex Value: 37126975941192114313645324725854319768
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: _ga Value: GA1.1.1880802233.1732325477
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: _ga_3WRNTYXP84 Value: GS1.1.1732325476.1.0.1732325476.0.0.608130653
.jeffhamiltononline.com/	1970-01-21 10:41:52	Name: _scid Value: uOfPPOMjCeEbHKtq1X4ngM78i7dGBlap
.jeffhamiltononline.com/	1970-01-21 10:41:52	Name: _scid_r Value: uOfPPOMjCeEbHKtq1X4ngM78i7dGBlap
.doubleclick.net/	1970-01-21 01:55:17	Name: ar_debug Value: 1
.dpm.demdex.net/	1970-01-21 05:31:17	Name: dpm Value: 37126975941192114313645324725854319768
.doubleclick.net/	1970-01-21 05:31:17	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 10:33:41	Name: IDE Value: AHWqTUlTcYsUtDSXd4uVlWAA2tMYCkNbzHE_v5NBawMD7dmr-fIzy4lUPsyhSVWmLXo
.statefarm.com/	1970-01-21 10:48:05	Name: s_ecid Value: MCMID%7C40607284441572645074128242085344280388
.demdex.net/	1970-01-21 05:31:17	Name: dextp Value: 771-1-1732325477009\|903-1-1732325477109\|30646-1-1732325477210\|66757-1-1732325477310
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-m%3ABRP941YS000
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_pre_v6 Value: jeffhamiltononline.com
.jeffhamiltononline.com/	1970-01-21 01:12:07	Name: s_dl Value: 1
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271732325477312%27%5D%5D
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fjeffhamiltononline.com%2F%7Caowsv%3D538466%7CentryProperty%3Dhttps%3A%2F%2Fjeffhamiltononline.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-m%7Cs_prev_ch%3Dagent-micro-m%7Cs_prev_pn%3DBRP941YS000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-m%3ABRP941YS000%7Cmc%3Ddirect%20load%7C
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 179643557%7CMCIDTS%7C20051%7CMCMID%7C40607284441572645074128242085344280388%7CMCAAMLH-1732930276%7C6%7CMCAAMB-1732930276%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1732332677s%7CNONE%7CMCSYNCSOP%7C411-20058%7CMCAID%7CNONE%7CvVersion%7C5.5.0
.jeffhamiltononline.com/	1970-01-21 01:22:10	Name: _ScCbts Value: %5B%5D
.jeffhamiltononline.com/	1970-01-21 10:48:05	Name: invoca_session Value: %7B%22ttl%22%3A%222024-12-23T01%3A31%3A17.428Z%22%2C%22session%22%3A%7B%7D%2C%22config%22%3A%7B%22ce%22%3Atrue%2C%22fv%22%3Atrue%7D%7D

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://online.statefarm.com/ddc/trafficdetection.aspx Message: Failed to load resource: the server responded with a status of 403 ()
javascript	error	URL: https://jeffhamiltononline.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/index.js' from origin 'https://jeffhamiltononline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/index.js Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://jeffhamiltononline.com/ Message: Access to script at 'https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js' from origin 'https://jeffhamiltononline.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://deel-id-persistence.deel.c1.statefarm/dataLayer_logic.js Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://jeffhamiltononline.com/ Message: The resource https://ephemera.mirus.io/imgr/1200x0/https://storage.googleapis.com/static.mirus.io/images/banners/mx-pre-approved/m1_web_206293605.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
ad.doubleclick.net
cm.everesttech.net
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
djwmpmz818tx4.cloudfront.net
dpm.demdex.net
ephemera.mirus.io
insight.adsrvr.org
invocation.deel.c1.statefarm
jeffhamiltononline.com
js.adsrvr.org
nexus.ensighten.com
online.statefarm.com
peachy.prod.mirus.io
region1.analytics.google.com
sc-static.net
smetrics.statefarm.com
solutions.invocacdn.com
sst.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static1.st8fm.com
stats.g.doubleclick.net
tr.snapchat.com
tr6.snapchat.com
www.google.com
www.google.de
www.googletagmanager.com
connect.facebook.net
deel-id-persistence.deel.c1.statefarm
static1.st8fm.com
104.198.70.133
117.18.238.236
13.225.78.124
142.250.184.230
142.250.185.70
142.250.186.36
15.197.193.217
157.240.253.1
2001:4860:4802:32::36
216.58.206.67
2600:9000:206f:a000:2:8f43:5780:93a1
2600:9000:2240:7800:14:17ae:9e00:21
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9d
2a09:8280:1::42:4195
3.163.248.4
3.218.177.249
34.128.179.202
34.69.219.172
35.190.43.134
52.48.124.151
54.154.212.37
54.154.90.74
63.140.62.17
65.9.65.116
65.9.66.24
0347ac59cf1dfd775ba07d6c2a43b4966252684f0ab4326a5ca196ecc265c3df
04a30645a1b86f066432ca1827971fee315cc9f7d8e27423e9ad1089108b5e5b
07259c4d796190e9815d1c4ee240109b4fa222e1276ec031ba52ca067dca7653
1dc3ee4a133e6eb7e9f114ad5aa6ccea174d8eecd33664f3b9f7baee80a5b6a2
1e2e6fcdd7f9ebb38ef2e0d2aa2281029760d1dd587484afe27d3232f312b95d
1f8539d89c61cf953dd16255d35a8c4365ea71fe107ecc457ff83ced430c8ab9
2008b50285ae4d9dd18aebeedeaf43f62b306e105338c7af86fbf4623ba1ab99
21a993f66c0090b2aa4ef3fe06efa20c6a4b062aa00bd7901f87a4857e0fbcdc
272f0ace53f0400f823ff960164bb9bb118aa21b947ff29cb1e6b968e777dafd
28ab1b75d1bed53b17015cbfc70fd243f4dd0b595006e2e0defc11cc296532fc
355824963b53703078284551327b4393df7ab1f97a776696f674a9cbce288d18
360f781a2ec020f03033ed69829169a38b7715e65ff6379a705b93d4e342ce17
3e55f42cdfeda9d81d771821a073e9fde89ca2621d06ef3705be0f826b9ef723
41131d6396fe2757796d08a8c01d334657c900012c31c268e153f1ed9f2779c9
42c44fa5899fbbd1805d74252f8edd7337aecf6c7bd103e96f1eb110ab7ef9d5
434fefcfe155b60b5dff1009505eaf37d5b389071c0c5d2a58a5238ab1fa2a00
452142b3ddf609268cc9e35391334d0043b4b2f7e6fe1e02240346bbdb0957c4
4e7fa25760db71180329c96b2cbee941ef1f4fce9797d083c8be4ffa139747e4
4f942687400c45a86b7a8d712e5ba0f4833c3837ed142f0ee65b3dbc41d0b061
504cbaedd27a2dfc913ef7a4089b75f1fe46a9c5e00c27d9259dfb79186b5e34
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
59f0ba5c76187b437c4d201c329da3c42036a2eefdbfc89f40e08bed85077bfb
5cca16f85c6a40f7ea6ca088b90e94c1373056aa39cd8cd6e1ab936802dcc4ec
5ec6df60102ee7a254e9f4f221d5edd42b8afd35accaf2b128aaa802303bfcd8
6c557f92427f425b2d87dcbf69bb8e1a9f76b224ebe4b84871f60f0fcbc36488
7005839bd8625132c1938c37ec0c3e338fcaabb0652bdba0bd649923ae226172
71a15ef06aad42d0a901e7eb7e2099f2ac3b120a81f75dc477acc60a528ba17e
734c888b490f0e385eca51abdc568dcb368b8c24d728c06e2acb5b4002f22c24
75eed96653279d5ad6cd2c1dba5ef7442b4baf3752948768fe044b7e3446af33
77ad5d8c41d29606b03f98cc1fcabe0fdbca93c411a63596a9ace9b84e3a9640
781a7423f3850ec7fd24b88675e4c657a021de95446dee383845f50c5ee26314
794f44106d45b2eaa51d036975a3f2d3192926e499cb13ea39bef1d10ad1a308
810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce
83526314b1fd8fb11460e3817fe7cf8442de3eea006d7a1ca81951f3426930cf
890265e01c43d8144a48919076e65e4a3b92ffb43db367eb57ac98bfa940ce7b
891eec21df42d40440bc9c3dee3aa2dda8ada02102865925b7edc7e4802f46f6
8d4ed1f2cbcdac4ad8f7a4191a0f417cfd9d1af7423d5bd348c9cefe4e9c283f
9d64d9e6207590d3593b8a33dcd21f2b5c61241ae565b0063617bd878f34b5f9
9ec3254f67931c200b9b753a9f8db270a0d635e51c0c6972684f6ff23bfd019f
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a71be2454325807092184184a82ada4705bdc2812739ebebd1d8e3ebd85a1fab
af693cb19d143c832ca90a57bf46888527bc3d8b65138a87177f6cbbe5b78a6a
b42d87f83f435663ec749627fc2ee7aca8412ee37f486572ef8ba98bf80ca6b5
b88addf5d189908f4b2a0e7d3f4a76a231a1de9b0affda6ca6953b8bee5965b8
befea78b20324739582ae2458e7b3677fd4ac77acbf60aaeb476e4fcd84e58b1
c0a3ad55ba9bad79266d475e1d181c8a8f32a5a58a33e9a31adf91a8edac2c11
c3761d4cd0b55c2fa44aea032ad60824334f55210c1c497f66feb141860f16d8
ca4079b45eb719dafb86f764c262fae2518608b533d4714aa5f897d961001cf1
ce5f83e79de0394e472caeba3b86728ad59294fea2c4872bf6d9b99a6b27c274
d599ac64a683a6635e83ae06b947627fe995fedd193bda8d544f432d42a985aa
d67459ce9dc53557007c678187d006099d3959b43674749777f1c36da65db388
d835ef5a85deb9cccbe7c01f71fa555d72c25b49f07368645fba6022d79273a5
d98509f5351c7f8a41a5aa749a3ca3e1fe31984a4e8dddbe436508e69b77434e
da8d46b17fa3662d15b0cd41da8c4952c321723e47662336bf629db3a951699a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea43135577a6db7ab25a8cbd12b6f42abcd1d6b960fc9a86f95df8365791110e
eb3d4090e3f2ca70f75502e27dcf47b158d96dc796a44a820f726856f418ee9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e8f04bdec051cacda6984d4c2ff1b8afdac3ac3c6e2c08d3c92bbda69d3aa1
f1ab81d47b309b3a88ac2388d016836071c13fef93334930a6801a77b165534e
f2589dd081eab95f91728f2604b640d194e3531af2685f1228125ad8827ed32d
f367d5bfb30e2197e07a3607ff0261a13417660bb59c0961f6cd642d1297b700

jeffhamiltononline.com Open in urlscan Pro 34.69.219.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

84 Requests

93 %HTTPS

23 %IPv6

18 Domains

28 Subdomains

26 IPs

4 Countries

1542 kBTransfer

4210 kBSize

26 Cookies

35 Outgoing links

Page URL History

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jeffhamiltononline.com Open in urlscan Pro
34.69.219.172 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

93 %
HTTPS

23 %
IPv6

18
Domains

28
Subdomains

26
IPs

4
Countries

1542 kB
Transfer

4210 kB
Size

26
Cookies

84 HTTP transactions
0 data transactions