urlscan.io logo urlscan.io
SecurityTrails logo

navinjiwnani.com Open in urlscan Pro
34.69.219.172  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://navinjiwnani.com/
Effective URL: https://navinjiwnani.com/
Submission: On July 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 5 countries across 18 domains to perform 74 HTTP transactions. The main IP is 34.69.219.172, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is navinjiwnani.com.
TLS certificate: Issued by R3 on July 21st 2022. Valid for: 3 months.
This is the only time navinjiwnani.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.69.219.172 396982 (GOOGLE-CL...)
20 2a09:8280:1::1ce 40509 (FLY)
4 18.197.253.20 16509 (AMAZON-02)
21 2a03:2880:f02... 32934 (FACEBOOK)
1 5 54.171.36.61 16509 (AMAZON-02)
1 52.17.148.115 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 34.250.43.187 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 104.198.70.133 15169 (GOOGLE)
2 52.223.40.198 16509 (AMAZON-02)
1 2 142.250.184.198 15169 (GOOGLE)
2 2a04:4e42:4b::84 54113 (FASTLY)
1 108.138.15.119 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
6 2a03:2880:f11... 32934 (FACEBOOK)
2 2.23.8.223 16625 (AKAMAI-AS)
1 1 100.24.249.189 14618 (AMAZON-AES)
1 34.248.96.95 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f01... 32934 (FACEBOOK)
74 20
2    34.69.219.172 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 172.219.69.34.bc.googleusercontent.com
navinjiwnani.com
20    2a09:8280:1::1ce (United States)

ASN40509 (FLY, US)
ephemera.mirus.io
4    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
21    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
5    54.171.36.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-36-61.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.17.148.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-115.eu-west-1.compute.amazonaws.com
statefarmmutualautomobileinsurancecompany.demdex.net
2    15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
smetrics.statefarm.com
1    34.250.43.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-43-187.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.198.70.133 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 133.70.198.104.bc.googleusercontent.com
peachy.prod.mirus.io
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
2    142.250.184.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net
11264551.fls.doubleclick.net
2    2a04:4e42:4b::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
1    108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net
js.adsrvr.org
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
6    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2.23.8.223 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-8-223.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    100.24.249.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com
usermatch.krxd.net
1    34.248.96.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
scontent-frt3-1.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
22 mirus.io
ephemera.mirus.io — Cisco Umbrella Rank: 130832
peachy.prod.mirus.io — Cisco Umbrella Rank: 128764
409 KB
18 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 564
scontent-frt3-1.xx.fbcdn.net — Cisco Umbrella Rank: 12931
235 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
21 KB
6 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
statefarmmutualautomobileinsurancecompany.demdex.net — Cisco Umbrella Rank: 3996
8 KB
4 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
11264551.fls.doubleclick.net — Cisco Umbrella Rank: 103701
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
196 KB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2451
73 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
js.adsrvr.org — Cisco Umbrella Rank: 1293
insight.adsrvr.org — Cisco Umbrella Rank: 616
3 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1248
beacon.krxd.net — Cisco Umbrella Rank: 462
529 B
2 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 773
1 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 745
19 KB
2 statefarm.com
smetrics.statefarm.com — Cisco Umbrella Rank: 39158
2 KB
2 navinjiwnani.com
navinjiwnani.com
42 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 96
494 B
1 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 765
676 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
67 KB
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 324
98 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 810
517 B
74 18
Domain Requested by
20 ephemera.mirus.io navinjiwnani.com
17 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
6 www.facebook.com static.xx.fbcdn.net
5 dpm.demdex.net 1 redirects navinjiwnani.com
4 connect.facebook.net navinjiwnani.com
connect.facebook.net
4 nexus.ensighten.com navinjiwnani.com
nexus.ensighten.com
2 ct.pinterest.com s.pinimg.com
2 s.pinimg.com navinjiwnani.com
s.pinimg.com
2 11264551.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 peachy.prod.mirus.io ephemera.mirus.io
2 cm.g.doubleclick.net 2 redirects
2 smetrics.statefarm.com nexus.ensighten.com
navinjiwnani.com
2 navinjiwnani.com 1 redirects
1 scontent-frt3-1.xx.fbcdn.net www.facebook.com
1 adservice.google.com 11264551.fls.doubleclick.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 insight.adsrvr.org js.adsrvr.org
1 cms.analytics.yahoo.com 1 redirects
1 js.adsrvr.org www.googletagmanager.com
1 match.adsrvr.org
1 www.googletagmanager.com nexus.ensighten.com
1 idsync.rlcdn.com navinjiwnani.com
1 cm.everesttech.net 1 redirects
1 statefarmmutualautomobileinsurancecompany.demdex.net nexus.ensighten.com
74 25
Subject Issuer Validity Valid
navinjiwnani.com
R3		 2022-07-21 -
2022-10-19		 3 months crt.sh
ephemera.mirus.io
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-30 -
2022-07-29		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
smetrics.statefarm.com
Entrust Certification Authority - L1K		 2022-01-25 -
2023-02-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
peachy.prod.mirus.io
R3		 2022-06-19 -
2022-09-17		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://navinjiwnani.com/
Frame ID: BFF5FFC2352C00A2622BFB621C252568
Requests: 42 HTTP requests in this frame

Frame: https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Frame ID: FE31BB5E2529BC7A8465AEF37990DB57
Requests: 6 HTTP requests in this frame

Frame: https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F
Frame ID: DA76CA4E98B8A64C9DBB90A83741B9D7
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b626b665e6d%2526domain%253Dnavinjiwnani.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fnavinjiwnani.com%25252Ff2e64f1098ed5e8%2526relation%253Dparent.parent%26container_width%3D312%26height%3D698%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F114891045204615%26lazy%3Dtrue%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D624
Frame ID: 99FC7065822C7AD5C63DB4FF5BBF6B60
Requests: 22 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fnavinjiwnani.com%2F&upid=t8xbszz&upv=1.1.0
Frame ID: 6ECB0EF9D079A6321256750B6128F5A1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 1F9F64D8B3AC9BBDEEFC82CDB1AEA7F4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

NJ Auto & Home Insurance Agent Navin Jiwnani - State Farm®

Page URL History Show full URLs

  1. http://navinjiwnani.com/ HTTP 301
    https://navinjiwnani.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /alpine(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

74
Requests

93 %
HTTPS

30 %
IPv6

18
Domains

25
Subdomains

20
IPs

5
Countries

1076 kB
Transfer

3073 kB
Size

27
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://navinjiwnani.com/ HTTP 301
    https://navinjiwnani.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643
Request Chain 22
  • https://cm.everesttech.net/cm/dd?d_uuid=65995994957017416270900498682513214890 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtpSYgAAAGJIhgN-
Request Chain 25
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU5OTU5OTQ5NTcwMTc0MTYyNzA5MDA0OTg2ODI1MTMyMTQ4OTA= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjU5OTU5OTQ5NTcwMTc0MTYyNzA5MDA0OTg2ODI1MTMyMTQ4OTA=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZHyRAu0ZOHW_5WaZIV2Wc&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 32
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F HTTP 302
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F
Request Chain 36
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65995994957017416270900498682513214890&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J1vpSsVE2pFieaLnRUv72w8EnCDc9QIL0Dc-~A
Request Chain 44
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=65995994957017416270900498682513214890 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65995994957017416270900498682513214890

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
navinjiwnani.com/
Redirect Chain
  • http://navinjiwnani.com/
  • https://navinjiwnani.com/
226 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.69.219.172 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
172.219.69.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a869d909901d8f0380381e32d671637451c6d3e612a0c24c96537d97d2ae783f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
no-cache, max-age=30
content-encoding
gzip
content-length
41818
content-type
text/html
date
Fri, 22 Jul 2022 07:31:46 GMT
etag
"96eb8972d4cf72fdca19680a5c795056"
expires
Fri, 22 Jul 2022 07:32:16 GMT
last-modified
Thu, 21 Jul 2022 14:44:45 GMT
server
UploadServer
vary
Accept-Encoding
x-cheesecrd-backend
mx-gcs
x-cheesecrd-lookup
master:navinjiwnani.com/
x-cheesecrd-path
/
x-goog-generation
1658414685025495
x-goog-hash
crc32c=Y1gH3w== md5=luuJctTPcv3KGWgKXHlQVg==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
41818
x-guploader-uploadid
ADPycduEngNS6DsUZsHGMYsKZYcZOqESsfuXvm3dO4nxHuhLlezyOGg8Wczgl2aKTs_LqaFnI9W7971dTduJR3dQOCoe1Q

Redirect headers

content-length
0
location
https://navinjiwnani.com/
resize
ephemera.mirus.io/img/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_100_anniversary_white_banner.png
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
b3566127c3d4ba5c8edb66d1f205ca8e693c9d1bcfcedeb3e9516ade48b8bb74
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
12994
x-frontend
2da877cc
fly-request-id
01G8JD3MAWPKXWFQ55A3PKH7FJ-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=1200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fbanners%2Fmx-pre-approved%2Fm1_100_anniversary_white_banner.png
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Tue, 26 Jul 2022 17:05:54 GMT
Bootstrap.js
nexus.ensighten.com/statefarm/mirus/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
71d222ad7ccca1eb6696fbb3217c4dc5ac2312d18f790419f3f135d48cb9ea20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 19:42:00 GMT
server
nginx
etag
W/"62d9ac08-12e7a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8492b9587255140c8017e04db982f24070af9fcc0ffdbe39a71860b8dc9ea8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
uXzgQAbxdQuM7TPxbtaDnA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Fri, 22 Jul 2022 07:37:08 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
lTIUjZiRNEm5Ub0NZd1sCEGGvAxXJc8mB8WthAl8fXCvfJj6zF6C6nZvGga66Ei5Z1CslLNPwehkD4aABSHhhA==
x-fb-trip-id
917726464
x-fb-content-md5
f7e7b7e75ee6fc43325d922e7be3a2ee
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Jul 2022 07:31:46 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1d5d2298ebe73e3a23e4aa8e1350c48a"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
resize
ephemera.mirus.io/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FL%2FLKCHH1YS000%2FformalColorFull.jpg
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
f280c2e0400e5c8fe77ed55191fe669aba1d578f326abc96ada4e27477371f1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
3994
x-frontend
2da877cc
fly-request-id
01G8JD3MAXX5SG3MWYK6CS3NY4-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fac1.st8fm.com%2Fassociate-photos%2FL%2FLKCHH1YS000%2FformalColorFull.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Sun, 24 Jul 2022 20:36:10 GMT
SourceSansPro-Regular.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/SourceSansPro-Regular.woff2
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
etag
"b0be5ec231f9b109606178d44be74465"
x-amz-request-id
AMNF5XBEVJKZF3D6
x-cache-status
HIT
x-region
ewr
content-length
75808
x-amz-id-2
FTnMM1XtwGvnE8nrDVmef6CT9xk4+jWySb6GNyU9kNxkwAdR5WfAeyarY8jiJfqpiEG2cTToSb0=
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:44:54 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/SourceSansPro-Regular.woff2
fly-request-id
01G8JD3MAX8VSR0D5EMP355MR4-fra
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:44:52 GMT
SFNewsGothic-Demi.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Demi.woff2
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
0dfb985f6b6146ddab3e847662417bda2b1bbfc34dde90ab6c103c8dcd463aa8

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
etag
"9f8a983563d10b0b37c4fd6ca8076ea7"
x-amz-request-id
AMN3RCY91VMD95YB
x-cache-status
HIT
x-region
ewr
content-length
21392
x-amz-id-2
Fc/PTkdFZwZdBvMp6c3csY0G6JrV9u4+EccFbTnqBYdhikofrWd9DVnTp1WB+IEeNMSE97AAwyo=
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:44:58 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Demi.woff2
fly-request-id
01G8JD3MAXQ87HPF7B212EQNWT-fra
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:44:57 GMT
truncated
/ 		191 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
SFNewsGothic-Bold.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Bold.woff2
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
10ba3b28c4bfd9174681be402bcec41e066c703eba2a6863677a2ecb0e611790

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
etag
"5230968d5ba9bb578811d01f0280eb3b"
x-amz-request-id
4JE7NHP3RS4MB09Z
x-cache-status
HIT
x-region
ewr
content-length
21248
x-amz-id-2
Ttj28jIivZrEfQBLTUvJ1H+xKijicIwEk5ersx1ZQHBfgHJ/T/Ke57rsAf4c3rrdCSvJsqtArew=
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:44:58 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Bold.woff2
fly-request-id
01G8JD3MAXJJD0KJBSG50SSP0G-fra
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:44:56 GMT
SFNewsGothic-Med.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Med.woff2
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
c5214dd887107e25fdcd62ea41cd7423896b1c67aa5de9a88785cbe67efd17a2

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
etag
"6048d8c46b4918bb517ef43c2d4ff08f"
x-amz-request-id
1B8PTXEPX0MZBT47
x-cache-status
HIT
x-region
ewr
content-length
21372
x-amz-id-2
2rQik+mDdzH7NNasJIxcoJkRMR8QcDaZzvCZEGL62ojHFelHDt+i9SFgEdbkXq2tIaI0Lwe55z8=
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:44:58 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Med.woff2
fly-request-id
01G8JD3MAX08Z8JXARJ0FBXNTW-fra
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:44:57 GMT
sdk.js
connect.facebook.net/en_US/ 		294 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2815e296e6f20f813f1d168700cc6b63
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16d9281956c8dc2b1c34381954edc509a26d95c6db37312f3cdfe2160ed9115e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XXXI6sjDs1cFgrnHzrbtpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sat, 22 Jul 2023 05:00:20 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85964
x-fb-rlafr
0
x-fb-debug
OOH55WYTXB7Tfl1qdaGzzEg80SEnHMGpF+lU9/U2JkEvM+rux/+76Y6czaeOUcHzCJFJoXew1RVZdBjNLpXqIw==
x-fb-trip-id
917726464
x-fb-content-md5
654ff4f35a287c113cb079f45b71c31f
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 22 Jul 2022 07:31:46 GMT
x-frame-options
DENY
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c5b5430679459293f703e0e7f3999888"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643
  • https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643
1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
HTTP/1.1
Server
54.171.36.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d2ef979615227521cbbdee99ef1d4cf11c68728a5d6459fd1759a47186988fc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-0a61bcd65.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
asDEggK5TmY=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://navinjiwnani.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
628
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v037-0e6597c91.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://navinjiwnani.com
X-TID
ic+eCI/kRac=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=3.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&d_nsid=0&ts=1658475106643
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
serverComponent.php
nexus.ensighten.com/statefarm/mirus/ 		384 B
526 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/statefarm/mirus/code/&publishedOn=Thu%20Jul%2021%2019:41:59%20GMT%202022&ClientID=603&PageID=https%3A%2F%2Fnavinjiwnani.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c36ea63a0c77cc81ee3e4ff639f0cc26b7475bd97f733f9e2d5359e65d0cd8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
384
expires
Fri, 22 Jul 2022 07:31:45 GMT
6317514352c9b37ae736640d147028c9.js
nexus.ensighten.com/statefarm/mirus/code/ 		161 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/6317514352c9b37ae736640d147028c9.js?conditionId0=423109
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8ff1a16df84eb3515da0955311515589bfbda59cf69076a2cb87ed8ae0cb2177

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
last-modified
Thu, 21 Jul 2022 19:42:00 GMT
server
nginx
etag
W/"62d9ac08-282d2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
37a6eb7558cd7caddabc4d41df02ff83.js
nexus.ensighten.com/statefarm/mirus/code/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/statefarm/mirus/code/37a6eb7558cd7caddabc4d41df02ff83.js?conditionId0=1539709
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 21:38:00 GMT
server
nginx
etag
W/"6255f138-ddd"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
quoteForm.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/ 		98 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/quoteForm.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
5a7ab12a55d776ac72436ad1a67f0e9476e61258ac2b437f4ff392f8759c741c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
etag
"867b253cdbb7bfaa54cbbe2aaa2c0bdb"
x-amz-request-id
9Y5CHHKRKDP51BZP
x-cache-status
HIT
x-region
ewr
x-amz-id-2
HVv70Qb9wUPN7rJuzosucTXu43ADyGl8tel8CATxIbluRWl/oKkBaUc5QpZXWiMVGMMHPQAa4N0=
access-control-allow-origin
*
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:45:01 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/quoteForm.js
fly-request-id
01G8JD3MC442059P51QFB3QDXZ-fra
content-type
application/javascript
via
2 fly.io
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:45:00 GMT
scrollToElement.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/ 		289 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/scrollToElement.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
bc9a63b3e86121f1fbe5fcf828c4668555e849af8d6434e72679c224015b33c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
etag
"33eecf1515bd28dd9266412ca819d8a1"
x-amz-request-id
E4SF1XWKPDQDQHW7
x-cache-status
HIT
x-region
ewr
x-amz-id-2
+LyCKufIovWdtR5BtbzGJzEbd/UZ620jLRaOrJwWXUu10N5j+8mMuDJbwV0oyDeHhUdFpXbPWs8=
access-control-allow-origin
*
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:45:01 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/scrollToElement.js
fly-request-id
01G8JD3MC4F40AA0HA8ZNKHBT4-fra
content-type
application/javascript
via
2 fly.io
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:45:00 GMT
contactForm.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/ 		251 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/contactForm.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
1f5ce9bff943849052fa2dffbef97e77286d7585a4aa08e10cffdac3934627b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
etag
"332c42b2b7fe3d4ee425e7bf66e6a186"
x-amz-request-id
RMV0FSKR5Y9EMTMR
x-cache-status
HIT
x-region
ewr
x-amz-id-2
W+3FtI+v1jjrvR5k5cJ0JB6JkNn93vPr9AoR/iMzPIDe/fmTwHhfs6sC4BrMg/uJNJuHnUYxJEk=
access-control-allow-origin
*
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:45:01 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/contactForm.js
fly-request-id
01G8JD3MC5NMXMPGNFMASMRP0K-fra
content-type
application/javascript
via
2 fly.io
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:45:00 GMT
alpine.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/ 		39 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/alpine.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
eb8a9ca522729cb910e519d266cf5b0e69b0428d2d2d04a17c46444203241d30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
etag
"eafd1923c6fa898ad3e8fd380e26668c"
x-amz-request-id
SGVZNQZFFEYW67A2
x-cache-status
HIT
x-region
ewr
x-amz-id-2
pkJOwcRJAFyKquafDdfc38Zas0akSBrzF8jcjqaHbcAcSYheUSN88TgV3SiwfdhXSsmwk2VLYJI=
access-control-allow-origin
*
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:45:01 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/alpine.js
fly-request-id
01G8JD3MC5CGS0C3Z6A6AYFZJG-fra
content-type
application/javascript
via
2 fly.io
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:45:00 GMT
utils.js
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/utils.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
content-encoding
gzip
etag
"bbde491116a2cc79bbe35118dc511709"
x-amz-request-id
K6WJNXK86X19KSEA
x-cache-status
HIT
x-region
ewr
x-amz-id-2
RmkHYM6IMKd/vfETTBVHdN0RcYqz8AJ777Pim1+jnvg6X6Ct0dMXmxwHV43zugsuz3Ta30Y8tgc=
access-control-allow-origin
*
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:45:01 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/utils.js
fly-request-id
01G8JD3MC6CSRJZAACJSM8ZV4N-fra
content-type
application/javascript
via
2 fly.io
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:45:00 GMT
SFNewsGothic-Reg.woff2
ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Reg.woff2
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
a367eee80040b3d4ecf47cda08b1c460d0676c2c06ede98a33119235a3363db4

Request headers

Referer
https://navinjiwnani.com/
Origin
https://navinjiwnani.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:46 GMT
via
2 fly.io
etag
"0ae0e16d4e546114b19534e8b5190b9f"
x-amz-request-id
3H96VR9Z8AP58X3G
x-cache-status
HIT
x-region
ewr
content-length
21256
x-amz-id-2
Ecxt0rwq+kqBPeY4DnBtqYXXAuvoJ03b0QgJyW1TM7iVE2B1C6G0A9h32q6nvszj3FyWSj/UFnM=
x-frontend
2da877cc
last-modified
Mon, 18 Jul 2022 18:44:58 GMT
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/fonts/sf/SFNewsGothic-Reg.woff2
fly-request-id
01G8JD3MCG5E66PSH34EVF8DKV-fra
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-instance
2da877cc
accept-ranges
bytes
x-git-sha
8eea3813
expires
Tue, 18 Jul 2023 18:44:57 GMT
dest5.html
statefarmmutualautomobileinsurancecompany.demdex.net/ Frame FE31 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://statefarmmutualautomobileinsurancecompany.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.148.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-148-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://navinjiwnani.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v037-0cd612d85.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3pjMpxvKRVg=
content-encoding
gzip
date
Fri, 22 Jul 2022 07:31:46 GMT
last-modified
Thu, 21 Jul 2022 19:44:14 GMT
transfer-encoding
chunked
vary
accept-encoding
id
smetrics.statefarm.com/ 		48 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/id?d_visid_ver=3.1.0&d_fieldgroup=A&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&mid=57856489358022113030550436463248246390&ts=1658475106834
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
2aa78ab453422386e9215ce0bba583ffc397bbf0cc30ce1fa20a73a7bc90e75b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://navinjiwnani.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-2dkrw
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://navinjiwnani.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
content-length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YtpSYgAAAGJIhgN-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=65995994957017416270900498682513214890
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtpSYgAAAGJIhgN-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtpSYgAAAGJIhgN-
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
HTTP/1.1
Server
54.171.36.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0e6597c91.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
OTjv43KfQu0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YtpSYgAAAGJIhgN-
Date
Fri, 22 Jul 2022 07:31:46 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
365868.gif
idsync.rlcdn.com/ Frame FE31 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=65995994957017416270900498682513214890
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
s25616182635936
smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smetrics.statefarm.com/b/ss/sfglobalprod/10/JS-2.1.0/s25616182635936?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=22%2F6%2F2022%207%3A31%3A47%205%200&d.&nsid=0&jsonv=1&.d&D=..&mid=57856489358022113030550436463248246390&aamlh=6&ce=UTF-8&pageName=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000&g=https%3A%2F%2Fnavinjiwnani.com%2F&ch=sf%3Aus%3Aagent-micro-s&server=navinjiwnani.com&events=event44%2Cevent31&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=sf%3Aagent-micro-s%3Alkchh1ys000&h1=home%7Cagent-micro-s%7Clkchh1ys000&c4=sf%3Aagent-micro-s%3Alkchh1ys000&v6=navinjiwnani.com&v9=..pageName&v11=..c5&c16=https%3A%2F%2Fnavinjiwnani.com%2F&v26=%2B1&v32=direct%20load&v37=%2B1&c38=en&v38=friday%7C2%3A30am&v50=7%2F22%2F2022&v52=..c16&v53=direct%20load&v54=n%2Fa&v55=direct%20load&v62=mozilla%2F5.0%20%28windows%20nt%2010.0%3B%20win64%3B%20x64%29%20applewebkit%2F537.36%20%28khtml%2C%20like%20gecko%29%20chrome%2F103.0.5060.134%20safari%2F537.36&c70=en&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=AAD53BC75245B4BA0A490D4D%40AdobeOrg&AQE=1
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
2208cd6917e14055f41a81304c0baf2f90a250ece9a188343c7539ac50e385cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-aam-tid
4qFbiT7+QzM=
date
Fri, 22 Jul 2022 07:31:47 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
1078
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v037-0607d3ca1.edge-irl1.demdex.com 5 ms
pragma
no-cache
last-modified
Sat, 23 Jul 2022 07:31:47 GMT
server
jag
xserver
anedge-69c8d8cc76-swckv
etag
3561548173990199296-4619744223483557919
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Thu, 21 Jul 2022 07:31:47 GMT
ibs:dpid=771&dpuuid=CAESEIZHyRAu0ZOHW_5WaZIV2Wc&google_cver=1
dpm.demdex.net/ Frame FE31
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU5OTU5OTQ5NTcwMTc0MTYyNzA5MDA0OTg2ODI1MTMyMTQ4OTA=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjU5OTU5OTQ5NTcwMTc0MTYyNzA5MDA0OTg2ODI1MTMyMTQ4OTA=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZHyRAu0ZOHW_5WaZIV2Wc&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZHyRAu0ZOHW_5WaZIV2Wc&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
54.171.36.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-00020a345.edge-irl1.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ON637+a9Tnc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 22 Jul 2022 07:31:47 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEIZHyRAu0ZOHW_5WaZIV2Wc&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		378 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/statefarm/mirus/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d686ed6bb20d22afeac976780f9e60e3eabd3c684b277c45eb61d276c0b1149f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67858
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 22 Jul 2022 07:31:47 GMT
resize
ephemera.mirus.io/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fna%2Fnavinjiwnani.com%2Fnavinjiwnani.com-sidebar-md-e050f4a783ecf319b48eaef15cc28c7b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
446b9ce76804d344b589eceb79f018ddffdcb76e31b8ec6a797b324e57a24b1c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
4968
x-frontend
2da877cc
fly-request-id
01G8JD3MW17BD1N8X5N108NY0R-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=200&type=auto&url=https%3A%2F%2Fstorage.googleapis.com%2Fstatic.mirus.io%2Fimages%2Fmaps%2Fna%2Fnavinjiwnani.com%2Fnavinjiwnani.com-sidebar-md-e050f4a783ecf319b48eaef15cc28c7b.png
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Thu, 21 Jul 2022 05:13:59 GMT
resize
ephemera.mirus.io/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F284-cash-out-401k-wide.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
1457dc652a8fc92e5d20eee57d1a58fdad46be32ad237f6c8c241fb24d7302ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
19190
x-frontend
2da877cc
fly-request-id
01G8JD3MW1D45VWQRDW31733FD-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2F284-cash-out-401k-wide.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Wed, 27 Jul 2022 23:25:05 GMT
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ 		80 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Requested by
Host: ephemera.mirus.io
URL: https://ephemera.mirus.io/cache/s3.us-east-2.amazonaws.com/tintype.io/assets/mx-static/master/461f9f640ca20fffd4cd7baf65b842554cf73835/js/quoteForm.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
d1ed1da8f560dcb276f876741cf393ad88f27d71973f826237ef70d4a6ff0d07
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Referer
https://navinjiwnani.com/
keen-sdk
javascript-5.0.1
accept-language
de-DE,de;q=0.9
Authorization
WK
Content-Type
application/json

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
vary
origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://navinjiwnani.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
content-length
80
pageviews
peachy.prod.mirus.io/record/3.0/projects/PID/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://peachy.prod.mirus.io/record/3.0/projects/PID/events/pageviews
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.198.70.133 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
133.70.198.104.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,keen-sdk
Access-Control-Request-Method
POST
Origin
https://navinjiwnani.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Accept,Authorization,Content-Type,If-None-Match,origin,referer,user-agent,x-requested-with,keen-sdk,accept-language
access-control-allow-methods
POST
access-control-allow-origin
https://navinjiwnani.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
access-control-max-age
86400
cache-control
no-cache
date
Fri, 22 Jul 2022 07:31:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
generic
match.adsrvr.org/track/cmf/ Frame FE31 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 07:31:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2...
11264551.fls.doubleclick.net/ Frame DA76
Redirect Chain
  • https://11264551.fls.doubleclick.net/activityi;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3...
  • https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-m...
436 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f6.1e100.net
Software
cafe /
Resource Hash
ceb72b65e7ed6ab1e463e8841a298d3217ec9b0abb148670b16849d11b3d820e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Jul 2022 07:31:47 GMT
expires
Fri, 22 Jul 2022 07:31:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 22 Jul 2022 07:31:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
fastly-restarts
1
x-cdn
fastly
etag
"c4a0eea377c5e0da574e46f4d6e838e5"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
fbevents.js
connect.facebook.net/en_US/ 		98 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: navinjiwnani.com
URL: https://navinjiwnani.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26001
x-xss-protection
0
pragma
public
x-fb-debug
h3wdKlC2ChPIhkrKhGsxjnPLc2SEUlWbEIQnBtkiHxWLcKOiR3sYdCsCkTosTwHE9PNnBxRWcZ/1y6unmAphEg==
x-frame-options
DENY
date
Fri, 22 Jul 2022 07:31:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
up_loader.1.1.0.js
js.adsrvr.org/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLWQWQT&l=GTMdataLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-15-119.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Fri, 22 Jul 2022 03:12:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
15582
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 da749f044be44d389a30372d73356c4e.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
eIRFPl41y3gASxKZGzrJNqsZDEPr2Cldifmev6SgNErCYxLuXb9PaA==
ibs:dpid=30646
dpm.demdex.net/ Frame FE31
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=65995994957017416270900498682513214890&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J1vpSsVE2pFieaLnRUv72w8EnCDc9QIL0Dc-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J1vpSsVE2pFieaLnRUv72w8EnCDc9QIL0Dc-~A
Protocol
HTTP/1.1
Server
54.171.36.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-36-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-068401fd5.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CUdsYLY6Q10=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
http/1.1 spdc0105.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-J1vpSsVE2pFieaLnRUv72w8EnCDc9QIL0Dc-~A
content-length
0
page.php
www.facebook.com/v14.0/plugins/ Frame 99FC 		52 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7451ea98c8a91582439c353e9b9dd7bb147bae2256df586df025889db3490967
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://navinjiwnani.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 22 Jul 2022 07:31:47 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v14.0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
xVd4GPgrT67nuADfnsoyHluyYqBIN1EhgndlPTEZIyS4B/dSHdXgchhajwWts/SWhli/OOhkI4OEo39+Mwc9jw==
x-fb-rlafr
0
x-xss-protection
0
1936962093151750
connect.facebook.net/signals/config/ 		292 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1936962093151750?v=2.9.65&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
733f006da763151a1f566721caf177a428a31e689c2c439ff031b3aad8ec4c7d
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
nlHkmqBfNhtIXQUUG5RMP6Dx/1nlWacJD5KkzkFjlZMIHrn+ZEShMVzUY5CLBd0SKX0Ko3ZY8RJMDYrj/6BS0A==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 22 Jul 2022 07:31:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1658475107410
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
up
insight.adsrvr.org/track/ Frame 6ECB 		0
181 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insight.adsrvr.org/track/up?adv=3davbp4&ref=https%3A%2F%2Fnavinjiwnani.com%2F&upid=t8xbszz&upv=1.1.0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://navinjiwnani.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-type
text/html
date
Fri, 22 Jul 2022 07:31:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
resize
ephemera.mirus.io/img/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fboating-emergencies-8-safety-tips-wide.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
b9f6248903e1ca432a13af94140f50af2ce2fd4a7d81d66967e5aef74e1e49fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
16528
x-frontend
2da877cc
fly-request-id
01G8JD3N17HRBSE9TESSWHSP4E-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2Fboating-emergencies-8-safety-tips-wide.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Wed, 27 Jul 2022 21:11:54 GMT
main.32155010.js
s.pinimg.com/ct/lib/ 		52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.32155010.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:4b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"fd86de14455274a7c147dc95b77e18e3"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18298
access-control-expose-headers
X-CDN
/
ct.pinterest.com/user/ 		488 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1658475107436
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.32155010.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.8.223 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.9e6ed417.1658475107.60eaf87
x-envoy-upstream-service-time
3
x-pinterest-rid
1374799257251674
pin-unauth
dWlkPU1qWXdaak5sT1RFdE5qYzNOQzAwTkRaa0xXSmpNakV0WldSallXWXpaakF6TmpFNA
access-control-allow-origin
https://navinjiwnani.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
350
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2620625450098&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fnavinjiwnani.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2232155010%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1658475107438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.8.223 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-8-223.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 07:31:47 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.9e6ed417.1658475107.60eaf93
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
3
content-length
35
x-pinterest-rid
1828022105861409
expires
Sat, 01 Jan 2000 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame FE31
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=65995994957017416270900498682513214890
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65995994957017416270900498682513214890
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65995994957017416270900498682513214890
Protocol
H2
Server
34.248.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-96-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://statefarmmutualautomobileinsurancecompany.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
cache-control
private, no-cache, no-store
x-request-time
D=45 t=1658475107
x-served-by
beacon-n021-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=65995994957017416270900498682513214890
date
Fri, 22 Jul 2022 07:31:47 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1936962093151750&ev=PageView&dl=https%3A%2F%2Fnavinjiwnani.com%2F&rl=&if=false&ts=1658475107455&sw=1600&sh=1200&v=2.9.65&r=stable&ec=0&o=30&fbp=fb.1.1658475107454.1028653189&it=1658475107345&coo=false&exp=u0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 22 Jul 2022 07:31:47 GMT
dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=*;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F
adservice.google.com/ddm/fls/z/ Frame DA76 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=*;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F
Requested by
Host: 11264551.fls.doubleclick.net
URL: https://11264551.fls.doubleclick.net/activityi;dc_pre=COPSkp39i_kCFUyS7QodueYO8Q;src=11264551;type=micro0;cat=micro002;ord=5901987062661;gtm=2wg7k0;auiddc=1536773676.1658475107;u9=sf%3Aus%3Aagent-micro-s%3Alkchh1ys000;~oref=https%3A%2F%2Fnavinjiwnani.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://11264551.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jul 2022 07:31:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
resize
ephemera.mirus.io/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2FNextDoor-Entrepreneur-Toolbox-Build-The-Right-Brand--wide.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
cbb4142e7f5d3acd7b472c70d1263d11065de067c83cb093d8566cdd494a9b19
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
4834
x-frontend
2da877cc
fly-request-id
01G8JD3N5BEQT90YNTXVSF096N-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fstatic1.st8fm.com%2Fen_US%2Fimg%2Fsi%2F750%2FNextDoor-Entrepreneur-Toolbox-Build-The-Right-Brand--wide.png
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Thu, 28 Jul 2022 00:19:41 GMT
yHDIJGpqscR.css
static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/ Frame 99FC 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/yHDIJGpqscR.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6b115af23626e8930726e27173a2de5f1908671c7af99e979beeab6ad509b510
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
IM/8o5bUDFtAmsFJFEHUqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5217
x-fb-rlafr
0
x-fb-debug
rihzEPSIIA2CTKhI5WRBnzU3cYhpQQoFudSFsZO4CIWOGgoEP6x10W7KdwsBn5X/HXoEwKaISnKxeQBZ7Y8CUg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 21 Jul 2023 20:24:58 GMT
FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 99FC 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XpWPuiqLnlvq4xkatdITVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
831
x-fb-rlafr
0
x-fb-debug
s3feCF7WMQ7rZAvgppAomPOVQHa6PGIzzkYiUo1dAYR1k+OYl/0c6srw+f6nVZkVQLWZzFLB8aF2fFaKJ5Yc8A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 20 Jul 2023 04:48:02 GMT
ch48lnIyOHK.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 99FC 		320 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nk52hgdMly+fHVkTyznJPg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
88116
x-fb-rlafr
0
x-fb-debug
A6x22cMb2AXZhN2P+AD6ZEFiMANCrZwOXAJgMF/t9lXGqniWV4fOnrCnrFTru1dg276tMiErtXUaJiuIMRQ+pQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 22 Jul 2023 00:13:44 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 99FC 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
Rd6RTkrLHQvCnoc+43nf+rumFltucWTjsH/X88fOg5kLPbHjoQ7pxgt7FvdheKCmHQcP2kmt9V0fnKsTr6we0Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 13 Jul 2023 20:10:45 GMT
lRP76Ynw0lR.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 99FC 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/lRP76Ynw0lR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
gGCr/wNTBczQB/gXHhl0Fg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12174
x-fb-rlafr
0
x-fb-debug
6dJJzJk8WawsXDpNuqRpcLK3XPedqxaoGK2zK1gYE8dl9wfhDITi7pOdrOz5Mksq4iD979MDW1VrI2e2XFsdIw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Jul 2023 14:49:16 GMT
TGEH2rSHUPH.js
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 99FC 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/TGEH2rSHUPH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NzYsclW6SE+LKLuYhprflQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
16330
x-fb-rlafr
0
x-fb-debug
x/jLFMFQwR3IDYak8TCPtFzjWDIVxcr9JTYhfATAgLKbhIZVXnQ52Y2CxxhL5WU2U+/ZHLTquLdkU8Cc1Al78Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 21 Jul 2023 01:43:53 GMT
Dj4EN0IHYBD.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 99FC 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/Dj4EN0IHYBD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
26711b788cc41eb126a54d8d4f57116ac9a5a6c1e0bd89b4447db308d023ece3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KEmgNDMg7LA2tkI+uyStUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8430
x-fb-rlafr
0
x-fb-debug
n6u/EVXsh6cnh4IBfelk+LAOyPCZB71wTjVMxbOVw3aYDCuLgI69C0GD6Oa7vc2axlqozAujPsYoqGmrqeDD7A==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 21 Jul 2023 19:51:00 GMT
0nXZfOgP9X1.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame 99FC 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/0nXZfOgP9X1.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2322498b4c15c8fa2583255ee24318ed39a56af26c9e0e6a0c3675da1e81809d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
v7UyX22AR50Q2gx3tw9f7g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
8514
x-fb-rlafr
0
x-fb-debug
4n/79y8f1ZNwDp3SAvh3mZLh4ucCbILv3v3PPF1JV+gq/IboVgXkkMSb0A21GX5Eo4gkqhkKYqmiCcYt9cuFTg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 20 Jul 2023 20:00:49 GMT
t7OEKLvC0E_.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 99FC 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/t7OEKLvC0E_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e91a3690e1ab1841fe8d3ba3eb631f39301f148b02eb5108dfb0e97f05d08e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AF5Iu94WnWoB6d3W56Zp+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5828
x-fb-rlafr
0
x-fb-debug
61QDCybzd7twESxMbeGOYPZfnutePxu+3OeTONQW7XnVycImfQH8P4Z+uSJsTPrdm1YHRyCnQ0N9r++Je+2OpQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 21 Jul 2023 23:26:41 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 99FC 		588 B
530 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
dvWT6EJnf3PNCgYjKHSyww==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
338
x-fb-rlafr
0
x-fb-debug
gjr/a5bPEgYnLL6tPbZcJussUkAQoVcipZzTdoC6xltJiAphXSfZF8qOa3uN4n7H+rj9oJe9uio+ojvpE6V7wA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Jul 2023 14:56:39 GMT
PqdUGIK6vw7.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yd/l/en_US/ Frame 99FC 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yd/l/en_US/PqdUGIK6vw7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44fe3c928a3046415e4d420877c728ab13598e78c3e0e0b2fe14a1e0c942d7ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Ee1djyCnSVL0w9OMhI0aHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7084
x-fb-rlafr
0
x-fb-debug
peL0ukPtT1fE3PXN8jdsMUAW3l7WnEBSMtEqc8Zt+qktFVjwnsXwrSlj/5k6WAP4epLZsCY8E1mmRCw0vYAWEQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Tue, 18 Jul 2023 23:29:26 GMT
wk5AXVM50W-.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/ Frame 99FC 		80 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/wk5AXVM50W-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c82a0d470a60fe512db7c41f9c7a0a0907c3d14cef685ba961e9ab9030264496
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
GwkHvby8fQn5zs9z88VsmQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22397
x-fb-rlafr
0
x-fb-debug
+nqEnYKzOA7xTkEbvSNnmMIKMt1zNnaJibwsiWryt/2U4tce7HbeqUZ1Ec9BlV5p6cb7eVnrx03b6rGZeeWjhg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 15 Jul 2023 14:51:28 GMT
SZAjJITSQnM.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 99FC 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/SZAjJITSQnM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
57bad8607901d7cc20260262a8063a7b88d2b61cab3e6850f73b52cd1c716ab9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
BI1R/ngtQikShgzcetofPw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7199
x-fb-rlafr
0
x-fb-debug
k6RcRI1P6UFy0sxcrezVfFtjI5uH1D5avyykWDlO/InLsalK6rQ39r2uUnJX4I3IbVirNoW0GN9V3Xtq1gp/sA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 13 Jul 2023 19:01:40 GMT
277569407_375020911302273_4501435993400576654_n.jpg
scontent-frt3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 99FC 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-frt3-1.xx.fbcdn.net/v/t39.30808-1/277569407_375020911302273_4501435993400576654_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=108&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=_RRZkqxX2MwAX8kf1ti&_nc_ht=scontent-frt3-1.xx&edm=AGeEj18EAAAA&oh=00_AT-OUcP1MmQ55Pffx70Fre13_TPXGWR3qibEJR0lkavpOA&oe=62DFDA98
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d406a99a04ef01f9368e464b3cdde1bab925f95b917e767f700abe023ba2f9a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-haystack-needlechecksum
361658145
date
Fri, 22 Jul 2022 07:31:47 GMT
x-fb-trip-id
686109401
last-modified
Sat, 09 Apr 2022 03:24:07 GMT
x-content-cdn-origin-ts
1658475107826
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=3973364572
cache-control
max-age=1209600, no-transform
x-fb-edge-debug
ES5LnrX-gECF9vgINIZTE_1wwF2--2_SUyQcRmkttF3M6r-i8Vv7CHJa3bt5PPnXxFOcz43y-C2mSAUbvi0DXA
cross-origin-resource-policy
cross-origin
x-needle-checksum
3825929252
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1445
odN6yT5qyq_.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 99FC 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/odN6yT5qyq_.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/yHDIJGpqscR.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/yHDIJGpqscR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
x-content-type-options
nosniff
content-md5
jWtlBZOXpZs9LMNqqzeJoA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1341
x-fb-rlafr
0
x-fb-debug
TR6W2aveqWTbTNaLw5mINKY7gbXGNplTUS8y2wKqOg71oS4NLju8jrL4hI4BZbAP7/FVolK2nx9Vmx+FVNHjZQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 18 Jul 2023 16:22:27 GMT
7L35_MF7fZF.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 99FC 		153 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/7L35_MF7fZF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cff54e347bb6348dfc53d57f4152ed514a8ec5e3265063c2f7b5e446d678f6a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
whDrprWuwu8/VuYohXIMRg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
46073
x-fb-rlafr
0
x-fb-debug
Cy9ISHl04wqNdmqndkxRJ1nifwQDmzy/fKZD9j6Id/yGfjXQKtx/JrRc1XdtSVmodIMZsULF74MSM6xJ+xfE8Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 21 Jul 2023 18:09:39 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 99FC 		1 KB
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2F114891045204615%22%2C%22width%22%3A312%2C%22height%22%3A698%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Atrue%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Afalse%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Atrue%2C%22referer_uri%22%3A%22https%3A%2F%2Fnavinjiwnani.com%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7wKxa13wt8K2WmhwRwqo98nwgU6C7UW3q320-E7W0TUhwem0nCq1ewcG0KE33wooa81Vrzo5-0me0sy0SU2swdq0Ho2ewnE3fw6iw4vwbS1Lw&__csr=&__req=1&__hs=19195.BP%3Aplugin_default_pkg.2.0.0.0.0&dpr=1&__ccg=EXCELLENT&__rev=1005892599&__s=%3A%3Atiwsll&__hsi=7123096346453660712&__comet_req=0&locale=en_US&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/wk5AXVM50W-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7909e8515567115d594a2dae28fb5004e1302301bb4087b4b8a34ecdcd78ab83
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
bdcip4ERGWUDBtid79NJf6
Referer
https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
2OJlaIM22oExvdORkGtTSZZ6JbJ7+lsqlk/3UGKhJIcRVUsYbBcC4copvBYEn5APL5hRGSG4AywGepCdxn1Kpg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 22 Jul 2022 07:31:47 GMT
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 99FC 		1 KB
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yG/l/en_US/wk5AXVM50W-.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
78b44b8d6c08325beab16cd54c33f5302547d1be0c946c07a644d9d64ad2d0c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
bdcip4ERGWUDBtid79NJf6
Referer
https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
YUKVEm5K32XwZGre9m79X7dJTPfXFsrZDHBNiC9BWvsx4f2sC3eDkJgNQDABNsUBDqbTGywY3BemXVq/w8Paaw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 22 Jul 2022 07:31:47 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
onuUJj0tCqE.png
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame 99FC 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/onuUJj0tCqE.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/yHDIJGpqscR.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yv/l/0,cross/yHDIJGpqscR.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
x-content-type-options
nosniff
content-md5
OK0dmVpVmdoMRpKMP9eDcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3944
x-fb-rlafr
0
x-fb-debug
+TPXrpqLXmplNM8KhrlcCXqOlcoJdlkUspOEPDByhOYUfHD9y4jOi7ZdhZNKwcummwt2gJtaap09VpDSLnD1YQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Jul 2023 02:39:34 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 99FC 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
xMyHqMX+K859aL/Kf/qZEBVP6v3aVWHfao6UeSaLQi9CapS+CGqX1paMaB4tjXQxELI4pwHW4oxGhQNYd7HgXw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 20 Jul 2023 22:06:02 GMT
/
www.facebook.com/login/ Frame 99FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv14.0%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3b626b665e6d%2526domain%253Dnavinjiwnani.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fnavinjiwnani.com%25252Ff2e64f1098ed5e8%2526relation%253Dparent.parent%26container_width%3D312%26height%3D698%26hide_cover%3Dtrue%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252F114891045204615%26lazy%3Dtrue%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D624
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/ch48lnIyOHK.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/v14.0/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3b626b665e6d%26domain%3Dnavinjiwnani.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnavinjiwnani.com%252Ff2e64f1098ed5e8%26relation%3Dparent.parent&container_width=312&height=698&hide_cover=true&href=https%3A%2F%2Fwww.facebook.com%2F114891045204615&lazy=true&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=624
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 22 Jul 2022 07:31:47 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
+icCko4ePHy0Bxjn318CZJT6IeBOqi8GrPr76a0HfQweTnadiCSow0iFYOgettVuVkT0TsoW8uhg7P9+vxNxdw==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
/
www.facebook.com/tr/ Frame 1F9F 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://navinjiwnani.com
Referer
https://navinjiwnani.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://navinjiwnani.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 22 Jul 2022 07:31:47 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fi3.ytimg.com%2Fvi%2FbiJM1VH8Sdg%2Fhqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
f1887e02dffeb0e871ef9953dca4300aa0d23ced93d7665311c4caaa5cc330d3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:48 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
2672
x-frontend
2da877cc
fly-request-id
01G8JD3NV9R2J5H03C358HZDMJ-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fi3.ytimg.com%2Fvi%2FbiJM1VH8Sdg%2Fhqdefault.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Wed, 27 Jul 2022 21:43:12 GMT
resize
ephemera.mirus.io/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FkwKBjKaFRCw%2Fhqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
ce9b751f8eb3a7b5c3153b8b78f0d0397ee43b92d04a8ed876a71d4d6158c40c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:48 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
4042
x-frontend
2da877cc
fly-request-id
01G8JD3NV9E8MZ6TAZNZF269CA-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FkwKBjKaFRCw%2Fhqdefault.jpg
x-ratelimit-remaining
99
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Mon, 25 Jul 2022 14:34:26 GMT
resize
ephemera.mirus.io/img/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FGuCEJMbYOC8%2Fhqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
21d22eab8593468c55db04dfad97bbb6ae25a576d9ce62bec5d69f12131690f7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:48 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
7770
x-frontend
2da877cc
fly-request-id
01G8JD3NV97PGWBCCDX3PTXXJ5-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FGuCEJMbYOC8%2Fhqdefault.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Mon, 25 Jul 2022 14:34:26 GMT
resize
ephemera.mirus.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ephemera.mirus.io/img/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FWkyUDTlOTKM%2Fhqdefault.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a09:8280:1::1ce , United States, ASN40509 (FLY, US),
Reverse DNS
Software
Fly/50de8a7b (2022-07-11) /
Resource Hash
19714f9787ecd9a1196736f3bb70fd7a72e808609e82dcfc4e4d0ad48e872e2e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://navinjiwnani.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 22 Jul 2022 07:31:48 GMT
via
2 fly.io
vary
Accept
x-cache-status
HIT
x-region
ewr
strict-transport-security
max-age=15724800; includeSubDomains
content-length
3010
x-frontend
2da877cc
fly-request-id
01G8JD3NZEAQ48F1SW95QSMPSS-fra
server
Fly/50de8a7b (2022-07-11)
x-cachekey
https://imaginary.prod.mirus.io/resize?width=250&type=auto&url=https%3A%2F%2Fi4.ytimg.com%2Fvi%2FWkyUDTlOTKM%2Fhqdefault.jpg
x-ratelimit-remaining
100
content-type
image/webp
cache-control
public, s-maxage=604800, max-age=604800, no-transform
x-instance
2da877cc
x-ratelimit-limit
101
x-ratelimit-reset
1
x-git-sha
8eea3813
expires
Tue, 26 Jul 2022 15:13:01 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| FB object| ensBootstraps object| Bootstrapper function| Visitor object| s_c_il number| s_c_in object| visitor object| __buffer function| initFacebookFeed function| initTabControl function| errorLogging object| dataLayer string| sName string| h string| p string| t function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Media function| AppMeasurement function| s_gi function| s_pgicq boolean| _frstRun undefined| _scTempPrevURL object| _scHtml object| _langButtons undefined| _i string| s_account function| DIL number| s_objectID number| s_giq object| s string| s_urlPathEmber boolean| s_emberIndicator boolean| screenChange string| s_testsplitpath string| str string| newstr string| _scLang string| v function| setImmediate function| clearImmediate object| peachyClient function| initQuoteForm function| scrollToElement string| k string| s_campaignSet number| prop31 object| s_i_sfglobalprod object| lazySizes object| Alpine object| __mirus_utilities object| GTMdataLayer function| daGTMAdd string| s_clickEquivalentEvent function| intentEvent function| sendEvent object| google_tag_manager object| google_tag_data function| pintrk function| fbq function| _fbq function| ttd_dom_ready function| TTDUniversalPixelApi

27 Cookies

Domain/Path Name / Value
navinjiwnani.com/ Name: __cheesecrd_version
Value: master
.navinjiwnani.com/ Name: s_gad
Value: 1
.demdex.net/ Name: demdex
Value: 65995994957017416270900498682513214890
.navinjiwnani.com/ Name: AMCVS_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtpSYgAAAGJIhgN-
.dpm.demdex.net/ Name: dpm
Value: 65995994957017416270900498682513214890
.statefarm.com/ Name: s_ecid
Value: MCMID%7C57856489358022113030550436463248246390
.navinjiwnani.com/ Name: AMCV_AAD53BC75245B4BA0A490D4D%40AdobeOrg
Value: 690614123%7CMCIDTS%7C19196%7CMCMID%7C57856489358022113030550436463248246390%7CMCAAMLH-1659079906%7C6%7CMCAAMB-1659079906%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1658482306s%7CNONE%7CMCSYNCSOP%7C411-19203%7CMCAID%7CNONE%7CvVersion%7C3.1.0
.navinjiwnani.com/ Name: s_pre_pn
Value: sf%3Aus%3Aagent-micro-s%3Alkchh1ys000
.navinjiwnani.com/ Name: s_pre_v6
Value: navinjiwnani.com
.navinjiwnani.com/ Name: s_dl
Value: 1
.navinjiwnani.com/ Name: s_cm
Value: typed%2Fbookmarkedundefinedtyped%2Fbookmarked
.navinjiwnani.com/ Name: s_ev32
Value: %5B%5B%27direct%2520load%27%2C%271658475107041%27%5D%5D
.navinjiwnani.com/ Name: s_session
Value: s_prev_url%3Dhttps%3A%2F%2Fnavinjiwnani.com%2F%7Centry%3Dhttps%3A%2F%2Fnavinjiwnani.com%2F%7Cs_prev_channel%3Dsf%3Aundefined%3Aagent-micro-s%7Cs_prev_ch%3Dagent-micro-s%7Cs_prev_pn%3Dlkchh1ys000%7Cs_prev_pageName%3Dsf%3Aundefined%3Aagent-micro-s%3Alkchh1ys000%7Cmc%3Ddirect%20load%7C
.navinjiwnani.com/ Name: s_cc
Value: true
.navinjiwnani.com/ Name: AAMC_statefarmmutualautomobileinsurancecompany_0
Value: REGION%7C6
.navinjiwnani.com/ Name: aam_uuid
Value: 65995994957017416270900498682513214890
navinjiwnani.com/ Name: keen
Value: {%22uuid%22:%22edb1a5d9-fe68-4778-b839-e9719029aaf8%22%2C%22initialReferrer%22:null}
.doubleclick.net/ Name: IDE
Value: AHWqTUmNSIlZcQmvoxc4TiaaO_QcEBxUYWOhmaiP4YEsMt0m6D_h1Wj1wTFnehxrKlk
.navinjiwnani.com/ Name: _gcl_au
Value: 1.1.1536773676.1658475107
.yahoo.com/ Name: A3
Value: d=AQABBGNS2mICENsz4RzQXf60zgiN4QjkFaI&S=AQAAAjDxf0BYjBioIzb-tLdH6hw
.demdex.net/ Name: dextp
Value: 60-1-1658475107010|771-1-1658475107111|903-1-1658475107211|30646-1-1658475107332|66757-1-1658475107439
.navinjiwnani.com/ Name: _fbp
Value: fb.1.1658475107454.1028653189
.navinjiwnani.com/ Name: _pin_unauth
Value: dWlkPU1qWXdaak5sT1RFdE5qYzNOQzAwTkRaa0xXSmpNakV0WldSallXWXpaakF6TmpFNA
.krxd.net/ Name: _kuid_
Value: O-NRfWLI
.facebook.com/ Name: sb
Value: Y1LaYpxErdVjnaBgWEdXd2CG
.facebook.com/ Name: fr
Value: 0gI6Psp7xafgISRNQ..Bi2lJj.RN.AAA.0.0.Bi2lJj.AWXWpteLZ_Y

2 Console Messages

Source Level URL
Text
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=65995994957017416270900498682513214890
Message:
Failed to load resource: the server responded with a status of 451 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11264551.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
ct.pinterest.com
dpm.demdex.net
ephemera.mirus.io
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
navinjiwnani.com
nexus.ensighten.com
peachy.prod.mirus.io
s.pinimg.com
scontent-frt3-1.xx.fbcdn.net
smetrics.statefarm.com
statefarmmutualautomobileinsurancecompany.demdex.net
static.xx.fbcdn.net
usermatch.krxd.net
www.facebook.com
www.googletagmanager.com
100.24.249.189
104.198.70.133
108.138.15.119
142.250.184.198
142.250.185.98
15.236.176.210
18.197.253.20
2.23.8.223
212.82.100.182
2a00:1450:4001:80b::2008
2a00:1450:4001:827::2002
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:4b::84
2a09:8280:1::1ce
34.248.96.95
34.250.43.187
34.69.219.172
35.244.174.68
52.17.148.115
52.223.40.198
54.171.36.61
0c36ea63a0c77cc81ee3e4ff639f0cc26b7475bd97f733f9e2d5359e65d0cd8f
0dfb985f6b6146ddab3e847662417bda2b1bbfc34dde90ab6c103c8dcd463aa8
10ba3b28c4bfd9174681be402bcec41e066c703eba2a6863677a2ecb0e611790
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1457dc652a8fc92e5d20eee57d1a58fdad46be32ad237f6c8c241fb24d7302ad
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
16d9281956c8dc2b1c34381954edc509a26d95c6db37312f3cdfe2160ed9115e
19714f9787ecd9a1196736f3bb70fd7a72e808609e82dcfc4e4d0ad48e872e2e
1f5ce9bff943849052fa2dffbef97e77286d7585a4aa08e10cffdac3934627b8
21d22eab8593468c55db04dfad97bbb6ae25a576d9ce62bec5d69f12131690f7
2208cd6917e14055f41a81304c0baf2f90a250ece9a188343c7539ac50e385cf
2322498b4c15c8fa2583255ee24318ed39a56af26c9e0e6a0c3675da1e81809d
26711b788cc41eb126a54d8d4f57116ac9a5a6c1e0bd89b4447db308d023ece3
2a3d13042506b014659c201105249b75f7101f0c3175eea254b8f33bb5ea7bd8
2aa78ab453422386e9215ce0bba583ffc397bbf0cc30ce1fa20a73a7bc90e75b
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3a9d9fe5adbfc5fb082c5fd7ae9e1cbc7883e48b519c6414bf7f737dc7c33d73
3cc5da363d10c71a21ce61a25b353234a80149ca92838224a7871ae9b6215afa
446b9ce76804d344b589eceb79f018ddffdcb76e31b8ec6a797b324e57a24b1c
44fe3c928a3046415e4d420877c728ab13598e78c3e0e0b2fe14a1e0c942d7ee
540548b12b5a362a5fa54de526a5870cc89ef6f431387c20cd25e82b4f6cd9d0
57bad8607901d7cc20260262a8063a7b88d2b61cab3e6850f73b52cd1c716ab9
593fa553d116f4269a8fc8b7fc11dc49efdb71da04c896b6e5872841c5ffa2d1
5a7ab12a55d776ac72436ad1a67f0e9476e61258ac2b437f4ff392f8759c741c
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
6b115af23626e8930726e27173a2de5f1908671c7af99e979beeab6ad509b510
6e164ad4aa1f1905c44c2e4e57088f313738d18320a99a7e6a984b862523d96d
71d222ad7ccca1eb6696fbb3217c4dc5ac2312d18f790419f3f135d48cb9ea20
733f006da763151a1f566721caf177a428a31e689c2c439ff031b3aad8ec4c7d
7451ea98c8a91582439c353e9b9dd7bb147bae2256df586df025889db3490967
78b44b8d6c08325beab16cd54c33f5302547d1be0c946c07a644d9d64ad2d0c4
7909e8515567115d594a2dae28fb5004e1302301bb4087b4b8a34ecdcd78ab83
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83912349e8bc8f0ec2084562dc5e71e06f33a3dfcad4899af80117a7174be14d
84fb7c77dd0c26c67d067b5ab60856ed7f3cb54c828290cb791382f54d3ddac3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff1a16df84eb3515da0955311515589bfbda59cf69076a2cb87ed8ae0cb2177
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
a367eee80040b3d4ecf47cda08b1c460d0676c2c06ede98a33119235a3363db4
a869d909901d8f0380381e32d671637451c6d3e612a0c24c96537d97d2ae783f
b3566127c3d4ba5c8edb66d1f205ca8e693c9d1bcfcedeb3e9516ade48b8bb74
b9f6248903e1ca432a13af94140f50af2ce2fd4a7d81d66967e5aef74e1e49fe
bc9a63b3e86121f1fbe5fcf828c4668555e849af8d6434e72679c224015b33c6
c5214dd887107e25fdcd62ea41cd7423896b1c67aa5de9a88785cbe67efd17a2
c82a0d470a60fe512db7c41f9c7a0a0907c3d14cef685ba961e9ab9030264496
cbb4142e7f5d3acd7b472c70d1263d11065de067c83cb093d8566cdd494a9b19
ce9b751f8eb3a7b5c3153b8b78f0d0397ee43b92d04a8ed876a71d4d6158c40c
ceb72b65e7ed6ab1e463e8841a298d3217ec9b0abb148670b16849d11b3d820e
cff54e347bb6348dfc53d57f4152ed514a8ec5e3265063c2f7b5e446d678f6a9
d1ed1da8f560dcb276f876741cf393ad88f27d71973f826237ef70d4a6ff0d07
d2ef979615227521cbbdee99ef1d4cf11c68728a5d6459fd1759a47186988fc5
d406a99a04ef01f9368e464b3cdde1bab925f95b917e767f700abe023ba2f9a5
d686ed6bb20d22afeac976780f9e60e3eabd3c684b277c45eb61d276c0b1149f
d840ef1927c7aad49210faefc97f7005e3862dd4853cded03388216c009f01a2
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
e3a16bbf4914a49b1afe816e119c7da2d731dead9167c01d07984ef323e26bfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e91a3690e1ab1841fe8d3ba3eb631f39301f148b02eb5108dfb0e97f05d08e6c
eb8a9ca522729cb910e519d266cf5b0e69b0428d2d2d04a17c46444203241d30
ec3842cdee5c382b716601b4e452c6402b6b01f1269641c334a0809db0afd3cf
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad32cb9672046cc1717bc9755aa113ae24f3ca3e574b081f41719d5f5ceb09
f17de407562ed5814892a1b44c6e349761f067cf6f2360ebe2aef4f03a5bea4e
f1887e02dffeb0e871ef9953dca4300aa0d23ced93d7665311c4caaa5cc330d3
f280c2e0400e5c8fe77ed55191fe669aba1d578f326abc96ada4e27477371f1c
f8492b9587255140c8017e04db982f24070af9fcc0ffdbe39a71860b8dc9ea8b