jeffhamiltononline.com Open in urlscan Pro
45.33.12.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jeffhamiltononline.com/
Effective URL:
https://jeffhamiltononline.com/
Submission Tags: fd s1 d6 Search All
Submission: On January 15 via api (January 15th 2022, 6:32:56 am UTC) from US — Scanned from DE

Summary HTTP 64 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 17 domains to perform 64 HTTP transactions. The main IP is 45.33.12.50, located in Richardson, United States and belongs to LINODE-AP Linode, LLC, US. The main domain is jeffhamiltononline.com.
TLS certificate: Issued by R3 on December 30th 2021. Valid for: 3 months.

This is the only time jeffhamiltononline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.33.12.50 45.33.12.50	63949 (LINODE-AP...) (LINODE-AP Linode)
11	13.224.193.23 13.224.193.23	16509 (AMAZON-02) (AMAZON-02)
1	152.195.54.7 152.195.54.7	15133 (EDGECAST) (EDGECAST)
2	35.202.0.144 35.202.0.144	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
19	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 7	54.72.188.68 54.72.188.68	16509 (AMAZON-02) (AMAZON-02)
3	18.197.253.20 18.197.253.20	16509 (AMAZON-02) (AMAZON-02)
1	52.18.187.187 52.18.187.187	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	52.50.54.3 52.50.54.3	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1 1	52.54.229.60 52.54.229.60	14618 (AMAZON-AES) (AMAZON-AES)
1	52.16.165.86 52.16.165.86	16509 (AMAZON-02) (AMAZON-02)
64	13

13 45.33.12.50 (Richardson, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: plinko0.mirus.io

jeffhamiltononline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.224.193.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-23.fra2.r.cloudfront.net

mysf.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.195.54.7 (United States)

ASN15133 (EDGECAST, US)

static1.st8fm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.202.0.144 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 144.0.202.35.bc.googleusercontent.com

peachy.prod.mirus.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.72.188.68 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.187.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

statefarmmutualautomobileinsurancecompany.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

smetrics.statefarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.54.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.229.60 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-229-60.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.165.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-165-86.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	244 KB
13	jeffhamiltononline.com 1 redirects jeffhamiltononline.com	306 KB
11	mysf.io mysf.io — Cisco Umbrella Rank: 204295	755 KB
8	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 184 statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 5744	10 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2314	48 KB
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 896 beacon.krxd.net — Cisco Umbrella Rank: 356	529 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	935 B
2	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 169	711 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 279	803 B
2	statefarm.com smetrics.statefarm.com — Cisco Umbrella Rank: 37079	2 KB
2	fbcdn.net scontent.xx.fbcdn.net — Cisco Umbrella Rank: 357 static.xx.fbcdn.net — Cisco Umbrella Rank: 658	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	84 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	50 KB
2	mirus.io peachy.prod.mirus.io — Cisco Umbrella Rank: 149183	327 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 775	890 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 776	517 B
1	st8fm.com static1.st8fm.com — Cisco Umbrella Rank: 6573	27 KB
64	17

	Domain	Requested by
19	www.facebook.com	connect.facebook.net www.facebook.com
13	jeffhamiltononline.com	1 redirects jeffhamiltononline.com
11	mysf.io	jeffhamiltononline.com
7	dpm.demdex.net	1 redirects jeffhamiltononline.com
3	nexus.ensighten.com	jeffhamiltononline.com
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	idsync.rlcdn.com	2 redirects
2	smetrics.statefarm.com	mysf.io jeffhamiltononline.com
2	connect.facebook.net	mysf.io connect.facebook.net
2	www.youtube.com	mysf.io www.youtube.com
2	peachy.prod.mirus.io	mysf.io
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	cm.everesttech.net	1 redirects
1	statefarmmutualautomobileinsurancecompany.demdex.net	jeffhamiltononline.com
1	static.xx.fbcdn.net	www.facebook.com
1	scontent.xx.fbcdn.net	www.facebook.com
1	static1.st8fm.com	jeffhamiltononline.com
64	20

This site contains links to these domains. Also see Links.

Domain
www.statefarm.com
proofing.statefarm.com
www.facebook.com
www.linkedin.com
twitter.com
www.yelp.com
brokercheck.finra.org
www.google.com
apps.statefarm.com
financials.statefarm.com
www.youtube.com
static1.st8fm.com
americanpetinsurance.com
itunes.apple.com
play.google.com
es.statefarm.com

Subject Issuer	Validity	Valid
jeffhamiltononline.com R3	`2021-12-30` - `2022-03-30`	3 months	crt.sh
mysf.io Amazon	`2021-03-25` - `2022-04-23`	a year	crt.sh
www.statefarm.com Entrust Certification Authority - L1K	`2021-12-23` - `2023-01-19`	a year	crt.sh
peachy.prod.mirus.io R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-24` - `2022-01-22`	3 months	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-14` - `2022-10-12`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
smetrics.statefarm.com Entrust Certification Authority - L1K	`2021-01-06` - `2022-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://jeffhamiltononline.com/
Frame ID: D1252EF0829612C62FF8E08C4252AB3A
Requests: 40 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv12.0%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df164ba1c0f2bd58%2526domain%253Djeffhamiltononline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjeffhamiltononline.com%25252Ff29086657385178%2526relation%253Dparent.parent%26container_width%3D312%26height%3D597%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F356095217513%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D312px
Frame ID: 06E6748B155CF379033C8E76026F3C2E
Requests: 21 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: 000761E499433EF6A1F41BD122180231
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

TX Auto & Home Insurance Agent Jeff Hamilton - State Farm®

Page URL History Show full URLs

http://jeffhamiltononline.com/ HTTP 301
https://jeffhamiltononline.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

64
Requests

89 %
HTTPS

17 %
IPv6

17
Domains

20
Subdomains

13
IPs

4
Countries

1529 kB
Transfer

3119 kB
Size

29
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.statefarm.com/?agentAssociateId=BRP941YS000
Title: StateFarm

Search URL Search Domain Scan URL

URL: https://proofing.statefarm.com/login-interceptor/login?agentAssociateId=BRP941YS000
Title: Log In

Search URL Search Domain Scan URL

URL: https://www.facebook.com/356095217513

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/jeff-hamilton-9026b832

Search URL Search Domain Scan URL

URL: https://twitter.com/jshagency

Search URL Search Domain Scan URL

URL: https://www.yelp.com/biz/jeff-hamilton-state-farm-insurance-agent-college-station

Search URL Search Domain Scan URL

URL: https://brokercheck.finra.org/
Title: FINRA’s BrokerCheck

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/search/?api=1&z=22&query=30.577052%2C-96.28056&query_place_id=ChIJ-ViR2u-ERoYRxF-KGcl0MkU
Title: Map & Directions

Search URL Search Domain Scan URL

URL: https://apps.statefarm.com/lite-auth/view-insurance-card
Title: Get ID Card

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/retrievequote?agentAssociateId=BRP941YS000
Title: Continue a saved quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/auto/resources/auto-insurance-checklist?agentAssociateId=BRP941YS000
Title: Items needed for a quote

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/claims?agentAssociateId=BRP941YS000
Title: File a Claim

Search URL Search Domain Scan URL

URL: https://financials.statefarm.com/UnauthenticatedPaymentsUI-web/unauth/launchApp.do?agentAssociateId=BRP941YS000
Title: Send Payment

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/auto-and-vehicles/to-buy-or-to-lease-a-car-this-calculator-can-help-you-decide?agentAssociateId=BRP941YS000
Title: Tips to help decide whether to buy or to lease a carUse this calculators and enter the details of the purchase and lease options and see if buying or leasing a car is right for you. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/retirement/planning-for-an-easier-retirement-without-a-mortgage?agentAssociateId=BRP941YS000
Title: Planning for an easier retirement without a mortgageRetiring without mortgage payments could mean less debt and monetary worries in your retirement years. Here are a few tips to help. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/family/protect-your-kids-from-hot-cars?agentAssociateId=BRP941YS000
Title: Protect your kids from heatstroke in hot carsLeaving kids in hot cars is dangerous. Protect your child in and around a hot car with these tips. Read more

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/simple-insights/?agentAssociateId=BRP941YS000
Title: View More Articles

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=UMGk7ekNae4
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/GymSpanish.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=biJM1VH8Sdg
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/TheDunkStateFarmCommercialfeaturingChrisPaul.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=-a2G3XCqNdk
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/CommercialBreaks.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=LvTNFA-xW3o
Title: Play

Search URL Search Domain Scan URL

URL: https://static1.st8fm.com/accessible-transcripts/MayaMarkdown30StateFarmCommercial.txt
Title: Audio Transcript

Search URL Search Domain Scan URL

URL: http://www.statefarm.com/IPS/prospectus/
Title: prospectus page

Search URL Search Domain Scan URL

URL: http://americanpetinsurance.com/
Title: AmericanPetInsurance.com

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/insurance/pet
Title: Pet Insurance From State Farm® and Trupanion®

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/about-our-ads?agentAssociateId=BRP941YS000
Title: Ads & Tracking

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/security?agentAssociateId=BRP941YS000
Title: Security

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/about-us/diversity-inclusion/accessibility-statement?agentAssociateId=BRP941YS000
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy?agentAssociateId=BRP941YS000
Title: Notice of Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/disclosures/terms-of-use?agentAssociateId=BRP941YS000
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights?agentAssociateId=BRP941YS000
Title: Privacy Rights in Your State

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/state-farm-pocket-agent/id318142137?mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.statefarm.pocketagent

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/agent/us/tx/college-sta/jeff-hamilton-brp941ys000
Title: Cambiar al Español

Search URL Search Domain Scan URL

URL: https://www.statefarm.com/customer-care/privacy-security/privacy/state-privacy-rights
Title: click here

Search URL Search Domain Scan URL

URL: https://es.statefarm.com/atencion-al-cliente/privacidad-seguridad/privacidad/derechos-de-privacidad-del-estado
Title: clic aquí

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jeffhamiltononline.com/ HTTP 301
https://jeffhamiltononline.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254

Request Chain 60

https://cm.everesttech.net/cm/dd?d_uuid=51282625367524824402507933793739386923 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeJqkwAAADlYfAQz

Request Chain 62

https://idsync.rlcdn.com/365868.gif?partner_uid=51282625367524824402507933793739386923 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjMQABoNCJPViY8GEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=6f5b2d8dad7cfb8669b26969e7e2e5c50e2f0b09556dce350b0544a5a1e4017cb0da87c991749652

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjM= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjM=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJvWpTOEGYtXYcGkQ6E-vuk&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 64

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=36787971-2660-41a2-9dec-4271b540d472

Request Chain 65

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=51282625367524824402507933793739386923&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RC33lk9E2pHtmlOjNYyTrAw2U6yKXRJOpoM-~A

Request Chain 66

https://usermatch.krxd.net/um/v2?partner=adobe&id=51282625367524824402507933793739386923 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=51282625367524824402507933793739386923

64 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
jeffhamiltononline.com/
Redirect Chain

http://jeffhamiltononline.com/
https://jeffhamiltononline.com/

279 KB
52 KB

838ms
451ms

Document
text/html

45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

Resource Hash

9bd4ae593e9e92c043538d31f6abcc4466f612652c3baa6e1d2f2af658189ce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 15 Jan 2022 06:32:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
x-backend-hostname: nakala-lin-dfw-01.mirus.io
vary: origin,accept-encoding
cache-control: no-cache
content-encoding: gzip
X-Frame-Options: SAMEORIGIN

Redirect headers

Content-length: 0
Location: https://jeffhamiltononline.com/

GET
H2 200 chunk-vendors.643201bc.js Show response
mysf.io/m1/app/dist/master/d26a587/js/ 517 KB
169 KB 55ms
9ms Script
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-vendors.643201bc.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd535b350adf3b3047c1e3b372da31f8418ac14cfb7d1117ea84d9d53dca644b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"6f4fc0e27c92069d817d2179102c31d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nE4Pll1rKPRXzBf4knefCCmWG0fRu6kYDYqBWdYtMfJXPybWe8PP7w==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 main.512f3d20.js Show response
mysf.io/m1/app/dist/master/d26a587/js/ 138 KB
32 KB 93ms
47ms Script
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/main.512f3d20.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6124a8c9e6ae41be95f7288232a1601bc3e5c4bbc3014ddd3fd365c6c89084e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"43130db72bbe5591c2fa3fdde9f93837"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2z_ayET270bqJ_wAWQ20yuamOk8PNNAiPTbCEf7OrdcNs-eyAm3uig==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 HomeView.7b0ccc01.js Show response
mysf.io/m1/app/dist/master/d26a587/js/ 261 KB
69 KB 77ms
32ms Script
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/HomeView.7b0ccc01.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a234b97c3bd98d37ee569b9fc46add2e3c27ed4dabbb01debab4605b595f50e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"8afc2b29ce6170c09f18bd76cd409a8f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2apdImoHre2Kr5ijWmVj9E1DSWwZEeLMWxbDerg1TrKsReP2zHY7CA==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 ChangeBtn.8c48b680.js Show response
mysf.io/m1/app/dist/master/d26a587/js/ 4 KB
2 KB 88ms
42ms Script
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/ChangeBtn.8c48b680.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 893e6104db6c2e8c125b3b4c378b7bd01d474b4acfb70e77625cb0ca44759a5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"31cdcb2354d343128284fe69c0c5836c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 4nQvLb9KlLrJtNFjHfd2gbFHV0YZ9berDLPUKxFUOANnzSRjeNjHmQ==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 EditBtn.220f56d2.js
mysf.io/m1/app/dist/master/d26a587/js/ 0
2 KB 32ms
32ms Other
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/EditBtn.220f56d2.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"eb9c1dd56885a7761413023fbd3789bc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7871VUlw0ucWvKt1jmPX6zD2IwrwLOxDULk3Yos8VgC-lpQHZqlHIg==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 EditorBase.c6aa9378.js
mysf.io/m1/app/dist/master/d26a587/js/ 0
143 KB 37ms
37ms Other
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/EditorBase.c6aa9378.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"55a12aa08168dacabfef238d8e84cf9c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8aJCRiepF0fXsSiERKS5N9OJ5gvnOYQQVG28gWJ1I8nvbV4tE_ydlg==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 chunk-2d237940.eb28fa46.js
mysf.io/m1/app/dist/master/d26a587/js/ 0
183 KB 54ms
53ms Other
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-2d237940.eb28fa46.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
age: 889520
etag: W/"b1d9fcf829834cb1c34e162fc1f9ed6f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Sba0mOjx7yjzGGtV_gRPV2NYapBYhNgrxEn6ZgkgaWtoUhgWiuyn_Q==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 precache-manifest.4185da96b5a397670d7c1686297744a7.js
mysf.io/m1/app/dist/master/d26a587/ 0
3 KB 85ms
85ms Other
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/precache-manifest.4185da96b5a397670d7c1686297744a7.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:31 GMT
server: AmazonS3
age: 889520
etag: W/"4185da96b5a397670d7c1686297744a7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: UhHicGLU8RiQaygnISjVpBL33QkVJVV2f0hpGrK_hb8kRvCCIEoQvw==
expires: Wed, 04 Jan 2023 23:26:30 GMT

GET
H2 200 service-worker.js
mysf.io/m1/app/dist/master/d26a587/ 0
974 B 85ms
85ms Other
application/javascript 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/service-worker.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 23:27:30 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 23:26:31 GMT
server: AmazonS3
age: 889520
etag: W/"9a0f6ebb2091793cc01db8263290815a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ZZcHg67f0VkwZ0G0Ot5h3TJCEUbmXmhAgBEg7bVVoq_gvrLZP003tQ==
expires: Wed, 04 Jan 2023 23:26:30 GMT

GET
H/1.1 200
OK formalColorFull.jpg
jeffhamiltononline.com/kash/300x-/-Jeff%20Hamilton%20State%20Farm%20Agent-/ac1.st8fm.com/associate-photos/B/BRP941YS000/ 13 KB
14 KB 494ms
238ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/300x-/-Jeff%20Hamilton%20State%20Farm%20Agent-/ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

9d0318e1729bfb7e10205975bd71c96fa20c73888915569c52461d2f370d337a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-kash-details: width: 300, height: -, decoration: -Jeff Hamilton State Farm Agent-/, path: ac1.st8fm.com/associate-photos/B/BRP941YS000/formalColorFull.jpg
Date: Sat, 15 Jan 2022 06:32:50 GMT
Last-Modified: Mon, 16 Jul 2012 04:24:47 GMT
Server: nginx/1.16.0
Age: 50310
Etag: "8011c0eea63cd1:0"
X-Frame-Options: SAMEORIGIN
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Length: 13281
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 426dd08e28ef04fc2f268ee11876871219093118279bc1be0fc5f73ad1a2389f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SourceSansPro-Regular.woff
mysf.io/m1/app/dist/master/d26a587/fonts/ 128 KB
128 KB 479ms
405ms Font
font/woff 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/fonts/SourceSansPro-Regular.woff
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5a9ed86a86add9f64f3492a3af9993fc7fb5ff850b300c72ca5057ae9f2c18a

Request headers

Referer: https://jeffhamiltononline.com/
Origin: https://jeffhamiltononline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 130560
last-modified: Tue, 04 Jan 2022 23:26:32 GMT
server: AmazonS3
etag: "b1637b49a5d6f35735ec03c297cb0932"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pe8OLOvSbDBXGym9NfaifKnpGWu4W9DrsZYUzwXBjG9lahgE3BbPuA==
expires: Wed, 04 Jan 2023 23:26:31 GMT

GET
H2 200 SFNewsGothic-Reg.woff
static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/SFNewsGothic/woff/ 27 KB
27 KB 472ms
85ms Font
application/font-woff 152.195.54.7
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://static1.st8fm.com/en_US/dxl-1x/prod/css/fonts/SFNewsGothic/woff/SFNewsGothic-Reg.woff

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

152.195.54.7 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECD (bsa/EA8C) /

Resource Hash

8a3e2be9d5898b937bbe9f62d1ab53982c1189a91b34ac9c8288b8aefb4b4198

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Referer: https://jeffhamiltononline.com/
Origin: https://jeffhamiltononline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:50 GMT
last-modified: Thu, 13 Aug 2020 16:19:32 GMT
server: ECD (bsa/EA8C)
age: 11157883
x-frame-options: DENY
x-cache: HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 27472
expires: Sun, 15 Jan 2023 06:32:24 GMT

GET
H/1.1 200
OK jeffhamiltononline.com-sidebar-md-89648575a4a7390f098e0ef45ec9cb8a.png
jeffhamiltononline.com/kash/-x-/storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/ 15 KB
16 KB 507ms
254ms Image
image/png 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jeffhamiltononline.com/kash/-x-/storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-89648575a4a7390f098e0ef45ec9cb8a.png
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: plinko0.mirus.io
Software: nginx/1.16.0 /
Resource Hash: 1a3f1f06165b755df50591f411fd908f15ef5b14d607bcdfcdd1537ab4ac7789

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=H7OATg==, md5=bPdcErqtpKAeVmPY9EJP8w==
Date: Sat, 15 Jan 2022 06:32:50 GMT
X-GUploader-UploadID: ADPycdv7Kg-dURKjSDs29-Z6BG3jhNWyFYg0SADK3S0d-iu0OhAeKM5bniCH9kvTHci6-zEvh77hkh6q3s9RcpzPRFqURkXQxA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 15171
X-kash-details: width: -, height: -, decoration: , path: storage.googleapis.com/static.mirus.io/images/maps/je/jeffhamiltononline.com/jeffhamiltononline.com-sidebar-md-89648575a4a7390f098e0ef45ec9cb8a.png
Last-Modified: Thu, 06 Jan 2022 19:49:11 GMT
Server: nginx/1.16.0
ETag: "6cf75c12baada4a01e5663d8f4424ff3"
X-backend-hostname: nakala-lin-dfw-02.mirus.io
x-goog-generation: 1641498551526434
Cache-Control: max-age=2592000
x-goog-stored-content-length: 15171
Accept-Ranges: bytes
Content-Type: image/png
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK 367-leasevsbuy-rightforyou-wide-red.jpg
jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/ 6 KB
7 KB 413ms
161ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/367-leasevsbuy-rightforyou-wide-red.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

aa389c22474ba02c9bd8906b62dfac0fb02e477acc8dc016c81894e408bb76c1

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-kash-details: width: 300, height: -, decoration: , path: static1.st8fm.com/en_US/img/si/750/367-leasevsbuy-rightforyou-wide-red.jpg
Date: Sat, 15 Jan 2022 06:32:50 GMT
Last-Modified: Fri, 28 Jun 2019 15:43:37 GMT
Server: nginx/1.16.0
Age: 2457
X-Frame-Options: DENY
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Cnection: close
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Length: 6386
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK 292-planning-for-easier-retirement-without-mortgage-wide.jpg
jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/ 15 KB
16 KB 517ms
259ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/292-planning-for-easier-retirement-without-mortgage-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

68bc7b014137ae7b4966069a9075ee5389ef177f9429cc62c3720a03a213c6db

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-kash-details: width: 300, height: -, decoration: , path: static1.st8fm.com/en_US/img/si/750/292-planning-for-easier-retirement-without-mortgage-wide.jpg
Date: Sat, 15 Jan 2022 06:32:50 GMT
Last-Modified: Mon, 02 Dec 2019 18:58:57 GMT
Server: nginx/1.16.0
Age: 8028
X-Frame-Options: DENY
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Cnection: close
X-backend-hostname: nakala-lin-dfw-02.mirus.io
Content-Length: 15846
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK 582-kids-hot-cars-wide.jpg
jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/ 15 KB
16 KB 636ms
284ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/300x-/static1.st8fm.com/en_US/img/si/750/582-kids-hot-cars-wide.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

60f50eefc8b1f94c18e8556dc4c8f2fa01460ed103d32126c967d7415462acfa

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-kash-details: width: 300, height: -, decoration: , path: static1.st8fm.com/en_US/img/si/750/582-kids-hot-cars-wide.jpg
Date: Sat, 15 Jan 2022 06:32:50 GMT
Last-Modified: Wed, 04 Aug 2021 21:30:15 GMT
Server: nginx/1.16.0
Age: 6363
X-Frame-Options: DENY
X-Cache: HIT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Cnection: close
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Length: 15799
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK hqdefault.jpg
jeffhamiltononline.com/kash/290x-/i2.ytimg.com/vi/UMGk7ekNae4/ 11 KB
12 KB 1043ms
153ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/290x-/i2.ytimg.com/vi/UMGk7ekNae4/hqdefault.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

484305fe9187d2a36013d5038f13e9d9f17719033b109f6e4cc8dea9de17b417

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 06:32:50 GMT
X-Content-Type-Options: nosniff
Age: 111
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Cross-Origin-Resource-Policy: cross-origin
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 11510
X-XSS-Protection: 0
X-kash-details: width: 290, height: -, decoration: , path: i2.ytimg.com/vi/UMGk7ekNae4/hqdefault.jpg
Server: nginx/1.16.0
ETag: W/"1603293838"
Vary: Origin
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK hqdefault.jpg
jeffhamiltononline.com/kash/290x-/i2.ytimg.com/vi/-a2G3XCqNdk/ 16 KB
17 KB 346ms
128ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/290x-/i2.ytimg.com/vi/-a2G3XCqNdk/hqdefault.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

a51524228666402ba363eddf0c08a754214c5b1436b62f10f91a4de8347936c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 06:32:50 GMT
X-Content-Type-Options: nosniff
Age: 4133
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Cross-Origin-Resource-Policy: cross-origin
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 16414
X-XSS-Protection: 0
X-kash-details: width: 290, height: -, decoration: , path: i2.ytimg.com/vi/-a2G3XCqNdk/hqdefault.jpg
Server: nginx/1.16.0
ETag: W/"0"
Vary: Origin
X-backend-hostname: nakala-lin-dfw-02.mirus.io
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK hqdefault.jpg
jeffhamiltononline.com/kash/290x-/i1.ytimg.com/vi/LvTNFA-xW3o/ 13 KB
14 KB 598ms
213ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/290x-/i1.ytimg.com/vi/LvTNFA-xW3o/hqdefault.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

bc6972544a52bb0ae0c32e04e328696db4abb4c0f997e8cd3e021ad57822ce45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 06:32:50 GMT
X-Content-Type-Options: nosniff
Age: 1230
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Cross-Origin-Resource-Policy: cross-origin
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 13755
X-XSS-Protection: 0
X-kash-details: width: 290, height: -, decoration: , path: i1.ytimg.com/vi/LvTNFA-xW3o/hqdefault.jpg
Server: nginx/1.16.0
ETag: W/"0"
Vary: Origin
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
H/1.1 200
OK hqdefault.jpg
jeffhamiltononline.com/kash/290x-/i3.ytimg.com/vi/biJM1VH8Sdg/ 9 KB
10 KB 550ms
169ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/290x-/i3.ytimg.com/vi/biJM1VH8Sdg/hqdefault.jpg

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

89302bbdd22b0d071784fec74aeffcda3280a97df987cf0405b6cd275e3c3e27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 06:32:50 GMT
X-Content-Type-Options: nosniff
Age: 292
Report-To: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
Cross-Origin-Resource-Policy: cross-origin
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 9642
X-XSS-Protection: 0
X-kash-details: width: 290, height: -, decoration: , path: i3.ytimg.com/vi/biJM1VH8Sdg/hqdefault.jpg
Server: nginx/1.16.0
ETag: W/"0"
Vary: Origin
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="youtube"
Expires: Mon, 14 Feb 2022 06:32:50 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6bfe3ddddbeba2a38b86573d8852a212f6f48b6a36c05323436465f3bace95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e8ae2da972dae7ea8e60367876f4ea66f6a5cfa342b630ef0b7d13323b79bfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 945 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8aa25147308f0089d1412fe71e83d87c04b9145e5a921de626935b21d656a59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK Bootstrap.js Show response
jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/ 75 KB
24 KB 827ms
446ms Script
application/javascript 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: plinko0.mirus.io
Software: nginx/1.16.0 /
Resource Hash: 983abcd4e7d3ade963dc24847b9d909aca3cf55bdaf87541bbde5869297e9a26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 06:32:51 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Jun 2021 17:50:21 GMT
Server: nginx/1.16.0
ETag: W/"60d4c5dd-12a5a"
Vary: Accept-Encoding
X-backend-hostname: nakala-lin-dfw-01.mirus.io
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Expires: Mon, 14 Feb 2022 06:32:51 GMT

GET
H2 200 news_gothic_bold_bt-webfont.woff
mysf.io/m1/app/dist/master/d26a587/fonts/ 24 KB
25 KB 448ms
448ms Font
font/woff 13.224.193.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mysf.io/m1/app/dist/master/d26a587/fonts/news_gothic_bold_bt-webfont.woff
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-23.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa6e8a424c36f8043275d57ed2842b54eaaab90a19edbf632a7c01147856a12a

Request headers

Referer: https://jeffhamiltononline.com/
Origin: https://jeffhamiltononline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
vary: Origin
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-length: 24880
last-modified: Tue, 04 Jan 2022 23:26:33 GMT
server: AmazonS3
etag: "3e257bd013d16bb2fd7a25b54c392f30"
access-control-max-age: 3000
access-control-allow-methods: GET, POST, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: jH3kS0egsJpZWxz8N4ozJ0ssS2bK3bvND11bYZz0INRt4KV7HCakDw==
expires: Wed, 04 Jan 2023 23:26:32 GMT

OPTIONS
H2 204 pageviews
peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/ Frame 0
0 428ms
128ms Preflight 35.202.0.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/pageviews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.0.144 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

144.0.202.35.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,keen-sdk
Origin: https://jeffhamiltononline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.19.1
date: Sat, 15 Jan 2022 06:32:50 GMT
access-control-allow-origin: https://jeffhamiltononline.com
access-control-allow-methods: POST
access-control-allow-headers: Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-max-age: 86400
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 player_api Show response
www.youtube.com/ 980 B
1 KB 53ms
25ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/player_api

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-vendors.643201bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
expires: Sat, 15 Jan 2022 06:32:50 GMT

POST
H2 200 pageviews Show response
peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/ 66 B
327 B 132ms
131ms Fetch
application/json 35.202.0.144
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://peachy.prod.mirus.io/record/3.0/projects/5b7df454c9e77c0001287ed9/events/pageviews

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-vendors.643201bc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.0.144 Council Bluffs, United States, ASN15169 (GOOGLE, US),

Reverse DNS

144.0.202.35.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

39a3ddc70d890f7366c7f880860b55f0119ee51af251c7191e39351312211f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Referer: https://jeffhamiltononline.com/
keen-sdk: javascript-4.4.0
Accept-Language: de-DE,de;q=0.9
Authorization: D9982DE0E0B29AC3E087014013C22EEA773248ED3656448F275C15C33E02A92C10B7FB14150F3A417461405FBECBAA219F9211FAC727A413F2BD05BC123D6FC05E9C782EB14A01A27BA4997BA6F8F2C6E121053818FAF4FA7C2FD2133B04B027
Content-Type: application/json

Response headers

date: Sat, 15 Jan 2022 06:32:50 GMT
server: nginx/1.19.1
vary: origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://jeffhamiltononline.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 66

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
2 KB 28ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-vendors.643201bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

985a5a116282cd26b25d0382aa66463f7056466fcf8905629dd42827ddabacfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: rc2oHcwzazqq8wtXblrcJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: edugXySPPFCItLfozItVGsPUUmCG9eM3tP4jQP9NDBKPuLt2XW0WgQ00sUodhrau1wAXTYpLY1fAhOG6pe4hvw==
x-fb-trip-id: 917726464
x-fb-content-md5: cef6e9e9bca3df22a8dba5f7c06cf5bb
x-frame-options: DENY
date: Sat, 15 Jan 2022 06:32:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e44dec842aea08d7b44e3c25606d6c7b"
timing-allow-origin: *
expires: Sat, 15 Jan 2022 06:35:05 GMT

GET
H/1.1 200
OK m1_web_204699181_glq6h5
jeffhamiltononline.com/kash/-x-/tyzik.prod.mirus.io/m1banners/ 107 KB
108 KB 1026ms
998ms Image
image/jpeg 45.33.12.50
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://jeffhamiltononline.com/kash/-x-/tyzik.prod.mirus.io/m1banners/m1_web_204699181_glq6h5

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.33.12.50 Richardson, United States, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

plinko0.mirus.io

Software

nginx/1.16.0 /

Resource Hash

0c619fa47e9e93fc93a6f155c679fc672c4bf950afdc59391a4bc778a21aa160

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

X-kash-details: width: -, height: -, decoration: , path: tyzik.prod.mirus.io/m1banners/m1_web_204699181_glq6h5
Date: Sat, 15 Jan 2022 06:32:51 GMT
Server: nginx/1.16.0
x-cache-key: cached/m1banners/12/12b65d41e52925900d3b103ec317202df83a5445.jpg
x-cache-status: HIT
vary: origin
x-source-key: m1/banners/m1_web_204699181_glq6h5.jpg
Content-Type: image/jpeg
access-control-expose-headers: WWW-Authenticate,Server-Authorization
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15724800; includeSubDomains
Accept-Ranges: bytes
X-backend-hostname: nakala-do-nyc-01.mirus.io
Content-Length: 110055
Expires: Mon, 14 Feb 2022 06:32:51 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/ 149 KB
49 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/player_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 03:53:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9569
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49396
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 15 Jan 2023 03:53:21 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 290 KB
82 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=5063f585c8edf10519476083408efba5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

97ecac779cdb8c62d3427c656435eaf043133a90de51eb3d0f7577b8ac97ed21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://jeffhamiltononline.com/
Origin: https://jeffhamiltononline.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: EJb37cUpWgQ1U5d0l3LZ6w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83515
x-fb-rlafr: 0
x-fb-debug: 9UhgSmSdVat5geseZ7Kga7ZXDp8hSQtMzHrDQdBXkAWAWrL8dm63kwvigprBbCoSjlQnUIlxY380xxcbqaXUJA==
x-fb-content-md5: c6cc7f965ec8486cb5759cdbc31e789a
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 15 Jan 2022 06:32:50 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b2fd05b5f280f9544bfa200f4af0ba49"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 15 Jan 2023 06:15:06 GMT

GET
H2 200 page.php Show response
www.facebook.com/v12.0/plugins/ Frame 06E6 56 KB
20 KB 131ms
99ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=5063f585c8edf10519476083408efba5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07045371549b0a2def6091b2a243c76f62aca444d9785ce398c935974d7c6b71

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: cA+jctegFemm8b4BXYjLYko79C0QFUGmk8SbMzak4kumiM8Z2mHhEaSuVNxmPgVY7GM+ZlmzFriJTN5ruwOJsw==
date: Sat, 15 Jan 2022 06:32:50 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 rWQymq__vuR.css
www.facebook.com/rsrc.php/v3/yp/l/0,cross/ Frame 06E6 19 KB
5 KB 29ms
19ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/rWQymq__vuR.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f513193b84d24bd48d3f5a4ecd9846b675ae7185a18655e816cd1c3be2725fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 17:11:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: BC3+aTdO4YqoC9fNf8pSMg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 4890
x-fb-rlafr: 0
x-fb-debug: UKvISCv9huWEte9WyssMpiGl8EZaADi53mk05vAscHb7HZXe6ZOydvWDx+BIpkdudFEO3gSevcnX0GaEA0Vr+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 17:11:24 GMT

GET
H3 200 FPdNN1TK3wJ.css
www.facebook.com/rsrc.php/v3/yF/l/0,cross/ Frame 06E6 2 KB
869 B 26ms
17ms Stylesheet
text/css 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 815
x-fb-rlafr: 0
x-fb-debug: O41oOlUt6xKzz1M9sF+uuOLp1GuG3m904w53L0YV9kRQpyLDyS+FZNYarONSm+hgrwEkjUM8RLxnCgT0fVUilQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Jan 2023 17:21:51 GMT

GET
H3 200 s8GJzAB5Zn3.js Show response
www.facebook.com/rsrc.php/v3/yF/r/ Frame 06E6 307 KB
82 KB 27ms
17ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

50c6fe147f314037c91162d843433a0d305348b76db2280c2bedf6c0eb54ee0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 21:40:03 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PNumDbg6UcNs8x9N3V8tOw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 84352
x-fb-rlafr: 0
x-fb-debug: fVvXS/F3rhFCPqaZ4wF/JbdyPmQ45yLG2VWzmTfaNpc7MsY8e9IrwwHvBgIKXARGYh5ZjBYTWmhbWmVRaos/MA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 21:40:03 GMT

GET
H3 200 GG1Y0sYc7My.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 06E6 5 KB
2 KB 29ms
19ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 19:15:19 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: 4xyDNP07+myx0e7u/PBcVqFa0yiygqCTu/XQevclLxNQRlCrJXQ9PiaJ1ysI6t4/4+dkNHnxXflIPwYw/2b1Uw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 19:15:19 GMT

GET
H3 200 T8BJ7ETas0v.js Show response
www.facebook.com/rsrc.php/v3/ys/r/ Frame 06E6 41 KB
13 KB 27ms
18ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ys/r/T8BJ7ETas0v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 16:15:53 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VOcZ8I8uJKc3nOE1gwDd/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 13499
x-fb-rlafr: 0
x-fb-debug: Aheqh9bvuc08byP1wmS1am9aBxFmucHH+xdIlJrBDYigT13eStcCBXvKkuJvB0hq3kF70cy/sOU6wzAyhbBQaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 10 Jan 2023 16:15:53 GMT

GET
H3 200 xyCIQCGmYe4.js Show response
www.facebook.com/rsrc.php/v3/ye/r/ Frame 06E6 46 KB
15 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/ye/r/xyCIQCGmYe4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:21:51 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sR6bQ1Us80pnn5qvyfl2lg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 14881
x-fb-rlafr: 0
x-fb-debug: uk5SMt3NtLSGj2NtgVlZex9xBTwbxuwPk6+eZZpgwbxARqn+fMIukFm1PzwtR4GlxNoWXy0Uxg7TJUVIMd4j1g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Jan 2023 17:21:51 GMT

GET
H3 200 ah6R-G74KaH.js Show response
www.facebook.com/rsrc.php/v3/yV/r/ Frame 06E6 26 KB
8 KB 23ms
14ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yV/r/ah6R-G74KaH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4881ea8a07a6d2647da213af975cc9172c8a7dcb09609c823cfe5aa059b75161

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 21:31:06 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CF89rExLxYu4/Z5Kg+cXRQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 8427
x-fb-rlafr: 0
x-fb-debug: M1o9KD84qiQL4EeIcB88nNC4I/3aeunm/uHkg01lhdMZ5IYWPiM3KHekTXn0j7YjodykzQyKh+rBTfHuXwrzWg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 21:31:06 GMT

GET
H3 200 zvGKQS-V-77.js Show response
www.facebook.com/rsrc.php/v3iLl54/yp/l/en_GB/ Frame 06E6 179 KB
52 KB 24ms
15ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iLl54/yp/l/en_GB/zvGKQS-V-77.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d552d3145e87e9feacd04d7ef25b603afb9d592b9875cd3d6af46ce95e744ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 21:10:59 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1SLS4Gtgp9l2qaCerPML5w==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 53118
x-fb-rlafr: 0
x-fb-debug: QwAYMqJaNmSsATxhgunYKT428C9EIgUBK+tKQHG0Q2OD3cKvKxjHXQMXgQtOD/FgDSpBT0M7icWFaqmkBpkHeQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Jan 2023 21:10:59 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
www.facebook.com/rsrc.php/v3i7244/y9/l/en_GB/ Frame 06E6 82 KB
22 KB 24ms
16ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7244/y9/l/en_GB/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

718b626e82ce895fa295a5a745a7059f03705efdd88ea6ac0ac7f710f231673d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 16:31:18 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lqxi1LysJ2/m2ea+WIQrUA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 22904
x-fb-rlafr: 0
x-fb-debug: kuG2SyxeRB3LEGWMS72Dio8KJGGR8GuUUEUnbzaBnqmhs0h3jQGB6shpagrcj8pnmLnqfn7ovEHyP2Rg5oGPuw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 16:31:18 GMT

GET
H3 200 InDHUbH2zHG.js Show response
www.facebook.com/rsrc.php/v3/y-/r/ Frame 06E6 21 KB
7 KB 25ms
16ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y-/r/InDHUbH2zHG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0120afbe63c38539eed856bbef4d49a92c45f78262bb705640d383bcbc0bfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 05 Jan 2022 02:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XJ6KN7mUBdSuqxW9u/0TXQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 6967
x-fb-rlafr: 0
x-fb-debug: IDeKfkfug1Cf3E6pAPbGlXL6rdyRgfuWpaX5RDrLzK8qHPgQ29TtzaKG6qr/umZcods13cWcUpFMA0PwaJVGlA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:34:47 GMT

GET
H2 200 1918627_356111552513_1319118_n.jpg
scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c0.13.50.50a/p50x50/ Frame 06E6 1 KB
2 KB 46ms
45ms Image
image/jpeg 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.18169-1/cp0/c0.13.50.50a/p50x50/1918627_356111552513_1319118_n.jpg?_nc_cat=104&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=jPf0vga8jZ0AX8c9dTF&_nc_ht=scontent.xx&edm=ALIZrNsEAAAA&oh=00_AT_m4RRq1zCMcNDM8z72BeqvAK6RtmQ2zjPv74X6GcmO2g&oe=62067953
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d0b09bbc32e2a59c9b9503ce109b1d942b11fb6a7a091951ed3e0dc526db0b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 1034760132
date: Sat, 15 Jan 2022 06:32:50 GMT
x-fb-trip-id: 917726464
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1922154509
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: Vp6NXJe1d-38g0aWDe3Jx4M2Sbq2mt-f3lvejG1GQV7N1q2Ue5EfuERWs-5CptEORIeDV5TDXDqDktTj97d5A0xM2M9P0Vn0Z3Q0ivPcqmQ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1718984756
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1401

GET
H3 200 odN6yT5qyq_.png
www.facebook.com/rsrc.php/v3/yS/r/ Frame 06E6 1 KB
1 KB 8ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/yS/r/odN6yT5qyq_.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/rWQymq__vuR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/rWQymq__vuR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:20:46 GMT
x-content-type-options: nosniff
content-md5: jWtlBZOXpZs9LMNqqzeJoA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 1341
x-fb-rlafr: 0
x-fb-debug: wizatCZQLWqDePVBLjPX1hdRETP9XuM+kozpVYo+eSsXqVDrCDZpYP46oEaRGtDOxmabASyMuxAJ3rcxm3MNfA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 20:20:46 GMT

GET
H3 200 CWJINsGKrOS.js Show response
www.facebook.com/rsrc.php/v3/y3/r/ Frame 06E6 18 KB
6 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 17:06:52 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4rHnUh0ztUMBselfW2HUmA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 5946
x-fb-rlafr: 0
x-fb-debug: Y/ruGJVckfC2OIIgCb0eDboejWRvPI9usD4ekH+WG8rmEJqRIKeDel91W8BZ7YsmCLUKyJ9h9fZGa51fjVnd7g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 17:06:52 GMT

GET
H3 200 cN-N4Eu_deZ.js Show response
www.facebook.com/rsrc.php/v3/yv/r/ Frame 06E6 7 KB
2 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 20:42:39 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XkHzn1WHKMxOAJmWI3FJ7A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 2277
x-fb-rlafr: 0
x-fb-debug: GZ5h8Gcbk92gC5CjFqyfWFTYEMZwNoq5+KDE/WfATbe5jOVkFu6uo9YBbxyMEXAYcuZ9ThDqPXkHGrHBW2uOAw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jan 2023 20:42:39 GMT

GET
H3 200 -w48qAFeXq2.js Show response
www.facebook.com/rsrc.php/v3/yZ/r/ Frame 06E6 7 KB
3 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yZ/r/-w48qAFeXq2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e19be927b1d8c16659aa51e1f8c632caa4dc20faf474480833270e3aa622217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 20:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvOu1zaOMVC4mSFkCEUAeQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 2560
x-fb-rlafr: 0
x-fb-debug: FhPkZl1SCy637E1KGwDi5F+EhYOigac8Pi1kK451/9DRGu4kpHHd546QWW6X0E9bvC9Ay+qh+FEoO9SYghzBTw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Jan 2023 20:17:58 GMT

GET
H3 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 06E6 1 KB
759 B 37ms
36ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2F356095217513%22%2C%22width%22%3A312%2C%22height%22%3A597%2C%22has_cta%22%3Afalse%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fjeffhamiltononline.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKBz84e1QyUbFp63m1FwAxu13wqovzEdEc8uwdK4o6O0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ewnE3fw6iyE158&__csr=&__req=1&__hs=19007.BP%3Aplugin_default_pkg.2.0.0.0.&dpr=1&__ccg=EXCELLENT&__rev=1004944114&__s=%3A%3Assgkqk&__hsi=7053317142042410765-0&__comet_req=0&locale=en_GB&__sp=1

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3i7244/y9/l/en_GB/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d6d0a6d35ad318add07ecd8c452aeae71c8bb3c14e3eb73049a3ff3dd7a1cfd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: H91F2UTAh7Afu3txDl-poE
Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: H8XQHqZh8u/sOEybvMo+shJtzpZVUc7TkL5r3ERCOUAk3ntZ1nlOelQaJF2dpYyNxTiE1ymban8pufJRG6pz6Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 15 Jan 2022 06:32:50 GMT
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 06E6 1 KB
767 B 33ms
32ms XHR
application/x-javascript 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3i7244/y9/l/en_GB/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f72992a5a9c0bdbbb05a01277a71ffe5ee4603024636f2f768d51bf6cfbbaea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: H91F2UTAh7Afu3txDl-poE
Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 8zpnZqszOlfkyu/ZtaE3I8QeAsy+o2gKMr2Hr/5fBRtd78wIgF8GygmEzqGIJdQP4l0i0zqiZ7r6dXSy2KO1Vg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 15 Jan 2022 06:32:50 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 onuUJj0tCqE.png
www.facebook.com/rsrc.php/v3/y2/r/ Frame 06E6 4 KB
4 KB 7ms
7ms Image
image/png 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y2/r/onuUJj0tCqE.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/rWQymq__vuR.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/rsrc.php/v3/yp/l/0,cross/rWQymq__vuR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 23:51:44 GMT
x-content-type-options: nosniff
content-md5: OK0dmVpVmdoMRpKMP9eDcg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
content-length: 3944
x-fb-rlafr: 0
x-fb-debug: Ozc6s+zdRXEaIg3gRddBXZNqdHCoqvh/prKr/BZCHAjm3x+CgcnvBVAXufjPgcgZ0XmlqmcfR8V6PS+f7MWlgQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Jan 2023 23:51:44 GMT

GET
H2 200 OZcLupMIkEN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 06E6 245 B
2 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1012db27ec1cb433b46f471bb11c18fec71f59c5fa6f6520c87ff374e4ef0325

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:50 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Sj0Q4egSj1eTua951vhlbw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 165
x-fb-rlafr: 0
x-fb-debug: sWlWvraRp+30BJAY2k2HL3ETvJF+52Buwe+o3GG4VmNc2RUkXhc36sdVPp7Sui7fcu5Bd42IK2xok5v+Wk40VA==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 20:11:34 GMT

GET
H3 200 /
www.facebook.com/login/ Frame 06E6 0
0 123ms
123ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv12.0%2Fplugins%2Fpage.php%3Fapp_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df164ba1c0f2bd58%2526domain%253Djeffhamiltononline.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fjeffhamiltononline.com%25252Ff29086657385178%2526relation%253Dparent.parent%26container_width%3D312%26height%3D597%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F356095217513%26locale%3Den_GB%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D312px

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yF/r/s8GJzAB5Zn3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/page.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df164ba1c0f2bd58%26domain%3Djeffhamiltononline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fjeffhamiltononline.com%252Ff29086657385178%26relation%3Dparent.parent&container_width=312&height=597&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F356095217513&locale=en_GB&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=312px

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: Lo7KaKavUFj3oxLAPBpfslesEx/w79fhEes9MjzOxuLtqAVeeeCNp+n4JK5Ouk+WPlslC+m0pHzfgB3McdSpmg==
date: Sat, 15 Jan 2022 06:32:50 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254

1 KB
1 KB

33ms
33ms

XHR
application/json

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

490a52e314b405766e149278d7cca9b8fbd4450899ac59883be059cfcd3b30fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-07b1f5098.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 4izGzQNVQtc=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://jeffhamiltononline.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 631
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcscanary-prod-irl1-1-v030-05f8e58e8.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://jeffhamiltononline.com
X-TID: wAB1L/t3SFA=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1642228371254
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/statefarm/mirus/ 384 B
527 B 28ms
9ms Script
text/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?r=222799.11581499135&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Jun%2024%2017:50:20%20GMT%202021&ClientID=603&PageID=https%3A%2F%2Fjeffhamiltononline.com%2F
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3735968e33fd31108bcf85778c9c5ae7b94319f3bf3af44aeecc678c1f90a7af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 384
expires: Sat, 15 Jan 2022 06:32:50 GMT

GET
H2 200 3d8b9c26db8f795962b33ba65b639158.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 153 KB
46 KB 19ms
19ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/3d8b9c26db8f795962b33ba65b639158.js?conditionId0=423109
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 8d642c063fb3a29d1bbf8ef41304fbee1860b8e1326e25e65616de1e7c52da36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
content-encoding: gzip
last-modified: Thu, 24 Jun 2021 17:50:21 GMT
server: nginx
etag: W/"60d4c5dd-265b1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 265f18c243aa4672bf43c1e24c92c39f.js Show response
nexus.ensighten.com/statefarm/mirus/code/ 3 KB
1 KB 7ms
7ms Script
application/javascript 18.197.253.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/statefarm/mirus/code/265f18c243aa4672bf43c1e24c92c39f.js?conditionId0=1539709
Requested by: Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 03a06c323e874fd6dfa69076135582e47ca5b2cbf6688324599a9006fa02b2c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 20:54:59 GMT
server: nginx
etag: W/"60cbb6a3-d9f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H/1.1 200
OK dest5.html Show response
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame 0007 7 KB
3 KB 159ms
34ms Document
text/html 52.18.187.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/kash/nexus.ensighten.com/statefarm/mirus/Bootstrap.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.18.187.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-187-187.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sat, 15 Jan 2022 06:32:51 GMT
DCS: dcs-prod-irl1-1-v026-060ae7f00.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Dec 2021 14:08:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: hnM6vprYTrM=
transfer-encoding: chunked
Connection: keep-alive

GET
H2 200 id Show response
smetrics.statefarm.com/ 48 B
519 B 78ms
19ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=55460447489012867402959223072453131255&ts=1642228371426

Requested by

Host: mysf.io
URL: https://mysf.io/m1/app/dist/master/d26a587/js/chunk-vendors.643201bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

9637348dd463e5e5d71e4b2edac6f4a0e7591f32ccbf0538c33edec93ed5c834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jeffhamiltononline.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 15 Jan 2022 06:32:51 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-cdfbd77b-mr7bh
vary: Origin
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://jeffhamiltononline.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YeJqkwAAADlYfAQz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=51282625367524824402507933793739386923
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeJqkwAAADlYfAQz

42 B
945 B

34ms
34ms

Image
image/gif

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeJqkwAAADlYfAQz

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-05a12a762.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: /YhIAmG+QAg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YeJqkwAAADlYfAQz
Date: Sat, 15 Jan 2022 06:32:51 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 s84920912738375 Show response
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 1 KB
1 KB 45ms
45ms Script
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s84920912738375?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=15%2F0%2F2022%206%3A32%3A51%206%200&d.&nsid=0&jsonv=1&.d&D=..&mid=55460447489012867402959223072453131255&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-s%3Abrp941ys000&g=https%3A%2F%2Fjeffhamiltononline.com%2F&ch=sf%3Aus%3Aagent-micro-s&server=jeffhamiltononline.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-s%3Abrp941ys000&h1=home%7Cagent-micro-s%7Cbrp941ys000&c4=sf%3Aagent-micro-s%3Abrp941ys000&v6=jeffhamiltononline.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fjeffhamiltononline.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=saturday%7C12%3A30am&v50=1%2F15%2F2022&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F97.0.4692.71%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1

Requested by

Host: jeffhamiltononline.com
URL: https://jeffhamiltononline.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

d285688f306d08953b8f077f44fd3bccd8d633c136934cff17218ce8a7c28ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jeffhamiltononline.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-aam-tid: Qg/5VDCCTeQ=
date: Sat, 15 Jan 2022 06:32:51 GMT
x-content-type-options: nosniff
x-c: main-1585.I7afc85.M0-540
p3p: CP="This is not a P3P policy"
vary: *
content-length: 1078
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v026-0ca4dd5bc.edge-irl1.demdex.com UNKNOWN
pragma: no-cache
last-modified: Sun, 16 Jan 2022 06:32:51 GMT
server: jag
xserver: anedge-cdfbd77b-kd74n
etag: 3526658574099578880-4619593016007090323
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 14 Jan 2022 06:32:51 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=6f5b2d8dad7cfb8669b26969e7e2e5c50e2f0b09556dce350b0544a5a1e4017cb0da87c991749652
dpm.demdex.net/ Frame 0007
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=51282625367524824402507933793739386923
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjMQABoNCJPViY8GEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=6f5b2d8dad7cfb8669b26969e7e2e5c50e2f0b09556dce350b0544a5a1e4017cb0da87c991749652

42 B
945 B

34ms
33ms

Image
image/gif

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=6f5b2d8dad7cfb8669b26969e7e2e5c50e2f0b09556dce350b0544a5a1e4017cb0da87c991749652

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-0eb858d0d.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ssLpQ2GJSqo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sat, 15 Jan 2022 06:32:51 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=6f5b2d8dad7cfb8669b26969e7e2e5c50e2f0b09556dce350b0544a5a1e4017cb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEJvWpTOEGYtXYcGkQ6E-vuk&google_cver=1
dpm.demdex.net/ Frame 0007
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjM=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NTEyODI2MjUzNjc1MjQ4MjQ0MDI1MDc5MzM3OTM3MzkzODY5MjM=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJvWpTOEGYtXYcGkQ6E-vuk&google_cver=1?gdpr=0&gdpr_consent=

42 B
945 B

52ms
33ms

Image
image/gif

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJvWpTOEGYtXYcGkQ6E-vuk&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v026-092eae008.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J104moY0Rlg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 06:32:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJvWpTOEGYtXYcGkQ6E-vuk&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=36787971-2660-41a2-9dec-4271b540d472
dpm.demdex.net/ Frame 0007
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=36787971-2660-41a2-9dec-4271b540d472

42 B
945 B

34ms
34ms

Image
image/gif

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=36787971-2660-41a2-9dec-4271b540d472

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-099f6d80c.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Seo+UwQxQYk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 06:32:51 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=36787971-2660-41a2-9dec-4271b540d472
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 0007
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=51282625367524824402507933793739386923&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RC33lk9E2pHtmlOjNYyTrAw2U6yKXRJOpoM-~A

42 B
945 B

33ms
33ms

Image
image/gif

54.72.188.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RC33lk9E2pHtmlOjNYyTrAw2U6yKXRJOpoM-~A

Protocol

HTTP/1.1

Server

54.72.188.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-72-188-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-09d2da899.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 62bsgsOkSuE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sat, 15 Jan 2022 06:32:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-RC33lk9E2pHtmlOjNYyTrAw2U6yKXRJOpoM-~A
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 0007
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=51282625367524824402507933793739386923
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=51282625367524824402507933793739386923

0
338 B

105ms
30ms

Image
text/plain

52.16.165.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=51282625367524824402507933793739386923
Protocol: H2
Server: 52.16.165.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-16-165-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 06:32:52 GMT
cache-control: private, no-cache, no-store
x-request-time: D=43 t=1642228372
x-served-by: beacon-n019-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=51282625367524824402507933793739386923
date: Sat, 15 Jan 2022 06:32:52 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a011-ash-prod.krxd.net

Verdicts & Comments Add Verdict or Comment

82 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jeffhamiltononline.com/	1969-12-31 23:59:59	Name: si.es.ar.ef Value: kJUkQJGod4ixKceg-Z1qyQRex0K7OlaXgmrnk3xg20f
jeffhamiltononline.com/	1969-12-31 23:59:59	Name: snak Value: eyJkb21haW4iOiJqZWZmaGFtaWx0b25vbmxpbmUuY29tIiwic3NsIjp0cnVlLCJrbm93bl9pcCI6ZmFsc2UsImJhY2tlbmRzIjpbXX0=
jeffhamiltononline.com/	1970-01-20 08:56:04	Name: keen Value: {%22uuid%22:%22960b9e5e-ef49-4f75-bccb-8df7db36fe7e%22%2C%22initialReferrer%22:null}
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: cnhzuc1dZS8
.youtube.com/	1970-01-20 04:29:40	Name: VISITOR_INFO1_LIVE Value: mRrsqh2k8Fg
.jeffhamiltononline.com/	1970-01-20 00:10:30	Name: s_gad Value: 1
.demdex.net/	1970-01-20 04:29:40	Name: demdex Value: 51282625367524824402507933793739386923
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 1
.statefarm.com/	1970-01-20 17:41:40	Name: s_ecid Value: MCMID%7C55460447489012867402959223072453131255
.everesttech.net/	1970-01-20 08:56:04	Name: everest_g_v2 Value: g_surferid~YeJqkwAAADlYfAQz
.dpm.demdex.net/	1970-01-20 04:29:40	Name: dpm Value: 51282625367524824402507933793739386923
.jeffhamiltononline.com/	1970-01-20 17:41:40	Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg Value: 690614123%7CMCIDTS%7C19008%7CMCMID%7C55460447489012867402959223072453131255%7CMCAAMLH-1642833171%7C6%7CMCAAMB-1642833171%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1642235571s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19015%7CvVersion%7C3.1.0
.jeffhamiltononline.com/	1970-01-20 00:10:30	Name: s_pre_pn Value: sf%3Aus%3Aagent-micro-s%3Abrp941ys000
.jeffhamiltononline.com/	1970-01-20 00:10:30	Name: s_pre_v6 Value: jeffhamiltononline.com
.jeffhamiltononline.com/	1970-01-20 00:10:30	Name: s_dl Value: 1
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cm Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.jeffhamiltononline.com/	1970-01-21 19:59:54	Name: s_ev32 Value: %5B%5B%27direct%2520load%27%2C%271642228371593%27%5D%5D
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_session Value: s_prev_url%3Dhttps%3A%2F%2Fjeffhamiltononline.com%2F%7Centry%3Dhttps%3A%2F%2Fjeffhamiltononline.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-s%7Cs_prev_ch%3Dagent-micro-s%7Cs_prev_pn%3Dbrp941ys000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-s%3Abrp941ys000%7Cmc%3Ddirect%20load%7C
.jeffhamiltononline.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.jeffhamiltononline.com/	1970-01-20 04:29:40	Name: AAMC_statefarmmutualautomobileinsurancecompany_0 Value: REGION%7C6
.jeffhamiltononline.com/	1970-01-20 00:53:40	Name: aam_uuid Value: 51282625367524824402507933793739386923
.rlcdn.com/	1970-01-20 08:56:04	Name: rlas3 Value: 5FaJgXOeUoYsFwrzDwnYg7nCW3aNGIBBagXJoFxGovo=
.rlcdn.com/	1970-01-20 01:36:52	Name: pxrc Value: CJPViY8GEgUI6AcQABIGCPHrARAA
.doubleclick.net/	1970-01-20 09:32:04	Name: IDE Value: AHWqTUlOcBjfDqU7r7Ia_qeF9vMhNTPdVuNVM7_bS-0bJhDTrbhxJqfBEhJbLos035M
.adsrvr.org/	1970-01-20 08:56:04	Name: TDID Value: 36787971-2660-41a2-9dec-4271b540d472
.adsrvr.org/	1970-01-20 08:56:04	Name: TDCPM Value: CAESEgoDYWFtEgsImqnut9z-qzoQBRgFIAEoAjILCKDG0-Ty_qs6EAU4AQ..
.demdex.net/	1970-01-20 04:29:40	Name: dextp Value: 60-1-1642228371612\|771-1-1642228371713\|903-1-1642228371814\|30646-1-1642228371914\|66757-1-1642228372015
.yahoo.com/	1970-01-20 08:56:25	Name: A3 Value: d=AQABBJRq4mECEAIScF4yfaEUPWBmQdeN0WY&S=AQAAAlJ3jkm5rsWoZn02XBlmD6g
.krxd.net/	1970-01-20 04:29:40	Name: _kuid_ Value: OmkLZnhQ

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
dpm.demdex.net
idsync.rlcdn.com
jeffhamiltononline.com
match.adsrvr.org
mysf.io
nexus.ensighten.com
peachy.prod.mirus.io
scontent.xx.fbcdn.net
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static.xx.fbcdn.net
static1.st8fm.com
usermatch.krxd.net
www.facebook.com
www.youtube.com
13.224.193.23
142.250.185.66
15.188.95.229
152.195.54.7
18.197.253.20
212.82.100.182
2a00:1450:4001:802::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.202.0.144
35.244.174.68
45.33.12.50
52.16.165.86
52.18.187.187
52.223.40.198
52.50.54.3
52.54.229.60
54.72.188.68
03a06c323e874fd6dfa69076135582e47ca5b2cbf6688324599a9006fa02b2c5
07045371549b0a2def6091b2a243c76f62aca444d9785ce398c935974d7c6b71
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0c619fa47e9e93fc93a6f155c679fc672c4bf950afdc59391a4bc778a21aa160
0f72992a5a9c0bdbbb05a01277a71ffe5ee4603024636f2f768d51bf6cfbbaea
1012db27ec1cb433b46f471bb11c18fec71f59c5fa6f6520c87ff374e4ef0325
1a3f1f06165b755df50591f411fd908f15ef5b14d607bcdfcdd1537ab4ac7789
1e8ae2da972dae7ea8e60367876f4ea66f6a5cfa342b630ef0b7d13323b79bfc
3735968e33fd31108bcf85778c9c5ae7b94319f3bf3af44aeecc678c1f90a7af
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
39a3ddc70d890f7366c7f880860b55f0119ee51af251c7191e39351312211f01
426dd08e28ef04fc2f268ee11876871219093118279bc1be0fc5f73ad1a2389f
484305fe9187d2a36013d5038f13e9d9f17719033b109f6e4cc8dea9de17b417
4881ea8a07a6d2647da213af975cc9172c8a7dcb09609c823cfe5aa059b75161
490a52e314b405766e149278d7cca9b8fbd4450899ac59883be059cfcd3b30fb
50c6fe147f314037c91162d843433a0d305348b76db2280c2bedf6c0eb54ee0e
5e19be927b1d8c16659aa51e1f8c632caa4dc20faf474480833270e3aa622217
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
60f50eefc8b1f94c18e8556dc4c8f2fa01460ed103d32126c967d7415462acfa
6124a8c9e6ae41be95f7288232a1601bc3e5c4bbc3014ddd3fd365c6c89084e0
62f2796e6b6d08fe158da147e14d704783027bafe912d9d30dd28b3480380a9b
68bc7b014137ae7b4966069a9075ee5389ef177f9429cc62c3720a03a213c6db
6a234b97c3bd98d37ee569b9fc46add2e3c27ed4dabbb01debab4605b595f50e
718b626e82ce895fa295a5a745a7059f03705efdd88ea6ac0ac7f710f231673d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
89302bbdd22b0d071784fec74aeffcda3280a97df987cf0405b6cd275e3c3e27
893e6104db6c2e8c125b3b4c378b7bd01d474b4acfb70e77625cb0ca44759a5a
8a3e2be9d5898b937bbe9f62d1ab53982c1189a91b34ac9c8288b8aefb4b4198
8d642c063fb3a29d1bbf8ef41304fbee1860b8e1326e25e65616de1e7c52da36
9637348dd463e5e5d71e4b2edac6f4a0e7591f32ccbf0538c33edec93ed5c834
97ecac779cdb8c62d3427c656435eaf043133a90de51eb3d0f7577b8ac97ed21
983abcd4e7d3ade963dc24847b9d909aca3cf55bdaf87541bbde5869297e9a26
985a5a116282cd26b25d0382aa66463f7056466fcf8905629dd42827ddabacfd
9bd4ae593e9e92c043538d31f6abcc4466f612652c3baa6e1d2f2af658189ce9
9d0318e1729bfb7e10205975bd71c96fa20c73888915569c52461d2f370d337a
9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a51524228666402ba363eddf0c08a754214c5b1436b62f10f91a4de8347936c6
aa389c22474ba02c9bd8906b62dfac0fb02e477acc8dc016c81894e408bb76c1
bc6972544a52bb0ae0c32e04e328696db4abb4c0f997e8cd3e021ad57822ce45
be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d
d0120afbe63c38539eed856bbef4d49a92c45f78262bb705640d383bcbc0bfe1
d0b09bbc32e2a59c9b9503ce109b1d942b11fb6a7a091951ed3e0dc526db0b5e
d285688f306d08953b8f077f44fd3bccd8d633c136934cff17218ce8a7c28ae3
d552d3145e87e9feacd04d7ef25b603afb9d592b9875cd3d6af46ce95e744ccb
d5a9ed86a86add9f64f3492a3af9993fc7fb5ff850b300c72ca5057ae9f2c18a
d6d0a6d35ad318add07ecd8c452aeae71c8bb3c14e3eb73049a3ff3dd7a1cfd9
d8aa25147308f0089d1412fe71e83d87c04b9145e5a921de626935b21d656a59
dd535b350adf3b3047c1e3b372da31f8418ac14cfb7d1117ea84d9d53dca644b
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec6bfe3ddddbeba2a38b86573d8852a212f6f48b6a36c05323436465f3bace95
ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f44fc673df1581cce8e297b59ef738336d5abc66c0f9c269db42da0cb69afc65
f513193b84d24bd48d3f5a4ecd9846b675ae7185a18655e816cd1c3be2725fbd
fa6e8a424c36f8043275d57ed2842b54eaaab90a19edbf632a7c01147856a12a

jeffhamiltononline.com Open in urlscan Pro 45.33.12.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

64 Requests

89 %HTTPS

17 %IPv6

17 Domains

20 Subdomains

13 IPs

4 Countries

1529 kBTransfer

3119 kBSize

29 Cookies

39 Outgoing links

Page URL History

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jeffhamiltononline.com Open in urlscan Pro
45.33.12.50 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

89 %
HTTPS

17 %
IPv6

17
Domains

20
Subdomains

13
IPs

4
Countries

1529 kB
Transfer

3119 kB
Size

29
Cookies

64 HTTP transactions
4 data transactions