shadowinvestigations.com Open in urlscan Pro
107.191.37.207 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://shadowinvestigations.com/
Submission: On July 13 via manual (July 13th 2021, 6:55:27 pm UTC) from US

Summary HTTP 52 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 52 HTTP transactions. The main IP is 107.191.37.207, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is shadowinvestigations.com.
TLS certificate: Issued by R3 on July 9th 2021. Valid for: 3 months.

This is the only time shadowinvestigations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
44	107.191.37.207 107.191.37.207		20473 (AS-CHOOPA) (AS-CHOOPA)
1	2a00:1450:400... 2a00:1450:4001:827::200a		15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2003		15169 (GOOGLE) (GOOGLE)
52	4

44 107.191.37.207 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 107.191.37.207.vultr.com

shadowinvestigations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	shadowinvestigations.com shadowinvestigations.com	1 MB
5	gstatic.com fonts.gstatic.com	86 KB
2	cloudflare.com cdnjs.cloudflare.com	35 KB
1	googleapis.com fonts.googleapis.com	967 B
52	4

	Domain	Requested by
44	shadowinvestigations.com	shadowinvestigations.com
5	fonts.gstatic.com	fonts.googleapis.com
2	cdnjs.cloudflare.com	shadowinvestigations.com cdnjs.cloudflare.com
1	fonts.googleapis.com	shadowinvestigations.com
52	4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.linkedin.com
goo.gl
getdsm.com

Subject Issuer	Validity	Valid
*.shadowinvestigations.com R3	`2021-07-09` - `2021-10-07`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://shadowinvestigations.com/
Frame ID: 22FEBE13837E6B03AF361C0BB4A19B6A
Requests: 52 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+foundation[^>"]+css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

52
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

1513 kB
Transfer

2406 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/shadowinvestigationsinc/
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/shadowinvestigations-com/
Title:

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/jevcyJtvuzuQHZbx5

Search URL Search Domain Scan URL

URL: http://getdsm.com/
Title: Design Source Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
shadowinvestigations.com/ 60 KB
11 KB 257ms
83ms Document
text/html 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 91334b67dae0034df1a1e7a982926130f5876b8300277d3acc773835e364ffd4

Request headers

:method: GET
:authority: shadowinvestigations.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 13 Jul 2021 18:54:14 GMT
content-type: text/html; charset=UTF-8
content-length: 11295
vary: X-Forwarded-Proto,Accept-Encoding
last-modified: Tue, 13 Jul 2021 09:56:51 GMT
accept-ranges: bytes
cache-control: max-age=0
expires: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 12 KB
967 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Requested by

Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7e8e012b03977f45474a6e8c6cb3f8b8ec2aaed5e4513d8f67549a74f376827a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 18:54:14 GMT
server: ESF
date: Tue, 13 Jul 2021 18:54:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Jul 2021 18:54:14 GMT

GET
H2 200 style.min.css
shadowinvestigations.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 97ms
94ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:22:54 GMT
server: nginx
etag: W/"60b92c0e-e33b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 theme.min.css
shadowinvestigations.com/wp-includes/css/dist/block-library/ 3 KB
931 B 97ms
94ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/css/dist/block-library/theme.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Request headers

:path: /wp-includes/css/dist/block-library/theme.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:22:54 GMT
server: nginx
etag: W/"60b92c0e-a9a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 all.min.css
shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/ 58 KB
13 KB 116ms
113ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

:path: /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
etag: W/"60dd439a-e7d0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 style.css
shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 20 KB
3 KB 125ms
122ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 2dd8018bee79a9ff568d02c74f542a3509cf567b9384f31cfefae7f8960c3773

Request headers

:path: /wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 06:20:21 GMT
server: nginx
etag: W/"5f9a5f25-5017"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 48-layout.css
shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/ 139 KB
16 KB 168ms
166ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 8a383ddeaed5cc3bc21901f3d7e5d19a23de475699acfd14ad72e3aae5b980fd

Request headers

:path: /wp-content/uploads/bb-plugin/cache/48-layout.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:25:03 GMT
server: nginx
etag: W/"60dd439f-22bb1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 slick.css
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/ 2 KB
752 B 168ms
166ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/slick.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/css/slick.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-6f0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 font-awesome.min.css
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/ 28 KB
7 KB 181ms
180ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/font-awesome.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/css/font-awesome.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-7186"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 deprecated-style.css
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/ 2 KB
824 B 182ms
180ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/deprecated-style.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 176084728ff4631b24b0725048400fe78f2987f8224bb908ef61c9ed4521efc8

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/css/deprecated-style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-939"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 style.css
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/ 4 KB
1 KB 182ms
181ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/style.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 9e034088087d93e734227bf7b0012284161aa745d1df20bcdab1e2a6290d6401

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-fd3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 foundation-icons.css
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 19 KB
4 KB 37ms
22ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css

Requested by

Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 606597
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2855
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e66-4c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=J8cwaCVUFri5fssrBVzUFAIHhuaVo%2BXAC2%2BdpUsEFYPI6S7IKynxQwKC%2FW8klTiZwITTLGgGUkj7SJuBADyT244%2FvSD3TbJgLcwz%2F23yPAINkz9VjAcTD%2FUk9rlK4XbVD9IFAm5wTAxBaDwxJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66e4b7fc29ac325c-FRA
expires: Sun, 03 Jul 2022 18:54:14 GMT

GET
H2 200 animate.css
shadowinvestigations.com/wp-content/plugins/bb-ultimate-addon/modules/info-list/css/ 71 KB
5 KB 185ms
183ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-ultimate-addon/modules/info-list/css/animate.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Request headers

:path: /wp-content/plugins/bb-ultimate-addon/modules/info-list/css/animate.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 07:12:05 GMT
server: nginx
etag: W/"60dd6ac5-11a43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/ 137 KB
16 KB 208ms
206ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: db2819c2412c6d8f263b01afd2cabe7c3e0f493d989e17135635c32451c4e81f

Request headers

:path: /wp-content/uploads/bb-plugin/cache/2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:12 GMT
server: nginx
etag: W/"60dd463c-2249c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery.magnificpopup.min.css
shadowinvestigations.com/wp-content/plugins/bb-plugin/css/ 6 KB
2 KB 212ms
210ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 2ed3fa8c76740090829d5d4566efb8eb76de9224e0c894f94e8b5fbf8efea8a9

Request headers

:path: /wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
etag: W/"60dd439a-167e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 base.min.css
shadowinvestigations.com/wp-content/themes/bb-theme/css/ 47 KB
9 KB 227ms
224ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/themes/bb-theme/css/base.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587

Request headers

:path: /wp-content/themes/bb-theme/css/base.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 15:13:37 GMT
server: nginx
etag: W/"609e93a1-bd2a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 skin-60d2313d72fea.css
shadowinvestigations.com/wp-content/uploads/bb-theme/ 55 KB
8 KB 237ms
235ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-theme/skin-60d2313d72fea.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 70de0f3f84d50edfc84cbb1a2e9a54360543887dea550f1b799bec7b4729fdff

Request headers

:path: /wp-content/uploads/bb-theme/skin-60d2313d72fea.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Tue, 22 Jun 2021 18:51:41 GMT
server: nginx
etag: W/"60d2313d-db69"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 style.css
shadowinvestigations.com/wp-content/themes/bb-theme-child/ 327 B
411 B 238ms
236ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/themes/bb-theme-child/style.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 196d33d4e1bcad0b6257a2f875ffac63d819abb8ad4ed2e4eed514c1edb43a17

Request headers

:path: /wp-content/themes/bb-theme-child/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 06:18:48 GMT
server: nginx
etag: W/"5f9a5ec8-147"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 animate.min.css
shadowinvestigations.com/wp-content/plugins/bbpowerpack/assets/css/ 52 KB
4 KB 241ms
240ms Stylesheet
text/css 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bbpowerpack/assets/css/animate.min.css
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

:path: /wp-content/plugins/bbpowerpack/assets/css/animate.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:00 GMT
server: nginx
etag: W/"60dd4630-ce35"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery.min.js Show response
shadowinvestigations.com/wp-includes/js/jquery/ 87 KB
30 KB 256ms
254ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:22:54 GMT
server: nginx
etag: W/"60b92c0e-15d98"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
shadowinvestigations.com/wp-includes/js/jquery/ 11 KB
4 KB 269ms
268ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:22:54 GMT
server: nginx
etag: W/"60b92c0e-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 imagesloaded.min.js Show response
shadowinvestigations.com/wp-includes/js/ 5 KB
2 KB 269ms
268ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/js/imagesloaded.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

:path: /wp-includes/js/imagesloaded.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 19:22:54 GMT
server: nginx
etag: W/"60b92c0e-15fd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 1st-Section-Icon-1.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 1 KB
1 KB 100ms
97ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/1st-Section-Icon-1.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 15603a07c03024e6e7c79b0a9fe2edd14f5b29640be2c1c0831420d4dbcfbce4

Request headers

:path: /wp-content/uploads/2020/10/1st-Section-Icon-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:21:00 GMT
server: nginx
etag: "5f9a5f4c-52b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1323
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 1st-Section-Icon-2.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 2 KB
2 KB 100ms
98ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/1st-Section-Icon-2.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 9f15c574d72675cbc67bf51354bdd5ba8c7a5ae59c51c587c4efc66d979669a5

Request headers

:path: /wp-content/uploads/2020/10/1st-Section-Icon-2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:20:07 GMT
server: nginx
etag: "5f9a5f17-7d9"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2009
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 1st-Section-Icon-3.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 2 KB
2 KB 100ms
99ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/1st-Section-Icon-3.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 36383bd39c6ad28e40f1889b9cd35a73578c97740d77ea5a643e61045e9d28c5

Request headers

:path: /wp-content/uploads/2020/10/1st-Section-Icon-3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:19:26 GMT
server: nginx
etag: "5f9a5eee-6ba"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1722
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 1st-Section-Icon-4.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 2 KB
2 KB 101ms
100ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/1st-Section-Icon-4.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: e7a2f88859d6df86d1021b4d619128a935824d41684202114769aa9dceabad51

Request headers

:path: /wp-content/uploads/2020/10/1st-Section-Icon-4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:20:50 GMT
server: nginx
etag: "5f9a5f42-78f"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1935
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 Text-Only-Shadow-Investigations-1.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 6 KB
6 KB 104ms
102ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/Text-Only-Shadow-Investigations-1.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 3f600473d1a2f07b24ae060fe597717725c03bd587eeb3b4f247e168bdcba243

Request headers

:path: /wp-content/uploads/2020/10/Text-Only-Shadow-Investigations-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:19:28 GMT
server: nginx
etag: "5f9a5ef0-1646"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5702
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery.waypoints.min.js Show response
shadowinvestigations.com/wp-content/plugins/bb-plugin/js/ 9 KB
3 KB 82ms
82ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

:path: /wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
etag: W/"60dd439a-2281"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 48-layout.js Show response
shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/ 32 KB
8 KB 86ms
85ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: d282f1e5dd690bee9d9d63a27291935b115641a7d0f90533af3536bf60eca24a

Request headers

:path: /wp-content/uploads/bb-plugin/cache/48-layout.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:25:04 GMT
server: nginx
etag: W/"60dd43a0-817f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery.ba-throttle-debounce.min.js Show response
shadowinvestigations.com/wp-content/plugins/bb-plugin/js/ 731 B
653 B 87ms
84ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

:path: /wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
etag: W/"60dd439a-2db"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 7d3fae7b131f122cef63eadb1fdcac33-layout-bundle.js Show response
shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/ 42 KB
8 KB 89ms
86ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/7d3fae7b131f122cef63eadb1fdcac33-layout-bundle.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: a2c4a531621af4dcd5e70eb2603f8ccd87de57ca29124aaf09121b7031c06050

Request headers

:path: /wp-content/uploads/bb-plugin/cache/7d3fae7b131f122cef63eadb1fdcac33-layout-bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:12 GMT
server: nginx
etag: W/"60dd463c-a687"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 jquery.magnificpopup.min.js Show response
shadowinvestigations.com/wp-content/plugins/bb-plugin/js/ 20 KB
7 KB 92ms
89ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd

Request headers

:path: /wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
etag: W/"60dd439a-4eba"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 theme.min.js Show response
shadowinvestigations.com/wp-content/themes/bb-theme/js/ 22 KB
6 KB 94ms
92ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/themes/bb-theme/js/theme.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 6795630d6e4952cd33b7f209838be794d3aa19ca417fc4c20360062e6622e381

Request headers

:path: /wp-content/themes/bb-theme/js/theme.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Fri, 14 May 2021 15:13:37 GMT
server: nginx
etag: W/"609e93a1-58ee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 wp-embed.min.js Show response
shadowinvestigations.com/wp-includes/js/ 1 KB
958 B 95ms
92ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-includes/js/wp-embed.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 06:22:17 GMT
server: nginx
etag: W/"6077db99-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 slick.min.js Show response
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/js/ 41 KB
10 KB 99ms
96ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/js/slick.min.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/js/slick.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-a3e1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 sp-slick-active.js Show response
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/js/ 1 KB
642 B 99ms
97ms Script
application/javascript 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/js/sp-slick-active.js
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 2c6a6ff0d4a1cac716d6cae35675cb8c69d3be3c64fe36753a4c8e698adc1be5

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/js/sp-slick-active.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
etag: W/"60dd4634-44f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 Landing-Page-BG.jpg
shadowinvestigations.com/wp-content/uploads/2020/10/ 61 KB
61 KB 92ms
92ms Image
image/jpeg 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/Landing-Page-BG.jpg
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: d5798134a3a0a8d45b56a8910ffc5800a1dfd59894fe9f83782417b187be2d44

Request headers

:path: /wp-content/uploads/2020/10/Landing-Page-BG.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:21:00 GMT
server: nginx
etag: "5f9a5f4c-f468"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 62568
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 BG-Left-White-High.jpg
shadowinvestigations.com/wp-content/uploads/2020/10/ 234 KB
234 KB 144ms
144ms Image
image/jpeg 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/BG-Left-White-High.jpg
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 32b648ae47da87865ec5f3c63ca36821c2c7cf6904509d48a3f454cbfde3f262

Request headers

:path: /wp-content/uploads/2020/10/BG-Left-White-High.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:19:46 GMT
server: nginx
etag: "5f9a5f02-3a669"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 239209
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 BG-right-White-High.jpg
shadowinvestigations.com/wp-content/uploads/2020/10/ 235 KB
235 KB 148ms
147ms Image
image/jpeg 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/BG-right-White-High.jpg
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 9ee4846c04215c304b83277b6fcd56a019eb4d6e778654dd12cc2c95a3d74315

Request headers

:path: /wp-content/uploads/2020/10/BG-right-White-High.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:18:10 GMT
server: nginx
etag: "5f9a5ea2-3ab37"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 240439
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 BG-Plain-High-1.jpg
shadowinvestigations.com/wp-content/uploads/2021/06/ 120 KB
120 KB 147ms
146ms Image
image/jpeg 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2021/06/BG-Plain-High-1.jpg
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 39ac40499287893c48d8f9f29d2f3bd9f82299213c0bd4ffc1bdc0b292eb19d3

Request headers

:path: /wp-content/uploads/2021/06/BG-Plain-High-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Fri, 11 Jun 2021 18:07:33 GMT
server: nginx
etag: "60c3a665-1e02e"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 122926
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 bg-plain-small.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 330 KB
331 KB 145ms
145ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/bg-plain-small.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 6135f32f305e2b2d92c8b094eb07922a484d7ad71efd9621d854f027a0734a73

Request headers

:path: /wp-content/uploads/2020/10/bg-plain-small.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/2dd11b8c92832eade3b6769a2287ae46-layout-bundle.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:18:13 GMT
server: nginx
etag: "5f9a5ea5-52973"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 338291
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
14 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowinvestigations.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 88084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 18:26:10 GMT

GET
H2 200 Ultimate-Icons.ttf
shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 91 KB
45 KB 142ms
141ms Font
application/font-sfnt 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630

Request headers

:path: /wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
pragma: no-cache
origin: https://shadowinvestigations.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://shadowinvestigations.com
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 29 Oct 2020 06:18:44 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
content-type: application/font-sfnt
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 45665
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 fa-solid-900.woff2
shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/ 78 KB
79 KB 142ms
141ms Font
application/octet-stream 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

Request headers

:path: /wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/webfonts/fa-solid-900.woff2
pragma: no-cache
origin: https://shadowinvestigations.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://shadowinvestigations.com
Referer: https://shadowinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:24:58 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowinvestigations.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 21:27:07 GMT
x-content-type-options: nosniff
age: 77227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19172
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:52 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 21:27:07 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowinvestigations.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 14:01:00 GMT
x-content-type-options: nosniff
age: 17594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 14:01:00 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowinvestigations.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 05:41:48 GMT
x-content-type-options: nosniff
age: 47546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 05:41:48 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C300%2C700%7CMontserrat%3A400%2C700%2C600%7CMontserrat%3A600%2C400%7COpen%20Sans%3A400&display=swap

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://shadowinvestigations.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 62947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Jul 2022 01:25:07 GMT

GET
H2 200 fontawesome-webfont.woff2
shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/fonts/ 70 KB
70 KB 139ms
139ms Font
application/octet-stream 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

:path: /wp-content/plugins/testimonial-free/public/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
pragma: no-cache
origin: https://shadowinvestigations.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/font-awesome.min.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://shadowinvestigations.com
Referer: https://shadowinvestigations.com/wp-content/plugins/testimonial-free/public/assets/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 04:36:04 GMT
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
cache-control: max-age=2592000
accept-ranges: bytes
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H3-29 200 foundation-icons.woff
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 31 KB
32 KB 37ms
27ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.woff

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5547c502d53207f71f8e804121823a1a3b7f8094be7bb677eccefd3b0cfbb9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://shadowinvestigations.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2923191
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 31590
cf-request-id: 0a9494f8650000dff77838f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:14 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e66-7d14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=6tHwNirpRxOzzj2QIf5RitXd6elbG4Pbal54Kv8HSlC2f9YsaIZm9YpjJBdVPMTT75T7aBeLiGR4oXHGsYhhzWxkDqk7T%2F0XJPKUo19t%2Badysavb50FMPkBdgkR56Cx%2FUVqLys2My4NGQbt%2B6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 66e4b7fe0adc6431-FRA
expires: Sun, 03 Jul 2022 18:54:14 GMT

GET
H2 200 Header-Logo.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 13 KB
13 KB 235ms
235ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/Header-Logo.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: fbca3f592610f5317ed02dc14520b0890b2cfc4be5ac3ccdc7ae4989c5f2ba91

Request headers

:path: /wp-content/uploads/2020/10/Header-Logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:17:24 GMT
server: nginx
etag: "5f9a5e74-32cb"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13003
expires: Thu, 12 Aug 2021 18:54:14 GMT

GET
H2 200 Quote-Icon.png
shadowinvestigations.com/wp-content/uploads/2020/10/ 2 KB
2 KB 131ms
130ms Image
image/png 107.191.37.207
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shadowinvestigations.com/wp-content/uploads/2020/10/Quote-Icon.png
Requested by: Host: shadowinvestigations.com
URL: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 107.191.37.207 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 107.191.37.207.vultr.com
Software: nginx /
Resource Hash: 92195b1bddb43376016dc5eca25d4eb10f6b9284521c3e61167b701da87bdb55

Request headers

:path: /wp-content/uploads/2020/10/Quote-Icon.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: shadowinvestigations.com
referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://shadowinvestigations.com/wp-content/uploads/bb-plugin/cache/48-layout.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Jul 2021 18:54:14 GMT
last-modified: Thu, 29 Oct 2020 06:19:32 GMT
server: nginx
etag: "5f9a5ef4-71b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1819
expires: Thu, 12 Aug 2021 18:54:14 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| gform undefined| $ function| jQuery function| EvEmitter function| imagesLoaded object| bb_powerpack function| Waypoint string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| bowser object| UABBTrigger object| FLBuilderLayout object| pp_menu_5f7b2c565029a object| pp_menu_5f85945798431 function| PPAdvancedMenu object| FLThemeBuilderHeaderLayout function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| themeopts object| FLTheme object| wp string| waypointContextKey boolean| ipad

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://shadowinvestigations.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
shadowinvestigations.com
107.191.37.207
2606:4700::6810:125e
2a00:1450:4001:809::2003
2a00:1450:4001:827::200a
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
15603a07c03024e6e7c79b0a9fe2edd14f5b29640be2c1c0831420d4dbcfbce4
176084728ff4631b24b0725048400fe78f2987f8224bb908ef61c9ed4521efc8
196d33d4e1bcad0b6257a2f875ffac63d819abb8ad4ed2e4eed514c1edb43a17
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd
2c6a6ff0d4a1cac716d6cae35675cb8c69d3be3c64fe36753a4c8e698adc1be5
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dd8018bee79a9ff568d02c74f542a3509cf567b9384f31cfefae7f8960c3773
2ed3fa8c76740090829d5d4566efb8eb76de9224e0c894f94e8b5fbf8efea8a9
32b648ae47da87865ec5f3c63ca36821c2c7cf6904509d48a3f454cbfde3f262
36383bd39c6ad28e40f1889b9cd35a73578c97740d77ea5a643e61045e9d28c5
39ac40499287893c48d8f9f29d2f3bd9f82299213c0bd4ffc1bdc0b292eb19d3
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
3f600473d1a2f07b24ae060fe597717725c03bd587eeb3b4f247e168bdcba243
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
5547c502d53207f71f8e804121823a1a3b7f8094be7bb677eccefd3b0cfbb9aa
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6135f32f305e2b2d92c8b094eb07922a484d7ad71efd9621d854f027a0734a73
6795630d6e4952cd33b7f209838be794d3aa19ca417fc4c20360062e6622e381
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
70de0f3f84d50edfc84cbb1a2e9a54360543887dea550f1b799bec7b4729fdff
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7e8e012b03977f45474a6e8c6cb3f8b8ec2aaed5e4513d8f67549a74f376827a
8767f01caa430c5bd4e3b008a8e9dfe022156a4e91a23c394fdcb05c267f1b94
8a383ddeaed5cc3bc21901f3d7e5d19a23de475699acfd14ad72e3aae5b980fd
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
91334b67dae0034df1a1e7a982926130f5876b8300277d3acc773835e364ffd4
92195b1bddb43376016dc5eca25d4eb10f6b9284521c3e61167b701da87bdb55
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9e034088087d93e734227bf7b0012284161aa745d1df20bcdab1e2a6290d6401
9ee4846c04215c304b83277b6fcd56a019eb4d6e778654dd12cc2c95a3d74315
9f15c574d72675cbc67bf51354bdd5ba8c7a5ae59c51c587c4efc66d979669a5
a2c4a531621af4dcd5e70eb2603f8ccd87de57ca29124aaf09121b7031c06050
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d282f1e5dd690bee9d9d63a27291935b115641a7d0f90533af3536bf60eca24a
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d5798134a3a0a8d45b56a8910ffc5800a1dfd59894fe9f83782417b187be2d44
db2819c2412c6d8f263b01afd2cabe7c3e0f493d989e17135635c32451c4e81f
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e7a2f88859d6df86d1021b4d619128a935824d41684202114769aa9dceabad51
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fbca3f592610f5317ed02dc14520b0890b2cfc4be5ac3ccdc7ae4989c5f2ba91
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869