urlscan.io logo urlscan.io
SecurityTrails logo

sdsinvestigators.com Open in urlscan Pro
2606:4700:3035::6812:319a  Public Scan

Go To Rescan Add Verdict Report
URL: https://sdsinvestigators.com/
Submission: On February 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 12 domains to perform 30 HTTP transactions. The main IP is 2606:4700:3035::6812:319a, located in United States and belongs to CLOUDFLARENET, US. The main domain is sdsinvestigators.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 1st 2020. Valid for: 8 months.
This is the only time sdsinvestigators.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    2606:4700:3035::6812:319a (United States)

ASN13335 (CLOUDFLARENET, US)
sdsinvestigators.com
1    2606:4700::6811:843c (United States)

ASN13335 (CLOUDFLARENET, US)
api.maptiler.com
16    2606:4700:20::681a:7d (United States)

ASN13335 (CLOUDFLARENET, US)
render.uenicdn.com
img77.uenicdn.com
1    2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    2600:9000:2057:c00:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.dwin1.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:821::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
10 img77.uenicdn.com sdsinvestigators.com
6 render.uenicdn.com
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
2 www.facebook.com connect.facebook.net
2 connect.facebook.net sdsinvestigators.com
connect.facebook.net
2 sentry.io render.uenicdn.com
2 sdsinvestigators.com sdsinvestigators.com
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.dwin1.com www.googletagmanager.com
1 www.googletagmanager.com sdsinvestigators.com
1 api.maptiler.com
30 13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
maps.google.com
www.ueni.com
ueni.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-02-01 -
2020-10-09		 8 months crt.sh
ssl770257.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-13 -
2020-06-20		 6 months crt.sh
uenicdn.com
CloudFlare Inc ECC CA-2		 2019-06-15 -
2020-06-14		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2017-03-24 -
2020-06-21		 3 years crt.sh
*.dwin1.com
Amazon		 2020-01-01 -
2021-02-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://sdsinvestigators.com/
Frame ID: DECD6BC88B5B31DBDF98858B51BF3717
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<[^>]+data-react/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

30
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

13
Subdomains

11
IPs

4
Countries

1980 kB
Transfer

5112 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=796846515&t=pageview&_s=1&dl=https%3A%2F%2Fsdsinvestigators.com%2F&ul=en-us&de=UTF-8&dt=SDS%20Private%20Investigators&sd=24-bit&sr=1600x1200&vp=1593x1200&je=0&_u=aGDAAEADQ~&jid=1870118441&gjid=414614390&cid=653706800.1582283173&tid=UA-91212729-8&_gid=1347907525.1582283173&_r=1&gtm=2wg2c0P9XRF82&cd1=sds-investigators&cd2=f02200_28&cd3=Private%20Investigator&z=760468813 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_gid=1347907525.1582283173&gjid=414614390&_v=j81&z=760468813 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813&slf_rd=1&random=476737656

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
sdsinvestigators.com/ 		198 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:319a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
48e8c35de91edaa52acda5d025343acb8862bda14fe7c573fa64e65ea195e44f

Request headers

:method
GET
:authority
sdsinvestigators.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document

Response headers

status
200
date
Fri, 21 Feb 2020 11:06:11 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d166a20ae0dbb39a642a9f713f2713b291582283171; expires=Sun, 22-Mar-20 11:06:11 GMT; path=/; domain=.sdsinvestigators.com; HttpOnly; SameSite=Lax; Secure
x-powered-by
Express
link
<https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y>; rel=preload; as="style" <https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js>; rel=preload; as="script" <https://connect.facebook.net>; rel=dns-prefetch <https://www.googletagmanager.com>; rel=dns-prefetch <https://www.google-analytics.com>; rel=dns-prefetch <https://stats.g.doubleclick.net>; rel=dns-prefetch <https://www.facebook.com>; rel=dns-prefetch <https://render.uenicdn.com>; rel=dns-prefetch <https://render.uenicdn.com/static/fonts/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2>; rel=preload; as="font"; type="font/woff2"; crossorigin <https://render.uenicdn.com/static/fonts/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2>; rel=preload; as="font"; type="font/woff2"; crossorigin <https://render.uenicdn.com/static/fonts/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2>; rel=preload; as="font"; type="font/woff2"; crossorigin <https://render.uenicdn.com/static/fonts/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2>; rel=preload; as="font"; type="font/woff2"; crossorigin <https://render.uenicdn.com/static/fonts/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2>; rel=preload; as="font"; type="font/woff2"; crossorigin
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56883fdacc75d6c1-FRA
content-encoding
br
style.json
api.maptiler.com/maps/streets/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://api.maptiler.com/maps/streets/style.json?key=OnLW5fSzsfAkkYcTBW9y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:843c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

access-control-allow-origin
*
main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js
render.uenicdn.com/static/js/ 		3 MB
758 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e9feabad470d74ff7eb3b89f00a3d0723d6efe5d0c699e98bcb777c635b8c713
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
71964
x-edge-location
hongkongHK
x-powered-by
Express
x-cache
MISS
status
200
last-modified
Thu, 20 Feb 2020 14:58:48 GMT
server
cloudflare
etag
W/"30386d-170631bc040"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=378432000
cf-polished
origSize=3160173
x-edge-ip
84.17.57.6
cf-ray
56883fdcf8841f31-FRA
access-control-allow-headers
X-Requested-With
cf-bgj
minify
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
render.uenicdn.com/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/fonts/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-edge-location
frankfurtDE
x-powered-by
Express
x-cache
HIT
status
200
x-age
1545242
content-length
9016
last-modified
Thu, 30 Jan 2020 16:19:49 GMT
server
cloudflare
etag
W/"2338-16ff7406088"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=378432000
x-edge-ip
195.181.175.44
accept-ranges
bytes
cf-ray
56883fdcfe54d6f5-FRA
access-control-allow-headers
X-Requested-With
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
render.uenicdn.com/static/fonts/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/fonts/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgEM86xQ.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-edge-location
frankfurtDE
x-powered-by
Express
x-cache
HIT
status
200
x-age
2163909
content-length
16972
last-modified
Fri, 24 Jan 2020 20:21:11 GMT
server
cloudflare
etag
W/"424c-16fd93732d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=378432000
x-edge-ip
185.59.220.20
accept-ranges
bytes
cf-ray
56883fdcfe58d6f5-FRA
access-control-allow-headers
X-Requested-With
nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
render.uenicdn.com/static/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/fonts/nuFlD-vYSZviVYUb_rj3ij__anPXBYf9lW4e5j5hNKc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 11:06:12 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-edge-location
hongkongHK
x-powered-by
Express
x-cache
HIT
status
200
x-age
42480
content-length
18436
last-modified
Thu, 20 Feb 2020 14:57:20 GMT
server
cloudflare
etag
W/"4804-170631a6880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=378432000
x-edge-ip
84.17.57.6
accept-ranges
bytes
cf-ray
56883fdcfe5bd6f5-FRA
access-control-allow-headers
X-Requested-With
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
render.uenicdn.com/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/fonts/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 11:06:12 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-edge-location
hongkongHK
x-powered-by
Express
x-cache
HIT
status
200
x-age
42480
content-length
9132
last-modified
Thu, 20 Feb 2020 14:57:20 GMT
server
cloudflare
etag
W/"23ac-170631a6880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=378432000
x-edge-ip
84.17.57.6
accept-ranges
bytes
cf-ray
56883fdcfe5dd6f5-FRA
access-control-allow-headers
X-Requested-With
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
render.uenicdn.com/static/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://render.uenicdn.com/static/fonts/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
vary
Accept-Encoding
cf-cache-status
MISS
x-edge-location
hongkongHK
x-powered-by
Express
x-cache
HIT
status
200
x-age
42479
content-length
9180
last-modified
Thu, 20 Feb 2020 14:57:20 GMT
server
cloudflare
etag
W/"23dc-170631a6880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=378432000
x-edge-ip
84.17.57.6
accept-ranges
bytes
cf-ray
56883fdcfe62d6f5-FRA
access-control-allow-headers
X-Requested-With
shutterstock_571670185.jpg
img77.uenicdn.com/image/upload/v1542046340/category/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1542046340/category/shutterstock_571670185.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9113989ee46b1e54beea5fe54c08ae6fed336ca8c39734a59368e877cb795504

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
514778
content-length
163535
last-modified
Mon, 22 Jul 2019 21:32:09 GMT
server
cloudflare
etag
"5d362b59-27ecf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdcf8951f31-FRA
59b0b7ff-d782-4e9b-8107-426842812fe4.jpg
img77.uenicdn.com/image/upload/v1580655342/business/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1580655342/business/59b0b7ff-d782-4e9b-8107-426842812fe4.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e95abe5b5fea34a9e826a55889892cfade9a7ecba0d30957a0d5206b11e942

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
419084
content-length
27735
last-modified
Sun, 02 Feb 2020 14:56:39 GMT
server
cloudflare
etag
"5e36e327-6c57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdcf8961f31-FRA
cf341bc7-912f-462b-9a24-9ac53dc581a6.jpg
img77.uenicdn.com/image/upload/v1580659376/business/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1580659376/business/cf341bc7-912f-462b-9a24-9ac53dc581a6.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7fbde1944bc204cfa7d042407a5fdabe51bf59923772e38455f02c41152dff1

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
129292
content-length
58925
last-modified
Sun, 02 Feb 2020 16:03:47 GMT
server
cloudflare
etag
"5e36f2e3-e62d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdcf8971f31-FRA
shutterstock_154513355.jpg
img77.uenicdn.com/image/upload/v1571213773/service_images/ 		294 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1571213773/service_images/shutterstock_154513355.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4aeb4e7dbe1901d8934f2a905a7b15de53f06b6507b1c885b5738aaeb8dd46

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
REVALIDATED
x-edge-location
londonGB
cf-polished
qual=85, origFmt=jpeg, origSize=306428
x-cache
HIT
status
200
content-disposition
inline; filename="shutterstock_154513355.webp"
x-age
959658
content-length
301474
last-modified
Sat, 26 Oct 2019 16:25:26 GMT
server
cloudflare
etag
"5db47376-4acfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
195.181.164.1
accept-ranges
bytes
cf-ray
56883fdcf8931f31-FRA
cf-bgj
imgq:85
email-decode.min.js
sdsinvestigators.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdsinvestigators.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6812:319a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 19 Feb 2020 10:15:58 GMT
server
cloudflare
etag
W/"5e4d0ade-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
56883fdcca07d6c1-FRA
expires
Sun, 23 Feb 2020 11:06:11 GMT
1e20980b-531e-402f-b613-5a5047fb8f8d.jpg
img77.uenicdn.com/image/upload/v1579796300/business/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1579796300/business/1e20980b-531e-402f-b613-5a5047fb8f8d.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ec10cf1e47ca9743960c3c1275f24954c3e5a13b53a164ab78016dc1505300

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
129291
content-length
7158
last-modified
Thu, 23 Jan 2020 16:18:37 GMT
server
cloudflare
etag
"5e29c75d-1bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdcf8981f31-FRA
da2effec-98ef-4086-981a-6abd8484ad04.jpg
img77.uenicdn.com/image/upload/v1580656076/business/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1580656076/business/da2effec-98ef-4086-981a-6abd8484ad04.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0f1d2cfb29e3f228c89fced2f744bed06a937ae738270807a42851024949b1

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
419084
content-length
68478
last-modified
Sun, 02 Feb 2020 15:45:23 GMT
server
cloudflare
etag
"5e36ee93-10b7e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdcf89b1f31-FRA
7ac1674f-8b29-4de2-8175-ddc8f2acee67.jpg
img77.uenicdn.com/image/upload/v1581164123/business/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1581164123/business/7ac1674f-8b29-4de2-8175-ddc8f2acee67.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89bcb3ba2c44f332eda09f0b83c7262bcf731949cb0a4a32f11c338de771d5d4

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
129291
content-length
12192
last-modified
Sat, 08 Feb 2020 12:24:32 GMT
server
cloudflare
etag
"5e3ea880-2fa0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdd69ab1f31-FRA
shutterstock_767180356.jpg
img77.uenicdn.com/image/upload/v1542045600/category/ 		236 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1542045600/category/shutterstock_767180356.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3993a2bb33b7f824d9fcba87b8eb8fa953e0e0dea02779ee5d2b4629e02d09e

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
57888
content-length
241977
last-modified
Mon, 22 Jul 2019 20:45:52 GMT
server
cloudflare
etag
"5d362080-3b139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdd69c11f31-FRA
e12a7192-3434-433f-84d8-6298229de56f.jpg
img77.uenicdn.com/image/upload/v1580654174/business/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1580654174/business/e12a7192-3434-433f-84d8-6298229de56f.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e52bd7be9b509d23643545036132d3a7967438dcc0c2b2fbcb954e3bfcf476d

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
707703
content-length
12034
last-modified
Sun, 02 Feb 2020 14:37:55 GMT
server
cloudflare
etag
"5e36dec3-2f02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdd79d11f31-FRA
1e16a231-7072-445d-8ce1-429b3d7f1d44.jpg
img77.uenicdn.com/image/upload/v1579798298/business/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img77.uenicdn.com/image/upload/v1579798298/business/1e16a231-7072-445d-8ce1-429b3d7f1d44.jpg
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27482fc9369b30a19847750626ed887f07d6e0b37070d7d312bc20627cbe2dd8

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:11 GMT
cf-cache-status
MISS
x-edge-location
londonGB
x-cache
HIT
status
200
x-age
419084
content-length
9897
last-modified
Thu, 23 Jan 2020 16:53:48 GMT
server
cloudflare
etag
"5e29cf9c-26a9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-edge-ip
185.59.221.20
accept-ranges
bytes
cf-ray
56883fdd8a031f31-FRA
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/webp
gtm.js
www.googletagmanager.com/ 		191 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P9XRF82
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9d38b33fdf7767c7275a6c9b3927ed3b878d0968868934eacc86a70edd2b6972
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 11:06:12 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
40029
x-xss-protection
0
last-modified
Fri, 21 Feb 2020 09:57:59 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Feb 2020 11:06:12 GMT
/
sentry.io/api/1793427/store/ 		41 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1793427/store/?sentry_key=0bcff741e30744208ddd9484c93bb717&sentry_version=7
Requested by
Host: render.uenicdn.com
URL: https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1af06ec96ffd0190870d19f32c423d08f3092eb24ab7a9d3b7d2efeb0bf34efb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 21 Feb 2020 11:06:13 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://sdsinvestigators.com
access-control-expose-headers
retry-after, x-sentry-error
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
41
/
sentry.io/api/1793427/store/ 		41 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1793427/store/?sentry_key=0bcff741e30744208ddd9484c93bb717&sentry_version=7
Requested by
Host: render.uenicdn.com
URL: https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
96bcbfb7c5085bf7aced1b7734bad08ff8053a6968732c61dca465b1744242c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 21 Feb 2020 11:06:13 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://sdsinvestigators.com
access-control-expose-headers
retry-after, x-sentry-error
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
41
16277.js
www.dwin1.com/ 		16 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.dwin1.com/16277.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XRF82
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2057:c00:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
df445e0392619626548c84c033d64a20a0757dc0c3df09d059948ce86ce5dc3d

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
aPcjyX2fQpILoFCn34_Ym5aFfWKFRNNn
content-encoding
gzip
last-modified
Tue, 17 Sep 2019 14:02:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
date
Fri, 21 Feb 2020 11:06:14 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
status
200
cache-control
max-age=3600,s-maxage=3600
x-amz-replication-status
COMPLETED
x-cache
RefreshHit from cloudfront
access-control-allow-origin
*
x-amz-cf-id
OCsvKR562SGH9TWRrodd39o4gmXnmuDBvd1cKokEXLcaG3TK_by86A==
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P9XRF82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
4663
date
Fri, 21 Feb 2020 09:48:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 21 Feb 2020 11:48:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: sdsinvestigators.com
URL: https://sdsinvestigators.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
KeBnkK/BxW2i+/wh5cN1zFkzThVwavlcdVVcdIvEjRSSYCcSbG0YQuVJleYsX+RzbyOMpWBIBw5zLwSYn5Oaxg==
x-fb-trip-id
420120009
date
Fri, 21 Feb 2020 11:06:13 GMT, Fri, 21 Feb 2020 11:06:13 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-PNHHT9L&t=gtm1&cid=653706800.1582283173
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbac9b042abfb1bba08be743090ec01027faab26e8a98df5457167182e1fea80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 21 Feb 2020 11:06:13 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
23109
x-xss-protection
0
last-modified
Fri, 21 Feb 2020 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 21 Feb 2020 11:06:13 GMT
200708087041795
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/200708087041795?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
993c992eb3900f94ac8b7dde78576ddf8fabe161757f78d3cc455a22ee296654
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
kMQlBeKJJLS4GTA012Ef+KlyrJdYjQR32bjpaK/WGu3YnvDCyDw1uqPbAzg+fS1CxlB2+oWbrVm84yv5G4r9GA==
x-fb-trip-id
420120009
date
Fri, 21 Feb 2020 11:06:13 GMT, Fri, 21 Feb 2020 11:06:13 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=796846515&t=pageview&_s=1&dl=https%3A%2F%2Fsdsinvestigators.com%2F&ul=en-us&de=UTF-8&dt=SDS%20Private%20Investigators&sd=24-bit&sr=1600x1200&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_gid=1347907525.1582283173&gjid=414614390&_v=j81&z=760468813
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813&slf_rd=1&random=476737656
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813&slf_rd=1&random=476737656
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 21 Feb 2020 11:06:13 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 21 Feb 2020 11:06:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-91212729-8&cid=653706800.1582283173&jid=1870118441&_v=j81&z=760468813&slf_rd=1&random=476737656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=200708087041795&ev=PageView&dl=https%3A%2F%2Fsdsinvestigators.com%2F&rl=&if=false&ts=1582283173761&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1582283173761.446538107&it=1582283173495&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 21 Feb 2020 11:06:13 GMT, Fri, 21 Feb 2020 11:06:13 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 21 Feb 2020 11:06:13 GMT
/
www.facebook.com/tr/ 		0
82 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sdsinvestigators.com/
Origin
https://sdsinvestigators.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryjgabUAgIAG6z9aVr

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
access-control-allow-origin
https://sdsinvestigators.com
date
Fri, 21 Feb 2020 11:06:14 GMT
content-type
text/plain
status
200
access-control-allow-credentials
true
alt-svc
h3-24=":443"; ma=3600
content-length
0

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| __PRELOAD_DATA__ object| __PRELOAD_TRANSLATIONS__ string| __PRELOAD_LOCALE__ object| __PRELOAD_APP_CONTEXT__ object| dataLayer function| runGtm object| SENTRY_RELEASE object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| __SENTRY__ function| _ object| scCGSHMRCache number| __mobxInstanceCount object| __mobxGlobals function| animateScrollTo number| 2f1acc6c3a606b082e5eef5e54414ffb object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq boolean| hasStore undefined| state undefined| user undefined| venues undefined| slug undefined| venue undefined| gmbs undefined| gmb undefined| subscription undefined| plan undefined| content_status undefined| gmbTag undefined| roles undefined| tracking function| update function| init object| AWIN object| Sha256 object| Utf8 object| gaplugins object| gaGlobal object| gaData object| google_optimize

4 Cookies

Domain/Path Name / Value
.sdsinvestigators.com/ Name: _gid
Value: GA1.2.1347907525.1582283173
.sdsinvestigators.com/ Name: _ga
Value: GA1.2.653706800.1582283173
.sdsinvestigators.com/ Name: _gcl_au
Value: 1.1.397153416.1582283173
.sdsinvestigators.com/ Name: __cfduid
Value: d166a20ae0dbb39a642a9f713f2713b291582283171

3 Console Messages

Source Level URL
Text
console-api error URL: https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js(Line 91)
Message:
Error: Failed to initialize WebGL
console-api error URL: https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js(Line 91)
Message:
Error: Failed to initialize WebGL.
console-api error URL: https://render.uenicdn.com/static/js/main.1073f09de0e87f736b5cfd82d2b2b7716787f0c5.js(Line 91)
Message:
TypeError: Cannot set property '__reactRemoving' of undefined

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.maptiler.com
connect.facebook.net
img77.uenicdn.com
render.uenicdn.com
sdsinvestigators.com
sentry.io
stats.g.doubleclick.net
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
2600:9000:2057:c00:f:8ce2:fb80:93a1
2606:4700:20::681a:7d
2606:4700:3035::6812:319a
2606:4700::6811:843c
2a00:1450:4001:800::200e
2a00:1450:4001:819::2003
2a00:1450:4001:819::2008
2a00:1450:4001:821::2004
2a00:1450:400c:c04::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
35.188.42.15
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
05e95abe5b5fea34a9e826a55889892cfade9a7ecba0d30957a0d5206b11e942
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1af06ec96ffd0190870d19f32c423d08f3092eb24ab7a9d3b7d2efeb0bf34efb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27482fc9369b30a19847750626ed887f07d6e0b37070d7d312bc20627cbe2dd8
2d0f1d2cfb29e3f228c89fced2f744bed06a937ae738270807a42851024949b1
3f4aeb4e7dbe1901d8934f2a905a7b15de53f06b6507b1c885b5738aaeb8dd46
48e8c35de91edaa52acda5d025343acb8862bda14fe7c573fa64e65ea195e44f
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5e52bd7be9b509d23643545036132d3a7967438dcc0c2b2fbcb954e3bfcf476d
89bcb3ba2c44f332eda09f0b83c7262bcf731949cb0a4a32f11c338de771d5d4
9113989ee46b1e54beea5fe54c08ae6fed336ca8c39734a59368e877cb795504
96bcbfb7c5085bf7aced1b7734bad08ff8053a6968732c61dca465b1744242c0
993c992eb3900f94ac8b7dde78576ddf8fabe161757f78d3cc455a22ee296654
9d38b33fdf7767c7275a6c9b3927ed3b878d0968868934eacc86a70edd2b6972
a7fbde1944bc204cfa7d042407a5fdabe51bf59923772e38455f02c41152dff1
b3993a2bb33b7f824d9fcba87b8eb8fa953e0e0dea02779ee5d2b4629e02d09e
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
cbac9b042abfb1bba08be743090ec01027faab26e8a98df5457167182e1fea80
ce421cefeba1fd14f39e9baf36f62453dfd1a947bdcb76fc1995ab2b4013b3ad
df445e0392619626548c84c033d64a20a0757dc0c3df09d059948ce86ce5dc3d
e0c0e70dfa0b6e6611d9b6b13f4f2c25acc3c4c346e0ded5405a5fa4a40eceb1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9feabad470d74ff7eb3b89f00a3d0723d6efe5d0c699e98bcb777c635b8c713
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6ec10cf1e47ca9743960c3c1275f24954c3e5a13b53a164ab78016dc1505300