buywitchdoctors.com Open in urlscan Pro
74.208.247.208 Public Scan

URL:
http://buywitchdoctors.com/
Submission: On August 07 via manual (August 7th 2018, 8:20:42 pm UTC) from US

Summary HTTP 59 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 24 IPs in 6 countries across 26 domains to perform 59 HTTP transactions. The main IP is 74.208.247.208, located in Wayne, United States and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is buywitchdoctors.com.

This is the only time buywitchdoctors.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	74.208.247.208 74.208.247.208	8560 (ONEANDONE...) (ONEANDONE-AS Brauerstrasse 48)
1 3	184.31.87.184 184.31.87.184	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.255.83.235 178.255.83.235	35838 (CCANET) (CCANET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2 4	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	23.235.192.240 23.235.192.240	54641 (INMOTI-1) (INMOTI-1 - InMotion Hosting)
2	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.16.186.89 2.16.186.89	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7 10	54.228.225.10 54.228.225.10	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2.18.233.40 2.18.233.40	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1 2	54.93.220.148 54.93.220.148	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
7 7	79.125.111.221 79.125.111.221	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	151.101.14.2 151.101.14.2	54113 (FASTLY) (FASTLY - Fastly)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 2	18.194.111.46 18.194.111.46	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a00:1288:110... 2a00:1288:110:833::4000	34010 (YAHOO-IRD) (YAHOO-IRD)
1 2	18.153.11.16 18.153.11.16	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.33.223.197 185.33.223.197	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	54.88.87.248 54.88.87.248	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
2 2	216.58.207.66 216.58.207.66	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f12... 2a03:2880:f12d:86:face:b00c:0:50fb	32934 (FACEBOOK) (FACEBOOK - Facebook)
59	24

25 74.208.247.208 (Wayne, United States)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
PTR: bwd2.buywitchdoctors.com

buywitchdoctors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.31.87.184 (Amsterdam, Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-87-184.deploy.static.akamaitechnologies.com

verify.authorize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.255.83.235 (United Kingdom)

ASN35838 (CCANET, GB)
PTR: www.positivessl.com

www.positivessl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.235.192.240 (Los Angeles, United States)

ASN54641 (INMOTI-1 - InMotion Hosting, Inc., US)
PTR: ehub54.webhostinghub.com

secure54.webhostinghub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.89 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-89.deploy.static.akamaitechnologies.com

a.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 54.228.225.10 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-228-225-10.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-40.deploy.static.akamaitechnologies.com

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.220.148 (Frankfurt, Germany) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-93-220-148.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (European Union) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 79.125.111.221 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-79-125-111-221.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.111.46 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-194-111-46.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:833::4000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.153.11.16 (Cambridge, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-153-11-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.197 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.88.87.248 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-88-87-248.compute-1.amazonaws.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.254.65 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.241.240.143 (New York, United States) 1 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.207.66 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	buywitchdoctors.com buywitchdoctors.com	789 KB
19	adroll.com 14 redirects a.adroll.com d.adroll.com s.adroll.com	24 KB
4	doubleclick.net 4 redirects stats.g.doubleclick.net cm.g.doubleclick.net	1 KB
4	google-analytics.com 2 redirects www.google-analytics.com	29 KB
3	facebook.com www.facebook.com	736 B
3	facebook.net connect.facebook.net	47 KB
3	authorize.net 1 redirects verify.authorize.net	5 KB
2	openx.net 1 redirects us-u.openx.net	597 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	782 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	3lift.com 1 redirects eb2.3lift.com	973 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	advertising.com 1 redirects pixel.advertising.com	647 B
2	google.de www.google.de	218 B
2	google.com 2 redirects www.google.com	361 B
2	youtube.com www.youtube.com
1	pippio.com pippio.com	510 B
1	adnxs.com ib.adnxs.com	592 B
1	yahoo.com ads.yahoo.com	1 KB
1	taboola.com trc.taboola.com	228 B
1	pubmatic.com simage2.pubmatic.com	817 B
1	outbrain.com sync.outbrain.com	18 B
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	webhostinghub.com secure54.webhostinghub.com
1	googletagmanager.com www.googletagmanager.com	21 KB
1	positivessl.com www.positivessl.com	32 KB
59	26

	Domain	Requested by
25	buywitchdoctors.com	buywitchdoctors.com
17	d.adroll.com	14 redirects a.adroll.com
4	www.google-analytics.com	2 redirects buywitchdoctors.com www.googletagmanager.com
3	www.facebook.com
3	connect.facebook.net	buywitchdoctors.com connect.facebook.net
3	verify.authorize.net	1 redirects buywitchdoctors.com
2	cm.g.doubleclick.net	2 redirects
2	us-u.openx.net	1 redirects
2	idsync.rlcdn.com	2 redirects
2	x.bidswitch.net	1 redirects
2	eb2.3lift.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.advertising.com	1 redirects
2	www.google.de	buywitchdoctors.com
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	www.youtube.com	buywitchdoctors.com
1	pippio.com
1	ib.adnxs.com
1	ads.yahoo.com
1	trc.taboola.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	pixel.rubiconproject.com
1	s.adroll.com
1	a.adroll.com	buywitchdoctors.com
1	secure54.webhostinghub.com	buywitchdoctors.com
1	www.googletagmanager.com	buywitchdoctors.com
1	www.positivessl.com	buywitchdoctors.com
59	29

This site contains links to these domains. Also see Links.

Domain
verify.authorize.net
www.authorize.net
www.positivessl.com
www.facebook.com
www.youtube.com
www.twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.authorize.net Entrust Certification Authority - L1K	`2017-04-10` - `2020-05-15`	3 years	crt.sh
www.positivessl.com COMODO RSA Extended Validation Secure Server CA	`2018-02-21` - `2020-02-25`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
*.webhostinghub.com COMODO RSA Domain Validation Secure Server CA	`2017-01-31` - `2020-02-23`	3 years	crt.sh
*.google.com Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
www.google.de Google Internet Authority G3	`2018-07-24` - `2018-10-02`	2 months	crt.sh
*.adroll.com Amazon	`2018-01-10` - `2019-02-10`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2018-04-16` - `2019-02-06`	10 months	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2016-01-12` - `2019-03-01`	3 years	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2018-08-07` - `2018-10-06`	2 months	crt.sh
*.pubmatic.com COMODO RSA Organization Validation Secure Server CA	`2016-04-12` - `2019-05-27`	3 years	crt.sh
*.3lift.com Amazon	`2018-07-31` - `2019-08-31`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-07-05` - `2019-01-10`	6 months	crt.sh
*.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-03-22` - `2019-05-05`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2018-01-25` - `2019-01-25`	a year	crt.sh
pippio.com COMODO RSA Domain Validation Secure Server CA	`2017-10-23` - `2020-11-15`	3 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2018-04-03` - `2019-04-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://buywitchdoctors.com/
Frame ID: CDD7D39242B5D3AF90A0FCF4854229A7
Requests: 56 HTTP requests in this frame

Frame: https://secure54.webhostinghub.com/~places13/placesmobile.com/web/ChamberPTPFiles/Youngstown/witch_doctors.html
Frame ID: 1F030A4A5EDCD94001826C334AD4B852
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1
Frame ID: 3AF58C4D278C1FFF6DB0C49C30B4535D
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1
Frame ID: 2EC5B461358F4D2392292DA165ADEB9D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /(?:a|s)\.adroll\.com/i
env /^adroll_/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

59
Requests

56 %
HTTPS

31 %
IPv6

26
Domains

29
Subdomains

24
IPs

6
Countries

945 kB
Transfer

1343 kB
Size

12
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://verify.authorize.net/anetseal/?pid=002f260f-84ae-4252-8acf-8a407611fc75&rurl=http%3A//buywitchdoctors.com/
Title:

Search URL Search Domain Scan URL

URL: http://www.authorize.net/
Title: Merchant Services

Search URL Search Domain Scan URL

URL: https://www.positivessl.com/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/witchdoctorbillet

Search URL Search Domain Scan URL

URL: http://www.youtube.com/witchdoctorbillet

Search URL Search Domain Scan URL

URL: http://www.twitter.com/witchdrbillet

Search URL Search Domain Scan URL

URL: http://www.instagram.com/witchdoctorsbillet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

http://verify.authorize.net/anetseal/seal.js HTTP 301
https://verify.authorize.net/anetseal/seal.js

Request Chain 26

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 31

http://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1 HTTP 307
https://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1

Request Chain 32

http://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1 HTTP 307
https://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1

Request Chain 33

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Supplier&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=505862091&gjid=388218667&cid=1143346093.1533673231&tid=UA-52997108-1&_gid=1693469975.1533673231&_r=1&z=1747937270 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Supplier&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=505862091&gjid=388218667&cid=1143346093.1533673231&tid=UA-52997108-1&_gid=1693469975.1533673231&_r=1&z=1747937270 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_gid=1693469975.1533673231&gjid=388218667&_v=j68&z=1747937270 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270&slf_rd=1&random=2615257953

Request Chain 36

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Supplier&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=1364210995&gjid=1551202999&cid=1143346093.1533673231&tid=UA-52997108-1&_gid=1693469975.1533673231&_r=1&gtm=G7nB3SVC8H&z=513743172 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Supplier&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=1364210995&gjid=1551202999&cid=1143346093.1533673231&tid=UA-52997108-1&_gid=1693469975.1533673231&_r=1&gtm=G7nB3SVC8H&z=513743172 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_gid=1693469975.1533673231&gjid=1551202999&_v=j68&z=513743172 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172&slf_rd=1&random=501157555

Request Chain 39

https://d.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF?pv=42799599095.43365&cookie=&adroll_s_ref=&keyw=&arrfrr=http%3A%2F%2Fbuywitchdoctors.com%2F HTTP 302
https://s.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF/3ROHWFX7YVC2TP6TKMUJNA.js

Request Chain 41

https://d.adroll.com/cm/aol/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

Request Chain 42

https://d.adroll.com/cm/index/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232&C=1

Request Chain 43

https://d.adroll.com/cm/n/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expires=365

Request Chain 44

https://d.adroll.com/cm/outbrain/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://sync.outbrain.com/adroll/pixel?user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

Request Chain 45

https://d.adroll.com/cm/pubmatic/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA

Request Chain 46

https://d.adroll.com/cm/taboola/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

Request Chain 47

https://d.adroll.com/cm/triplelift/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://eb2.3lift.com/xuid?mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e&gdpr=1&cmp_cs=

Request Chain 49

https://d.adroll.com/cm/r/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Request Chain 50

https://d.adroll.com/cm/b/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

Request Chain 51

https://d.adroll.com/cm/x/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY%27)

Request Chain 52

https://d.adroll.com/cm/l/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://idsync.rlcdn.com/377928.gif?partner_uid=23b20da55710a440e6e3a9bfdb360fa6 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTYQABoNCJD-p9sFEgUI6AcQAA HTTP 307
https://pippio.com/api/sync?pid=5324&_=2

Request Chain 53

https://d.adroll.com/cm/o/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6

Request Chain 54

https://d.adroll.com/cm/g/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6&google_nid=adroll5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=I7INpVcQpEDm46m_2zYPpg&google_ula=1535926 HTTP 302
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=I7INpVcQpEDm46m_2zYPpg&google_ula=1535926&google_tc= HTTP 302
https://d.adroll.com/cm/g/in?google_ula=1535926,0

59 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
buywitchdoctors.com/ 29 KB
7 KB 298ms
155ms Document
text/html 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

f27631cd99253081f6f26754823ea7dff70f9c487738e34c5972c99e8e88600d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Host: buywitchdoctors.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CDD7D39242B5D3AF90A0FCF4854229A7

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Server: Apache
Set-Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7; expires=Wed, 08-Aug-2018 12:20:30 GMT; Max-Age=57600; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 7130
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Language: en-US

GET
H/1.1 200
OK All6.css
buywitchdoctors.com/common/axiom/css/ 50 KB
12 KB 138ms
136ms Stylesheet
text/css 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/common/axiom/css/All6.css

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

12bb1757b85df81c9fca20abcd10afe18d1281319baebcd2dd44cf4395397884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 24 Apr 2017 14:42:15 GMT
Server: Apache
ETag: "c646-54dea9cfbffc0-gzip"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 11838
Keep-Alive: timeout=5, max=99

GET
H/1.1 200
OK 15XXX.css
buywitchdoctors.com/common/axiom/css/ 11 KB
3 KB 272ms
135ms Stylesheet
text/css 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/common/axiom/css/15XXX.css

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

d62e1fa6bed40d557b1285a6deaea3d8425846875aca2403617edd7342ce5464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 15 Jan 2016 19:38:30 GMT
Server: Apache
ETag: "2cfa-529648c3f9980-gzip"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 2408
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bjqs.css
buywitchdoctors.com/common/axiom/css/ 883 B
856 B 272ms
134ms Stylesheet
text/css 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/common/axiom/css/bjqs.css

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

31d2cd4d78a300ffeca1b03281800d391730414e805ee0d6dbb2c7f6a840e070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Mar 2017 17:44:08 GMT
Server: Apache
ETag: "373-54b7d8a5e8a00-gzip"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Vary: Accept-Encoding
Content-Length: 417
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK jquery-1.12.4.min.js Show response
buywitchdoctors.com/common/java/ 95 KB
33 KB 278ms
140ms Script
application/javascript 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/common/java/jquery-1.12.4.min.js

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Dec 2017 14:56:40 GMT
Server: Apache
ETag: "17b8b-56039f9913a00-gzip"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Length: 33760
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK bjqs-1.3.js Show response
buywitchdoctors.com/common/axiom/java/ 24 KB
5 KB 278ms
139ms Script
application/javascript 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to

Full URL

http://buywitchdoctors.com/common/axiom/java/bjqs-1.3.js

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

4a69b1883082a17675c8cae0a8a61cf080a2ec85fe4b606b8168f6dd60f0a7e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 05 Apr 2013 13:33:07 GMT
Server: Apache
ETag: "5f97-4d99d209b8ac0-gzip"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: application/javascript
Vary: Accept-Encoding
Content-Length: 4509
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK _s897_victory-motorcycle-parts.png
buywitchdoctors.com/images/ 64 KB
64 KB 135ms
135ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s897_victory-motorcycle-parts.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

11f7c93f7e846bf43503c6e8766202f5905690e3e7f22aadcff0d513760e4529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 02 May 2017 18:41:54 GMT
Server: Apache
ETag: "fe67-54e8ee4c90c92"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Content-Length: 65127

GET
H/1.1 200
OK _1227_victory-motorcycle-parts.png
buywitchdoctors.com/images/ 66 KB
67 KB 136ms
135ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_1227_victory-motorcycle-parts.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

c432d50296ed5a835c2f85b1a34be98bdd8340424105d527cdee26a271b71440

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 22 Mar 2017 13:49:31 GMT
Server: Apache
ETag: "109fb-54b5207af880e"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Content-Length: 68091

GET
H/1.1 200
OK _s1054_victory-motorcycle-parts.png
buywitchdoctors.com/images/ 19 KB
19 KB 136ms
135ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1054_victory-motorcycle-parts.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

a7ff2933fbf605dd1f3cfc7f25c34c8f8177c3889bc9e2e4f0f988f09bd8ff0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Mar 2017 12:50:34 GMT
Server: Apache
ETag: "4c62-54ad881cd0d28"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Content-Length: 19554

GET
H/1.1 200
OK search2.png
buywitchdoctors.com/common/images/ 2 KB
3 KB 136ms
135ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/search2.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

521564b329093a489f82b824807a6e82875caa698a53bb26d905ae68a066c0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 07 Nov 2014 17:54:39 GMT
Server: Apache
ETag: "912-5074881b955c0"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=99
Content-Length: 2322

GET
H/1.1 200
OK _resource_--9479.jpg
buywitchdoctors.com/images/ 96 KB
96 KB 135ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_resource_--9479.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

ba14d6f0ae56221f91e5df193879ab1489d20ce9678a01bc84f061c9da4f0a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Jul 2018 13:35:17 GMT
Server: Apache
ETag: "17f79-5724ba6075c2f"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 98169

GET
H/1.1 200
OK _s1174_victory-motorcycle-parts.jpg
buywitchdoctors.com/images/ 44 KB
44 KB 673ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1174_victory-motorcycle-parts.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

16941271b15369896c00d5038e4f7854c3d7ee382150b47f4793d8d8dc66623f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Apr 2017 14:21:53 GMT
Server: Apache
ETag: "af0b-54d85bef198b7"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 44811

GET
H/1.1 200
OK _s1175_victory-motorcycle-parts.jpg
buywitchdoctors.com/images/ 51 KB
52 KB 392ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1175_victory-motorcycle-parts.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

b77cad425a1d15a5222eecee2a33e0f692d683d50edffec02adca434d9c27e91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Apr 2017 14:23:01 GMT
Server: Apache
ETag: "cd5c-54d85c3051ec6"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 52572

GET
H/1.1 200
OK _1176_victory-motorcycle-parts.jpg
buywitchdoctors.com/images/ 75 KB
75 KB 563ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_1176_victory-motorcycle-parts.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

858668c99b2eea1de9da31eb20119bafc22b3a2bd980c3eeccf225178141675f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 16 Dec 2017 17:45:47 GMT
Server: Apache
ETag: "12b2a-56078aff441e7"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 76586

GET
H/1.1 200
OK _1162_victory-motorcycle-parts.png
buywitchdoctors.com/images/ 95 KB
95 KB 391ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_1162_victory-motorcycle-parts.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

4f293323be5190685c1820df5843dd78371891850fa69e1d315b26e7034c29f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 14:29:43 GMT
Server: Apache
ETag: "17a02-56e72b27f14ce"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Content-Length: 96770

GET
H/1.1 200
OK _s1163_-.png
buywitchdoctors.com/images/ 37 KB
38 KB 428ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1163_-.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

047448f0827ca7d6ba6939c64424ae003ccaae1e99d45121a989af015eb4fbd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 13:51:18 GMT
Server: Apache
ETag: "94b2-56e7229132e9f"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Content-Length: 38066

GET
H/1.1 200
OK _s1164_-.jpg
buywitchdoctors.com/images/ 46 KB
47 KB 525ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1164_-.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

9c9e8b6a9aac579da493757403f3ddbabe2c70fbfe3ec4e5d7d126522ffa1606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 16:55:29 GMT
Server: Apache
ETag: "b954-56e74bbc97678"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 47444

GET
H/1.1 200
OK _s1165_-.jpg
buywitchdoctors.com/images/ 33 KB
33 KB 391ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_s1165_-.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

668cbae31be040f60dd4d43e73483f9d1080d1dc3f4224897e08cffa481aa94c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 11 Jun 2018 18:14:26 GMT
Server: Apache
ETag: "831a-56e61b84e7d0d"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 33562

GET
H/1.1 200
OK _1166_victory-motorcycle-parts.jpg
buywitchdoctors.com/images/ 42 KB
42 KB 527ms
134ms Image
image/jpeg 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/images/_1166_victory-motorcycle-parts.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

eae8593217b9bbf210fdddba3f5b1b143aee30cbc302f6ec98c60a9a8ba0cf3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 12 Jun 2018 17:01:47 GMT
Server: Apache
ETag: "a683-56e74d253913b"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 42627

GET
H/1.1

200
OK

seal.js Show response
verify.authorize.net/anetseal/
Redirect Chain

http://verify.authorize.net/anetseal/seal.js
https://verify.authorize.net/anetseal/seal.js

4 KB
1 KB

32ms
8ms

Script
application/javascript

184.31.87.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://verify.authorize.net/anetseal/seal.js
Requested by: Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.87.184 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-87-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b6c5460bbfbf718ee22ac511bbd87f29c34203b527b1e35b2c375e7dc6ec1080

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Apr 2018 06:29:19 GMT
ETag: "487f6c6a15d6d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1093

Redirect headers

Location: https://verify.authorize.net/anetseal/seal.js
Date: Tue, 07 Aug 2018 20:20:30 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK PositiveSSL_tl_trans.png
www.positivessl.com/images-new/ 30 KB
32 KB 228ms
54ms Image
image/png 178.255.83.235
CCANET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.positivessl.com/images-new/PositiveSSL_tl_trans.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.255.83.235 , United Kingdom, ASN35838 (CCANET, GB),

Reverse DNS

www.positivessl.com

Software

nginx /

Resource Hash

b9b27c6e38b25c6c9014fac2ba276e75be38abb1869b993bd6ec2d8895affe05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; default-src 'self' https://vars.hotjar.com https://plugins.help.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://secure.comodo.com https://secure.comodo.net https://www.google-analytics.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://dnn506yrbagrg.cloudfront.net https://server.iad.liveperson.net https://plugins.help.com https://cdn.optimizely.com ; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; font-src 'self' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; img-src 'self' data: https://www.gstatic.com https://secure.comodo.com https://www.google.co.in https://www.google-analytics.com https://stats.g.doubleclick.net ; object-src 'self' https://secure.comodo.com ; connect-src 'self' https://in.hotjar.com https://graylog.hotjar.com https://insights.hotjar.com ; report-uri https://cspreports.comodo.com
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Frame-Options: SAMEORIGIN
Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 18 Mar 2016 22:12:48 GMT
Server: nginx
webserver-id: rmdccgweb2
ETag: "56ec7d60-793c"
Strict-Transport-Security: max-age=15768000
Content-Type: image/png
Content-Security-Policy: upgrade-insecure-requests; default-src 'self' https://vars.hotjar.com https://plugins.help.com ; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://ajax.googleapis.com https://consent.cookiebot.com https://consentcdn.cookiebot.com https://secure.comodo.com https://secure.comodo.net https://www.google-analytics.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://dnn506yrbagrg.cloudfront.net https://server.iad.liveperson.net https://plugins.help.com https://cdn.optimizely.com ; style-src 'self' 'unsafe-inline' 'unsafe-eval' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://fonts.googleapis.com ; font-src 'self' https://maxcdn.bootstrapcdn.com https://cdnjs.cloudflare.com https://fonts.gstatic.com ; img-src 'self' data: https://www.gstatic.com https://secure.comodo.com https://www.google.co.in https://www.google-analytics.com https://stats.g.doubleclick.net ; object-src 'self' https://secure.comodo.com ; connect-src 'self' https://in.hotjar.com https://graylog.hotjar.com https://insights.hotjar.com ; report-uri https://cspreports.comodo.com
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 31036
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK social_facebook.png
buywitchdoctors.com/common/images/ 9 KB
9 KB 135ms
135ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/social_facebook.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

66c9dac94f44c5138644fe005d8399d354e5f64260df78ef38ab31518648ef93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7; _ga=GA1.2.1143346093.1533673231; _gid=GA1.2.1693469975.1533673231; _gat=1; _gat_UA-52997108-1=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Mar 2013 19:00:31 GMT
Server: Apache
ETag: "2465-4d900c4c031c0"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Content-Length: 9317

GET
H/1.1 200
OK social_youtube.png
buywitchdoctors.com/common/images/ 10 KB
10 KB 135ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/social_youtube.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

0ac7a81fd48bba0335717685e0155f49b6f34c58dab726bd9479e843b24be35e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7; _ga=GA1.2.1143346093.1533673231; _gid=GA1.2.1693469975.1533673231; _gat=1; _gat_UA-52997108-1=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 May 2014 15:19:33 GMT
Server: Apache
ETag: "26e9-4f8a8a88f4b40"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Content-Length: 9961

GET
H/1.1 200
OK social_twitter.png
buywitchdoctors.com/common/images/ 4 KB
4 KB 135ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/social_twitter.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

1c6993569ce8b44ba57196cb334e0a39c67bf9243c5e27e40c31e829f2f383ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7; _ga=GA1.2.1143346093.1533673231; _gid=GA1.2.1693469975.1533673231; _gat=1; _gat_UA-52997108-1=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 16 Apr 2013 16:12:34 GMT
Server: Apache
ETag: "f77-4da7ca3198080"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=95
Content-Length: 3959

GET
H/1.1 200
OK social_instagram.png
buywitchdoctors.com/common/images/ 14 KB
15 KB 135ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/social_instagram.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

117560745a9077ae8e3c2849dfd30d3acf283a4a382f033a25fcdecc0599d89e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7; _ga=GA1.2.1143346093.1533673231; _gid=GA1.2.1693469975.1533673231; _gat=1; _gat_UA-52997108-1=1
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 05 May 2014 15:42:48 GMT
Server: Apache
ETag: "3985-4f8a8fbb54e00"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=96
Content-Length: 14725

GET
S 200 fbevents.js Show response
connect.facebook.net/en_US/ 43 KB
14 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: public
x-fb-debug: 8T37dbV8mEFUmnY/1aNygykyhCtzDC4cV337gZE+lVF7LYKJcqN/BQAVNTxLmNCbOF2wvAXKE9FzZ8FVaZ4sXg==
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 07 Aug 2018 20:20:30 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
status: 200
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
strict-transport-security: max-age=31536000; preload; includeSubDomains
vary: Accept-Encoding
content-length: 13455
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 60 KB
21 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:81c::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-B3SVC8H

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

a7c70b0d74874721017e0ed469f10b55c253fcf33858d139d8482b40c8f14b8e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Aug 2018 20:20:31 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 21176
x-xss-protection: 1; mode=block
expires: Tue, 07 Aug 2018 20:20:31 GMT

GET
S

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

34 KB
14 KB

6ms
5ms

Script
text/javascript

2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4902
date: Tue, 07 Aug 2018 18:58:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 07 Aug 2018 20:58:48 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 404
Not Found zlayout-body-home.jpg
buywitchdoctors.com/NOimages/ 14 KB
14 KB 918ms
787ms Image
text/html 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/NOimages/zlayout-body-home.jpg

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

49916d7d82ac09c1e4ad77fa285cab0f9dd31e31ab20df2b8616a2bb8f47cba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Server: Apache
X-Frame-Options: sameorigin
Content-Language: en-US
Transfer-Encoding: chunked
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK 15XXX-shine-101.png
buywitchdoctors.com/common/images/ 203 B
589 B 266ms
134ms Image
image/png 74.208.247.208
ONEANDONE-AS Brau...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://buywitchdoctors.com/common/images/15XXX-shine-101.png

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

HTTP/1.1

Server

74.208.247.208 Wayne, United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),

Reverse DNS

bwd2.buywitchdoctors.com

Software

Apache /

Resource Hash

36d4bf766008908315a8ca472d95b7dfca353c3c05a324d5a71d84977e84f58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: buywitchdoctors.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: http://buywitchdoctors.com/common/axiom/css/15XXX.css
Cookie: CGSSESSID=sn0416gagn0s9a6kbbqmte04p7
Connection: keep-alive
Cache-Control: no-cache
Referer: http://buywitchdoctors.com/common/axiom/css/15XXX.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:31 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 19 Jun 2013 19:27:55 GMT
Server: Apache
ETag: "cb-4df86d391c4c0"
X-Frame-Options: sameorigin
Content-Language: en-US
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Content-Length: 203

GET
H2 200 witch_doctors.html
secure54.webhostinghub.com/~places13/placesmobile.com/web/ChamberPTPFiles/Youngstown/ Frame 1F03 0
0 432ms
94ms Document
text/html 23.235.192.240
InMotion Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://secure54.webhostinghub.com/~places13/placesmobile.com/web/ChamberPTPFiles/Youngstown/witch_doctors.html
Requested by: Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.235.192.240 Los Angeles, United States, ASN54641 (INMOTI-1 - InMotion Hosting, Inc., US),
Reverse DNS: ehub54.webhostinghub.com
Software: Apache /
Resource Hash

Request headers

:method: GET
:authority: secure54.webhostinghub.com
:scheme: https
:path: /~places13/placesmobile.com/web/ChamberPTPFiles/Youngstown/witch_doctors.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://buywitchdoctors.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CDD7D39242B5D3AF90A0FCF4854229A7
Referer: http://buywitchdoctors.com/

Response headers

status: 200
date: Tue, 07 Aug 2018 20:20:31 GMT
server: Apache
last-modified: Fri, 24 Feb 2017 12:33:57 GMT
accept-ranges: bytes
content-length: 7777
content-type: text/html

GET
H/1.1 200
OK secure90x72.gif
verify.authorize.net/anetseal/images/ 3 KB
3 KB 8ms
8ms Image
image/gif 184.31.87.184
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://verify.authorize.net/anetseal/images/secure90x72.gif
Requested by: Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.87.184 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a184-31-87-184.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7960691313595337d42f7945466244d9bd55663beb774aa4ac9d71bd3bdb71cc

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:30 GMT
Last-Modified: Fri, 03 Nov 2017 20:56:12 GMT
Connection: keep-alive
Accept-Ranges: bytes
ETag: "0be4e2ee654d31:0"
Content-Length: 2894
Content-Type: image/gif

GET
H2

404

_Yqlwh0Gn3Y&hl=en&fs=1
www.youtube.com/v/ Frame 3AF5
Redirect Chain

http://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1
https://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1

0
0

58ms
57ms

Document
text/html

2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri https://www.youtube.com/csp_204?t=ehttps&vcs=4935f10700961704689624cc13542fcc&plabel=youtube.ytfe.desktop_20180803_8_RC1&pcl=207593344
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /v/_Yqlwh0Gn3Y&hl=en&fs=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://buywitchdoctors.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CDD7D39242B5D3AF90A0FCF4854229A7
Referer: http://buywitchdoctors.com/

Response headers

status: 404
strict-transport-security: max-age=31536000
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-length: 0
x-content-type-options: nosniff
expires: Tue, 27 Apr 1971 19:44:06 EST
content-type: text/html; charset=utf-8
content-security-policy: connect-src https:; default-src 'self' 'unsafe-inline' 'unsafe-eval' https:; img-src https: data:; media-src https: blob:; report-uri https://www.youtube.com/csp_204?t=ehttps&vcs=4935f10700961704689624cc13542fcc&plabel=youtube.ytfe.desktop_20180803_8_RC1&pcl=207593344
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
date: Tue, 07 Aug 2018 20:20:31 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=VN_Hqz-pnXY; path=/; domain=.youtube.com; expires=Sun, 03-Feb-2019 20:20:31 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 08-Apr-2019 08:13:31 GMT YSC=DTLQ14gJFW0; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Tue, 07-Aug-2018 20:50:31 GMT VISITOR_INFO1_LIVE=VN_Hqz-pnXY; path=/; domain=.youtube.com; expires=Sun, 03-Feb-2019 20:20:31 GMT; httponly
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location: https://www.youtube.com/v/_Yqlwh0Gn3Y&hl=en&fs=1
Non-Authoritative-Reason: HSTS

GET
H2

404

p5AlmNWsmms&hl=en&fs=1
www.youtube.com/v/ Frame 2EC5
Redirect Chain

http://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1
https://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1

0
0

216ms
216ms

Document
text/html

2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /v/p5AlmNWsmms&hl=en&fs=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: http://buywitchdoctors.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: CDD7D39242B5D3AF90A0FCF4854229A7
Referer: http://buywitchdoctors.com/

Response headers

status: 404
x-xss-protection: 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
strict-transport-security: max-age=31536000
expires: Tue, 27 Apr 1971 19:44:06 EST
content-type: text/html; charset=utf-8
cache-control: no-cache
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
x-content-type-options: nosniff
content-length: 0
date: Tue, 07 Aug 2018 20:20:31 GMT
server: YouTube Frontend Proxy
set-cookie: VISITOR_INFO1_LIVE=lQR11R4BzbQ; path=/; domain=.youtube.com; expires=Sun, 03-Feb-2019 20:20:31 GMT; httponly VISITOR_INFO1_LIVE=lQR11R4BzbQ; path=/; domain=.youtube.com; expires=Sun, 03-Feb-2019 20:20:31 GMT; httponly YSC=tVMTaCSSG4o; path=/; domain=.youtube.com; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Mon, 08-Apr-2019 08:13:31 GMT GPS=1; path=/; domain=.youtube.com; expires=Tue, 07-Aug-2018 20:50:31 GMT
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location: https://www.youtube.com/v/p5AlmNWsmms&hl=en&fs=1
Non-Authoritative-Reason: HSTS

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Su...
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20S...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_gid=1693469975.1533673231&gjid=388218667&_v=j68&z=1747937270
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270&slf_rd=1&random=2615257953

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:810::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270&slf_rd=1&random=2615257953

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=505862091&_v=j68&z=1747937270&slf_rd=1&random=2615257953
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 214063745733443 Show response
connect.facebook.net/signals/config/ 80 KB
17 KB 35ms
34ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/214063745733443?v=2.8.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

d4c426f1fdece36278e1472fee5c928b9490a5e86ae014b8d1859accccb4813c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: 6bHJh0YkC+8vru4aub+16gRA3iVIge5ZTLGeGdPOBN3EpCPUu9mZaBQkt4ljiwif04q8zK5CulvTwRIevZNy0g==
x-frame-options: DENY
date: Tue, 07 Aug 2018 20:20:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:810::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-B3SVC8H

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 4903
date: Tue, 07 Aug 2018 18:58:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 14386
expires: Tue, 07 Aug 2018 20:58:48 GMT

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Su...
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=851638301&t=pageview&_s=1&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&ul=en-us&de=UTF-8&dt=WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20S...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_gid=1693469975.1533673231&gjid=1551202999&_v=j68&z=513743172
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172&slf_rd=1&random=501157555

42 B
109 B

17ms
16ms

Image
image/gif

2a00:1450:4001:810::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172&slf_rd=1&random=501157555

Requested by

Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:810::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-52997108-1&cid=1143346093.1533673231&jid=1364210995&_v=j68&z=513743172&slf_rd=1&random=501157555
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK roundtrip.js Show response
a.adroll.com/j/ 29 KB
10 KB 20ms
9ms Script
text/javascript 2.16.186.89
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://a.adroll.com/j/roundtrip.js
Requested by: Host: buywitchdoctors.com
URL: http://buywitchdoctors.com/
Protocol: HTTP/1.1
Server: 2.16.186.89 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-89.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e65cf5108c80dca04640eb55670754edbda09df69d96b1c5308dd7aae16e5ae8

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
x-amz-version-id: 3983yvQiUeJIC76cHdWZACuajrAAM2fQ
Content-Encoding: gzip
Last-Modified: Thu, 02 Aug 2018 22:24:55 GMT
Server: AmazonS3
x-amz-request-id: EBB0B54C0A261A5F
ETag: "3771366c85ecd7d661479d8467c1d272"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=300, must-revalidate
Date: Tue, 07 Aug 2018 20:20:31 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9469
x-amz-id-2: RmZghswRczcD+rXKImFD/l4AKe454kiIXRtJ+/9v62MvAWfvkCc0a6mk01Mf4BiAyz3DsrOam0E=

GET
H/1.1 200
OK KY2ZMWNPRJBXLMYLZCVAB6 Show response
d.adroll.com/consent/check/ 34 B
194 B 122ms
31ms Script
application/javascript 54.228.225.10
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/KY2ZMWNPRJBXLMYLZCVAB6?_s=158fa54b998975f9462b08b96a049408
Requested by: Host: a.adroll.com
URL: http://a.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.225.10 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-225-10.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: c389d2c60cd588381a115d2bad194492123fbd5b73f86a85149ec4e5de8503f6

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
Connection: keep-alive
Content-Length: 34
Content-Type: application/javascript

GET
H/1.1

200
OK

3ROHWFX7YVC2TP6TKMUJNA.js Show response
s.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF/
Redirect Chain

https://d.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF?pv=42799599095.43365&cookie=&adroll_s_ref=&keyw=&arrfrr=http%3A%2F%2Fbuywitchdoctors.com%2F
https://s.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF/3ROHWFX7YVC2TP6TKMUJNA.js

16 KB
5 KB

384ms
366ms

Script
text/javascript

2.18.233.40
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF/3ROHWFX7YVC2TP6TKMUJNA.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1813ab788b6b6073bb7bc7584bd634d486f92eb0889402411de32ae5eb3e0cc6

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: g86t78Q8vvuUm_iEO3P1xo6zAQPwRRAE
Content-Encoding: gzip
ETag: "05e91026f28830dc1af6ee14306b723c"
x-amz-request-id: 5A8A14B5F2875363
x-amz-server-side-encryption: AES256
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 4257
x-amz-id-2: xzt9iaaCBFFVzB3fygpNr2Olq4tQtWHwP9eJ+rlSP6cKicys4UXYp2lpowHK7QTAs6rN1C4G38U=
Last-Modified: Tue, 07 Aug 2018 19:52:52 GMT
Server: AmazonS3
Date: Tue, 07 Aug 2018 20:20:32 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=300, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

Redirect headers

Date: Tue, 07 Aug 2018 20:20:32 GMT
X-Segment-Display-Name
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Connection: keep-alive
Content-Length: 0
Pragma: no-cache
X-Conversion-Value: 0.0
Server: nginx/1.12.1
X-Rule: *
X-Segment-Eid: 3ROHWFX7YVC2TP6TKMUJNA
Location: https://s.adroll.com/pixel/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF/3ROHWFX7YVC2TP6TKMUJNA.js
Cache-Control: no-store, no-cache, must-revalidate
X-Pixel-Eid: 2OQIYHS7DFARBJIYWFJGIF
X-Segment-Name: *
X-Advertisable-Eid: KY2ZMWNPRJBXLMYLZCVAB6
X-Conversion-Currency

GET
S 200 978489425585847 Show response
connect.facebook.net/signals/config/ 80 KB
16 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/978489425585847?v=2.8.24&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fe6b20272b588670b940e21b7575abef4ecfd3cd7dbe44f3cdba48ab400cb945

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: Iy/NHu8sMyP/TerOJORfQ8bB24irxbhFSc4sdqGxMFJSVhTuPlgMEVXZaBlq3ekzxr0URM4SCGysnypyTnQnAw==
x-frame-options: DENY
date: Tue, 07 Aug 2018 20:20:32 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
S

204

sync
pixel.advertising.com/ups/55980/
Redirect Chain

https://d.adroll.com/cm/aol/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true

0
298 B

9ms
8ms

Image
text/plain

54.93.220.148
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.220.148 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-93-220-148.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
date: Tue, 07 Aug 2018 20:20:32 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Tue, 07 Aug 2018 20:20:32 GMT
content-length: 0
location: https://pixel.advertising.com/ups/55980/sync?uid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://d.adroll.com/cm/index/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232&C=1

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 07 Aug 2018 20:20:32 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expiration=1565209232&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 333
Expires: Tue, 07 Aug 2018 20:20:32 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://d.adroll.com/cm/n/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expires=365

42 B
371 B

98ms
97ms

Image
image/gif

69.173.144.137
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expires=365
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.137 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: IVIEEFRM-FYDQLl36EcEJw
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&expires=365
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 124

GET
S

200

pixel
sync.outbrain.com/adroll/
Redirect Chain

https://d.adroll.com/cm/outbrain/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://sync.outbrain.com/adroll/pixel?user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

18 B
18 B

89ms
88ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.outbrain.com/adroll/pixel?user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains;

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=0; includeSubDomains;
content-encoding: gzip
traffic-path: NYDC1, JFK, FRA, Europe1
x-timer: S1533673233.654513,VS0,VE83
date: Tue, 07 Aug 2018 20:20:32 GMT
x-served-by: cache-jfk8128-JFK, cache-fra19151-FRA
x-cache: MISS, MISS
status: 200
backend-ip: 104.156.90.28
accept-ranges: bytes, bytes
via: 1.1 varnish, 1.1 varnish
x-cache-hits: 0, 0

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://sync.outbrain.com/adroll/pixel?user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 96

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/
Redirect Chain

https://d.adroll.com/cm/pubmatic/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...

1 B
817 B

13ms
12ms

Image
text/html

185.64.189.110
PubMatic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
X-lat: Pug22058:0:295
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 220

GET
S

204

/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain

https://d.adroll.com/cm/taboola/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

0
228 B

14ms
14ms

Image
text/plain

151.101.14.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Aug 2018 20:20:32 GMT
via: 1.1 varnish
server: nginx
x-timer: S1533673233.654505,VS0,VE8
x-served-by: cache-fra19151-FRA
x-cache: MISS
status: 204
x-cache-hits: 0
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 111

GET
H/1.1

200
OK

xuid
eb2.3lift.com/
Redirect Chain

https://d.adroll.com/cm/triplelift/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://eb2.3lift.com/xuid?mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e&gdpr=1&cmp_cs=

37 B
463 B

8ms
8ms

Image
image/gif

18.194.111.46
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e&gdpr=1&cmp_cs=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.111.46 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-194-111-46.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 7 Aug 2018 20:20:32 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Content-Length: 37
content-type: image/gif

Redirect headers

location: /xuid?ld=1&mid=4714&xuid=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY&dongle=c85e&gdpr=1&cmp_cs=
date: Tue, 7 Aug 2018 20:20:32 GMT
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK 2OQIYHS7DFARBJIYWFJGIF
d.adroll.com/onp/KY2ZMWNPRJBXLMYLZCVAB6/ 42 B
509 B 31ms
31ms Image
image/gif 54.228.225.10
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/onp/KY2ZMWNPRJBXLMYLZCVAB6/2OQIYHS7DFARBJIYWFJGIF?pv=42799599095.43365&ev=t%3Dtop%26f%3D0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.225.10 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-225-10.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
X-Advertisable-Eid: KY2ZMWNPRJBXLMYLZCVAB6
Content-Length: 42

GET
H/1.1

200
OK

pixel
ads.yahoo.com/
Redirect Chain

https://d.adroll.com/cm/r/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_con...

0
1 KB

121ms
40ms

Image
text/plain

2a00:1288:110:833::4000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:833::4000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: ATS
Age: 0
Expect-CT: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security: max-age=3600
Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ads.yahoo.com/pixel?id=2498203&t=2&piggyback=https%3A%2F%2Fads.yahoo.com%2Fcms%2Fv1%3Fesig%3D1~bf4e7dc4546a90c08591652d78a230d3f2ef5733%26nwid%3D10001032567%26sigv%3D1%26gdpr%3D1%26gdpr_consent%3DBOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 248

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/
Redirect Chain

https://d.adroll.com/cm/b/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://x.bidswitch.net/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY

43 B
575 B

16ms
16ms

Image
image/gif

18.153.11.16
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.11.16 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-153-11-16.eu-central-1.compute.amazonaws.com
Software: nginx/1.12.0 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=10
Content-Length: 43

Redirect headers

Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 0

GET
H/1.1

200
OK

pxj
ib.adnxs.com/
Redirect Chain

https://d.adroll.com/cm/x/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY%27)

0
592 B

45ms
15ms

Image
text/html

185.33.223.197
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid(%27MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY%27)

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.197 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:34 GMT
X-Proxy-Origin: 148.251.45.254; 148.251.45.254; 302.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.240:80
AN-X-Request-Uuid: 34ac8bb9-808b-4d2b-b0ef-4fc03aeb45b7
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Location: https://ib.adnxs.com/pxj?bidder=172&seg=802787&action=setuid('MjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTY')
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 113

GET
S

200

sync
pippio.com/api/
Redirect Chain

https://d.adroll.com/cm/l/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://idsync.rlcdn.com/377928.gif?partner_uid=23b20da55710a440e6e3a9bfdb360fa6
https://idsync.rlcdn.com/1000.gif?memo=CMiIFxIrCicIARDqIhogMjNiMjBkYTU1NzEwYTQ0MGU2ZTNhOWJmZGIzNjBmYTYQABoNCJD-p9sFEgUI6AcQAA
https://pippio.com/api/sync?pid=5324&_=2

42 B
510 B

134ms
117ms

Image
image/gif

107.178.254.65
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=5324&_=2
Protocol: SPDY
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.254.65 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Aug 2018 20:20:33 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
status: 200
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

status: 307
date: Tue, 07 Aug 2018 20:20:33 GMT
cache-control: no-cache, no-store
timing-allow-origin: *
content-length: 0
location: https://pippio.com/api/sync?pid=5324&_=2
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
S

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://d.adroll.com/cm/o/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6
https://us-u.openx.net/w/1.0/sd?id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6

43 B
255 B

17ms
16ms

Image
image/gif

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.54.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:32 GMT
server: OXGW/16.54.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

status: 302
date: Tue, 07 Aug 2018 20:20:32 GMT
server: OXGW/16.54.0
content-length: 0
location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=23b20da55710a440e6e3a9bfdb360fa6
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

200
OK

in
d.adroll.com/cm/g/
Redirect Chain

https://d.adroll.com/cm/g/out?advertisable=KY2ZMWNPRJBXLMYLZCVAB6&google_nid=adroll5
https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=I7INpVcQpEDm46m_2zYPpg&google_ula=1535926
https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=I7INpVcQpEDm46m_2zYPpg&google_ula=1535926&google_tc=
https://d.adroll.com/cm/g/in?google_ula=1535926,0

42 B
510 B

30ms
30ms

Image
image/gif

54.228.225.10
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/g/in?google_ula=1535926,0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.228.225.10 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-228-225-10.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 07 Aug 2018 20:20:32 GMT
Server: nginx/1.12.1
P3P: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-Result: g.-1.-1.1535926.0.-1

Redirect headers

pragma: no-cache
date: Tue, 07 Aug 2018 20:20:32 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://d.adroll.com/cm/g/in?google_ula=1535926,0
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 246
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
294 B 20ms
7ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=214063745733443&ev=PageView&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&rl=&if=false&ts=1533673232568&cd[segment_eid]=3ROHWFX7YVC2TP6TKMUJNA&sw=1600&sh=1200&v=2.8.24&r=stable&ec=0&o=28&it=1533673231049&exp=button_click_send_beacon
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Aug 2018 20:20:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 07 Aug 2018 20:20:32 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
198 B 20ms
7ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=978489425585847&ev=PageView&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&rl=&if=false&ts=1533673232569&cd[segment_eid]=3ROHWFX7YVC2TP6TKMUJNA&sw=1600&sh=1200&v=2.8.24&r=stable&ec=0&o=29&it=1533673231049&exp=button_click_send_beacon
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Aug 2018 20:20:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 07 Aug 2018 20:20:32 GMT

GET
S 200 /
www.facebook.com/tr/ 44 B
244 B 6ms
6ms Image
image/gif 2a03:2880:f12d:86:face:b00c:0:50fb
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/tr/?id=214063745733443&ev=Microdata&dl=http%3A%2F%2Fbuywitchdoctors.com%2F&rl=&if=false&ts=1533673234071&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%7D&cd[Meta]=%7B%22title%22%3A%22WitchDoctors.com%20-%20Victory%20Motorcycle%20Parts%20Supplier%22%2C%22meta%3Adescription%22%3A%22Your%20%231%20Source%20for%20US%20Made%2C%20Custom%20Victory%20%26%20Indian%20Motorcycle%20Parts%22%2C%22meta%3Akeywords%22%3A%22victory%20motorcycle%20parts%2C%20victory%20motorcycle%20parts%2C%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.24&r=stable&ec=1&o=28&it=1533673231049&es=automatic&exp=button_click_send_beacon
Protocol: SPDY
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: proxygen-bolt /
Resource Hash: 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer: http://buywitchdoctors.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 07 Aug 2018 20:20:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 07 Aug 2018 20:20:34 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: tVMTaCSSG4o
buywitchdoctors.com/	1970-01-18 18:02:10	Name: CGSSESSID Value: sn0416gagn0s9a6kbbqmte04p7
.youtube.com/	1970-01-18 18:01:15	Name: GPS Value: 1
.buywitchdoctors.com/	1970-01-18 18:01:13	Name: _gat Value: 1
.webhostinghub.com/	1970-01-18 18:01:13	Name: _gat Value: 1
.youtube.com/	1970-01-18 23:51:51	Name: PREF Value: f1=50000000
.webhostinghub.com/	1970-01-18 18:02:39	Name: _gid Value: GA1.2.1635476238.1533673232
.buywitchdoctors.com/	1970-01-18 18:01:13	Name: _gat_UA-52997108-1 Value: 1
.webhostinghub.com/	1970-01-19 11:32:25	Name: _ga Value: GA1.2.491617006.1533673232
.buywitchdoctors.com/	1970-01-18 18:02:39	Name: _gid Value: GA1.2.1693469975.1533673231
.buywitchdoctors.com/	1970-01-19 11:32:25	Name: _ga Value: GA1.2.1143346093.1533673231
.youtube.com/	1970-01-18 22:20:25	Name: VISITOR_INFO1_LIVE Value: lQR11R4BzbQ

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.adroll.com
ads.yahoo.com
buywitchdoctors.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
pippio.com
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
secure54.webhostinghub.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
trc.taboola.com
us-u.openx.net
verify.authorize.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.positivessl.com
www.youtube.com
x.bidswitch.net
107.178.254.65
151.101.14.2
173.241.240.143
178.255.83.235
18.153.11.16
18.194.111.46
184.31.87.184
185.33.223.197
185.64.189.110
2.16.186.89
2.18.233.40
2.18.234.21
216.58.207.66
23.235.192.240
2a00:1288:110:833::4000
2a00:1450:4001:810::2003
2a00:1450:4001:810::2004
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
54.228.225.10
54.88.87.248
54.93.220.148
69.173.144.137
74.208.247.208
79.125.111.221
047448f0827ca7d6ba6939c64424ae003ccaae1e99d45121a989af015eb4fbd0
0ac7a81fd48bba0335717685e0155f49b6f34c58dab726bd9479e843b24be35e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
117560745a9077ae8e3c2849dfd30d3acf283a4a382f033a25fcdecc0599d89e
11f7c93f7e846bf43503c6e8766202f5905690e3e7f22aadcff0d513760e4529
12bb1757b85df81c9fca20abcd10afe18d1281319baebcd2dd44cf4395397884
16941271b15369896c00d5038e4f7854c3d7ee382150b47f4793d8d8dc66623f
1813ab788b6b6073bb7bc7584bd634d486f92eb0889402411de32ae5eb3e0cc6
1c6993569ce8b44ba57196cb334e0a39c67bf9243c5e27e40c31e829f2f383ff
31d2cd4d78a300ffeca1b03281800d391730414e805ee0d6dbb2c7f6a840e070
36d4bf766008908315a8ca472d95b7dfca353c3c05a324d5a71d84977e84f58c
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
49916d7d82ac09c1e4ad77fa285cab0f9dd31e31ab20df2b8616a2bb8f47cba1
4a69b1883082a17675c8cae0a8a61cf080a2ec85fe4b606b8168f6dd60f0a7e4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f293323be5190685c1820df5843dd78371891850fa69e1d315b26e7034c29f8
521564b329093a489f82b824807a6e82875caa698a53bb26d905ae68a066c0a8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
668cbae31be040f60dd4d43e73483f9d1080d1dc3f4224897e08cffa481aa94c
66c9dac94f44c5138644fe005d8399d354e5f64260df78ef38ab31518648ef93
7960691313595337d42f7945466244d9bd55663beb774aa4ac9d71bd3bdb71cc
858668c99b2eea1de9da31eb20119bafc22b3a2bd980c3eeccf225178141675f
9c9e8b6a9aac579da493757403f3ddbabe2c70fbfe3ec4e5d7d126522ffa1606
a7c70b0d74874721017e0ed469f10b55c253fcf33858d139d8482b40c8f14b8e
a7ff2933fbf605dd1f3cfc7f25c34c8f8177c3889bc9e2e4f0f988f09bd8ff0b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6143b6b4d86918d18cd84b60ae0f37f74522fc145896a4f9645746070cb28d4
b6c5460bbfbf718ee22ac511bbd87f29c34203b527b1e35b2c375e7dc6ec1080
b77cad425a1d15a5222eecee2a33e0f692d683d50edffec02adca434d9c27e91
b9b27c6e38b25c6c9014fac2ba276e75be38abb1869b993bd6ec2d8895affe05
ba14d6f0ae56221f91e5df193879ab1489d20ce9678a01bc84f061c9da4f0a78
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c389d2c60cd588381a115d2bad194492123fbd5b73f86a85149ec4e5de8503f6
c432d50296ed5a835c2f85b1a34be98bdd8340424105d527cdee26a271b71440
d4c426f1fdece36278e1472fee5c928b9490a5e86ae014b8d1859accccb4813c
d62e1fa6bed40d557b1285a6deaea3d8425846875aca2403617edd7342ce5464
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65cf5108c80dca04640eb55670754edbda09df69d96b1c5308dd7aae16e5ae8
eae8593217b9bbf210fdddba3f5b1b143aee30cbc302f6ec98c60a9a8ba0cf3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27631cd99253081f6f26754823ea7dff70f9c487738e34c5972c99e8e88600d
fe6b20272b588670b940e21b7575abef4ecfd3cd7dbe44f3cdba48ab400cb945

buywitchdoctors.com Open in urlscan Pro 74.208.247.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

59 Requests

56 %HTTPS

31 %IPv6

26 Domains

29 Subdomains

24 IPs

6 Countries

945 kBTransfer

1343 kBSize

12 Cookies

7 Outgoing links

Redirected requests

59 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

buywitchdoctors.com Open in urlscan Pro
74.208.247.208 Public Scan

Screenshot
Live screenshot

Full Image

59
Requests

56 %
HTTPS

31 %
IPv6

26
Domains

29
Subdomains

24
IPs

6
Countries

945 kB
Transfer

1343 kB
Size

12
Cookies

59 HTTP transactions
0 data transactions