Submitted URL: http://www.cluedofan.com/
Effective URL: https://www.cluedofan.com/
Submission: On October 17 via api from US — Scanned from GB

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 40 HTTP transactions. The main IP is 80.93.160.136, located in United Kingdom and belongs to HOSTIT-MK-AS Milton Keynes Facility, GB. The main domain is www.cluedofan.com.
TLS certificate: Issued by R10 on September 6th 2024. Valid for: 3 months.
This is the only time www.cluedofan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
23 80.93.160.136 45014 (HOSTIT-MK...)
2 4 192.229.221.25 15133 (EDGECAST)
7 142.250.184.226 15169 (GOOGLE)
3 199.232.188.157 54113 (FASTLY)
2 142.250.186.161 15169 (GOOGLE)
40 6
Apex Domain
Subdomains
Transfer
23 cluedofan.com
www.cluedofan.com
57 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
221 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1472
30 KB
2 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2817
2 KB
2 paypal.com
www.paypal.com — Cisco Umbrella Rank: 3226 Failed
1 KB
40 5
Domain Requested by
23 www.cluedofan.com www.cluedofan.com
7 pagead2.googlesyndication.com www.cluedofan.com
pagead2.googlesyndication.com
3 platform.twitter.com www.cluedofan.com
platform.twitter.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.paypalobjects.com www.cluedofan.com
2 www.paypal.com www.cluedofan.com
40 6

This site contains no links.

Subject Issuer Validity Valid
cluedofan.com
R10
2024-09-06 -
2024-12-05
3 months crt.sh
*.g.doubleclick.net
WR2
2024-09-30 -
2024-12-23
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-24 -
2025-07-25
a year crt.sh
tpc.googlesyndication.com
WR2
2024-09-30 -
2024-12-23
3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.cluedofan.com/
Frame ID: B5BC803A047855D93C26A3E1A4232CF4
Requests: 2 HTTP requests in this frame

Frame: https://www.cluedofan.com/cmenu.htm
Frame ID: DCC2BE3703705B51D07FCE1B6E90F194
Requests: 11 HTTP requests in this frame

Frame: https://www.cluedofan.com/cindex.html
Frame ID: BDF308F5EB877C9DB9548AAD5DB244C2
Requests: 22 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.cluedofan.com
Frame ID: E058342726FC28AC0DBCFA7702DDA057
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Frame ID: 87FEAADB1ED2EDDAF7DECC838277AD11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3623468102127762&output=html&h=90&adk=2561915012&adf=3209679020&w=728&lmt=1540997735&format=728x90_as&color_bg=EBFFED&color_border=A8DDA0&color_link=0000CC&color_text=6F6F6F&color_url=008000&url=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&alt_color=1E522E&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729129022213&bpp=104&bdt=190&idt=239&shv=r20241014&mjsv=m202410100101&ptt=5&saldr=sd&eoidce=1&correlator=312317251923&frm=21&ife=1&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=84&biw=1600&bih=1200&isw=1440&ish=1200&ifk=2137326062&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087891%2C31087986%2C42532524%2C44795921%2C95344187&oid=2&pvsid=3503684631289857&tmod=7443022&uas=0&nvt=1&loc=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&top=https%3A%2F%2Fwww.cluedofan.com%2F&fc=640&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1440%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.46ud33rgp96r&fsb=1&dtd=271
Frame ID: C59CECE0A0FF204420D1934558037081
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3623468102127762&output=html&h=90&adk=2561915012&adf=3106264642&w=728&lmt=1540997735&format=728x90_as&color_bg=EBFFED&color_border=A8DDA0&color_link=0000CC&color_text=6F6F6F&color_url=008000&url=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&alt_color=1E522E&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729129022218&bpp=100&bdt=194&idt=279&shv=r20241014&mjsv=m202410100101&ptt=5&saldr=sd&eoidce=1&prev_fmts=728x90_as&correlator=312317251923&frm=21&ife=1&pv=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=893&biw=1600&bih=1200&isw=1440&ish=1200&ifk=2137326062&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087891%2C31087986%2C42532524%2C44795921%2C95344187&oid=2&pvsid=3503684631289857&tmod=7443022&uas=0&nvt=1&top=https%3A%2F%2Fwww.cluedofan.com%2F&fc=640&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1440%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.b6ctc2je2dvk&fsb=1&dtd=285
Frame ID: 5F82FC05994BF0DC84392EF16B46082C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 65E8CE7C19CD72C1CDBAEABB98960E34
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Cluedofan.com Cluedo & Clue - the classic detective boardgame and spinoffs.

Page URL History Show full URLs

  1. http://www.cluedofan.com/ HTTP 307
    https://www.cluedofan.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

40
Requests

88 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

311 kB
Transfer

840 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.cluedofan.com/ HTTP 307
    https://www.cluedofan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
Request Chain 27
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif HTTP 301
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif

40 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.cluedofan.com/
Redirect Chain
  • http://www.cluedofan.com/
  • https://www.cluedofan.com/
2 KB
1 KB
Document
General
Full URL
https://www.cluedofan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
00b6c7a2902b1144381bed7780dd29693f41020ff2d586ecab60a8b84df5ef51
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 17 Oct 2024 01:37:01 GMT
etag
W/"5be1ca38-6a7"
last-modified
Tue, 06 Nov 2018 17:07:04 GMT
server
nginx
strict-transport-security
max-age=15768000
x-content-type-options
nosniff

Redirect headers

Location
https://www.cluedofan.com/
Non-Authoritative-Reason
HttpsUpgrades
cmenu.htm
www.cluedofan.com/ Frame DCC2
11 KB
5 KB
Document
General
Full URL
https://www.cluedofan.com/cmenu.htm
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
c9f09628962ad306817d6764e4267b405792619e8d4d5377700767d006787dd6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 17 Oct 2024 01:37:01 GMT
etag
W/"5be1c974-2ddc"
last-modified
Tue, 06 Nov 2018 17:03:48 GMT
server
nginx
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cindex.html
www.cluedofan.com/ Frame BDF3
10 KB
5 KB
Document
General
Full URL
https://www.cluedofan.com/cindex.html
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
b4e09c33de5feca7c52c954979b68686ac10f969836de6e338deb2fd82b7fa34
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 17 Oct 2024 01:37:01 GMT
etag
W/"5bd9c267-27ff"
last-modified
Wed, 31 Oct 2018 14:55:35 GMT
server
nginx
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
corner.gif
www.cluedofan.com/cluedoims/ Frame DCC2
924 B
1 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
2f5f27fabb6bbc4f4ccefa6f758046f433d9af099418e3728416356230e63895
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3bec322d-39c"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
924
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:45 GMT
server
nginx
twoy.gif
www.cluedofan.com/cluedoims/ Frame DCC2
809 B
1 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/twoy.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
d0599e0e1dddde5ee8ab062bdbf64853a6a3aa27a3392fa09fbaa647068dd73c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3bec32b6-329"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
809
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:47:02 GMT
server
nginx
corner2.gif
www.cluedofan.com/cluedoims/ Frame DCC2
926 B
1 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner2.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
8eb03026b51c00b7fa50a5dfb13d08a1983b2f2680b67b7fb01090e0acb882b3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3bec322e-39e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
926
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:46 GMT
server
nginx
Ctitle.gif
www.cluedofan.com/ Frame DCC2
17 KB
17 KB
Image
General
Full URL
https://www.cluedofan.com/Ctitle.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
c5f24055b538826c63f6ffcd07690ca26037efcae41f8f35c7ff29e9166c4944
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3beefad0-43f3"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
17395
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Sun, 11 Nov 2001 22:25:20 GMT
server
nginx
x-click-but04.gif
www.paypal.com/en_US/i/btn/ Frame DCC2
0
0

cutitle.gif
www.cluedofan.com/ Frame DCC2
12 KB
0
Image
General
Full URL
https://www.cluedofan.com/cutitle.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
7ed7b18749293f00ab8cc4384cfa41686155f0fd1277ee11081b0dd3db460580
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

cache-control
max-age=2592000
etag
"3beefabe-2ead"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
11949
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Sun, 11 Nov 2001 22:25:02 GMT
server
nginx
corner4.gif
www.cluedofan.com/cluedoims/ Frame DCC2
926 B
1 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner4.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
93c97a152ec4fc4c0c442bebb2d56bbc94573ae2c567e34c5bdf66e0008010dd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3bec3231-39e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
926
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:49 GMT
server
nginx
corner3.gif
www.cluedofan.com/cluedoims/ Frame DCC2
928 B
1 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner3.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
899e05f7b97b5d9792bc1a76866a9946c30d2d9dd5fbea8f28a203f7491aa5e7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3bec3230-3a0"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
928
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:48 GMT
server
nginx
cluedo.css
www.cluedofan.com/ Frame BDF3
248 B
410 B
Stylesheet
General
Full URL
https://www.cluedofan.com/cluedo.css
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
209e7969bb56eba58d6e763ecc98ca25e7e5e595461ea5f667a1264e6e42c443
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"55c8a578-f8"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
text/css
last-modified
Mon, 10 Aug 2015 13:22:00 GMT
server
nginx
cluedofan.js
www.cluedofan.com/ Frame BDF3
4 KB
2 KB
Script
General
Full URL
https://www.cluedofan.com/cluedofan.js
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
5ee164ff8e899bd66dc996ac92242787c812e2956a9f4b54dd90fc7ab0cc90c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
content-encoding
gzip
etag
W/"5bdece8f-f33"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
application/javascript
last-modified
Sun, 04 Nov 2018 10:48:47 GMT
server
nginx
corner.gif
www.cluedofan.com/cluedoims/ Frame BDF3
924 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
2f5f27fabb6bbc4f4ccefa6f758046f433d9af099418e3728416356230e63895
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3bec322d-39c"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
924
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:45 GMT
server
nginx
twoy.gif
www.cluedofan.com/cluedoims/ Frame BDF3
809 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/twoy.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
d0599e0e1dddde5ee8ab062bdbf64853a6a3aa27a3392fa09fbaa647068dd73c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3bec32b6-329"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
809
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:47:02 GMT
server
nginx
corner2.gif
www.cluedofan.com/cluedoims/ Frame BDF3
926 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner2.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
8eb03026b51c00b7fa50a5dfb13d08a1983b2f2680b67b7fb01090e0acb882b3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3bec322e-39e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
926
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:46 GMT
server
nginx
Ctitle.gif
www.cluedofan.com/ Frame BDF3
17 KB
0
Image
General
Full URL
https://www.cluedofan.com/Ctitle.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
c5f24055b538826c63f6ffcd07690ca26037efcae41f8f35c7ff29e9166c4944
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3beefad0-43f3"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
17395
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Sun, 11 Nov 2001 22:25:20 GMT
server
nginx
cutitle.gif
www.cluedofan.com/ Frame BDF3
12 KB
12 KB
Image
General
Full URL
https://www.cluedofan.com/cutitle.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
7ed7b18749293f00ab8cc4384cfa41686155f0fd1277ee11081b0dd3db460580
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3beefabe-2ead"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
11949
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Sun, 11 Nov 2001 22:25:02 GMT
server
nginx
clue2016sm.jpg
www.cluedofan.com/cluedoims/merch/ Frame BDF3
5 KB
5 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/merch/clue2016sm.jpg
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
5673ed2b3a22a5b4e920739529d552fa8eab2accbbce392b6abd9ef3ee64a09d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"5a2ffba5-123b"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
4667
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/jpeg
last-modified
Tue, 12 Dec 2017 15:54:13 GMT
server
nginx
cluedo2016sm.jpg
www.cluedofan.com/cluedoims/merch/ Frame BDF3
3 KB
4 KB
Image
General
Full URL
https://www.cluedofan.com/cluedoims/merch/cluedo2016sm.jpg
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
99b01bc2fb7471d801039042da5ed94430b1b04cb62b3cea8328ceb2b4b7662f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"5a2ffba0-d7a"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
3450
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/jpeg
last-modified
Tue, 12 Dec 2017 15:54:08 GMT
server
nginx
x-click-but04.gif
www.paypal.com/en_US/i/btn/ Frame BDF3
0
0

corner4.gif
www.cluedofan.com/cluedoims/ Frame BDF3
926 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner4.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
93c97a152ec4fc4c0c442bebb2d56bbc94573ae2c567e34c5bdf66e0008010dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3bec3231-39e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
926
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:49 GMT
server
nginx
corner3.gif
www.cluedofan.com/cluedoims/ Frame BDF3
928 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/corner3.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
899e05f7b97b5d9792bc1a76866a9946c30d2d9dd5fbea8f28a203f7491aa5e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cindex.html

Response headers

cache-control
max-age=2592000
etag
"3bec3230-3a0"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
928
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:44:48 GMT
server
nginx
twoy.gif
www.cluedofan.com/cluedoims/ Frame DCC2
809 B
0
Image
General
Full URL
https://www.cluedofan.com/cluedoims/twoy.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
d0599e0e1dddde5ee8ab062bdbf64853a6a3aa27a3392fa09fbaa647068dd73c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/cmenu.htm

Response headers

cache-control
max-age=2592000
etag
"3bec32b6-329"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:02 GMT
accept-ranges
bytes
content-length
809
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 09 Nov 2001 19:47:02 GMT
server
nginx
x-click-but04.gif
www.paypalobjects.com/en_US/i/btn/ Frame DCC2
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cmenu.htm
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35CF) /
Resource Hash
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

paypal-debug-id
61e9f455ece26
etag
"5d5637bd-84f"
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 02:37:02 GMT
traceparent
00-000000000000000000061e9f455ece26-2d6ec3fa705fb530-01
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
s-maxage=31536000, public,max-age=3600
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
accept-ranges
bytes
content-length
2127
server
ECAcc (lhd/35CF)

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
0a809a0459626
content-encoding
gzip
accept-ch
Sec-CH-UA-Full
location
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
timing-allow-origin
*
traceparent
00-00000000000000000000a809a0459626-809669396de62c5f-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20
date
Thu, 17 Oct 2024 01:37:02 GMT
vary
Accept-Encoding
server
ECAcc (lhd/35C9)
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BDF3
25 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cluedofan.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f6594ee97d0ab2c4214def35a3c488e533c73334fd6e4209603212328b746509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
br
etag
10559182820386118900
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 01:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
10357
x-xss-protection
0
server
cafe
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame BDF3
153 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
80b55587a82a0bd482930ca38ecc13c4a582830b2599fd975a572f72fdf2f980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
br
etag
2957592270623860518
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 01:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52479
x-xss-protection
0
server
cafe
widgets.js
platform.twitter.com/ Frame BDF3
91 KB
27 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
gzip
etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Thu, 17 Oct 2024 01:37:02 GMT
last-modified
Mon, 11 Dec 2023 17:20:28 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200137-IAD, cache-muc13970-MUC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1800
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
27597
x-amz-server-side-encryption
AES256
x-click-but04.gif
www.paypalobjects.com/en_US/i/btn/ Frame BDF3
Redirect Chain
  • https://www.paypal.com/en_US/i/btn/x-click-but04.gif
  • https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
2 KB
0
Image
General
Full URL
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
Requested by
Host: www.cluedofan.com
URL: https://www.cluedofan.com/cindex.html
Protocol
H2
Server
192.229.221.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (lhd/35CF) /
Resource Hash
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

cache-control
s-maxage=31536000, public,max-age=3600
paypal-debug-id
61e9f455ece26
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
etag
"5d5637bd-84f"
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 02:37:02 GMT
traceparent
00-000000000000000000061e9f455ece26-2d6ec3fa705fb530-01
accept-ranges
bytes
dc
ccg11-origin-www-1.paypal.com
x-cache
HIT
content-length
2127
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
image/gif
last-modified
Fri, 16 Aug 2019 04:57:33 GMT
server
ECAcc (lhd/35CF)

Redirect headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
paypal-debug-id
0453325b48861
content-encoding
gzip
accept-ch
Sec-CH-UA-Full
location
https://www.paypalobjects.com/en_US/i/btn/x-click-but04.gif
origin-trial
AmF3SS0NWoXo3HaojgmIVVXavukRnZH597u+xZNXRCiKWzSKzfNPHw9NC32GmblY12+HXpkCEYeYGyvRBNkkJg0AAABbeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTksImlzU3ViZG9tYWluIjp0cnVlfQ==
timing-allow-origin
*
traceparent
00-00000000000000000000453325b48861-92ba8aeb4311d417-01
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
content-length
20
date
Thu, 17 Oct 2024 01:37:02 GMT
vary
Accept-Encoding
server
ECAcc (lhd/35D9)
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/ Frame BDF3
422 KB
141 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
41be776ed56c47e285fa0e0e355f36bf7e2a4a225e345684afbec48ffe69c185
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
br
etag
2206653499199435322
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 01:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 17 Oct 2024 01:37:02 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
143827
x-xss-protection
0
server
cafe
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame E058
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fwww.cluedofan.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
public, max-age=315360000
content-encoding
gzip
content-length
105429
content-type
text/html; charset=utf-8
date
Thu, 17 Oct 2024 01:37:02 GMT
etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
last-modified
Mon, 11 Dec 2023 17:19:49 GMT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
tw-cdn
FT
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-served-by
cache-iad-kiad7000164-IAD, cache-muc13960-MUC
zrt_lookup_fy2021.html
pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/ Frame 87FE
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/html/r20241014/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
24271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 16 Oct 2024 18:52:31 GMT
etag
13108003645644964576
expires
Wed, 30 Oct 2024 18:52:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame C59C
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3623468102127762&output=html&h=90&adk=2561915012&adf=3209679020&w=728&lmt=1540997735&format=728x90_as&color_bg=EBFFED&color_border=A8DDA0&color_link=0000CC&color_text=6F6F6F&color_url=008000&url=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&alt_color=1E522E&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729129022213&bpp=104&bdt=190&idt=239&shv=r20241014&mjsv=m202410100101&ptt=5&saldr=sd&eoidce=1&correlator=312317251923&frm=21&ife=1&pv=2&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=84&biw=1600&bih=1200&isw=1440&ish=1200&ifk=2137326062&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087891%2C31087986%2C42532524%2C44795921%2C95344187&oid=2&pvsid=3503684631289857&tmod=7443022&uas=0&nvt=1&loc=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&top=https%3A%2F%2Fwww.cluedofan.com%2F&fc=640&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1440%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=1.46ud33rgp96r&fsb=1&dtd=271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
312
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 01:37:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
pagead2.googlesyndication.com/pagead/ Frame 5F82
0
0
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/ads?client=ca-pub-3623468102127762&output=html&h=90&adk=2561915012&adf=3106264642&w=728&lmt=1540997735&format=728x90_as&color_bg=EBFFED&color_border=A8DDA0&color_link=0000CC&color_text=6F6F6F&color_url=008000&url=https%3A%2F%2Fwww.cluedofan.com%2Fcindex.html&alt_color=1E522E&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1729129022218&bpp=100&bdt=194&idt=279&shv=r20241014&mjsv=m202410100101&ptt=5&saldr=sd&eoidce=1&prev_fmts=728x90_as&correlator=312317251923&frm=21&ife=1&pv=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=516&ady=893&biw=1600&bih=1200&isw=1440&ish=1200&ifk=2137326062&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31087891%2C31087986%2C42532524%2C44795921%2C95344187&oid=2&pvsid=3503684631289857&tmod=7443022&uas=0&nvt=1&top=https%3A%2F%2Fwww.cluedofan.com%2F&fc=640&brdim=40%2C40%2C40%2C40%2C1600%2C0%2C1600%2C1200%2C1440%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=2.b6ctc2je2dvk&fsb=1&dtd=285
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
311
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 01:37:03 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
timeline.e108540dddc96e4b707f5cf259a582d7.js
platform.twitter.com/js/ Frame BDF3
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/timeline.e108540dddc96e4b707f5cf259a582d7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
gzip
etag
"e1b37e9fee06488be9c4cff0558f4e37+gzip"
access-control-allow-methods
GET
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date
Thu, 17 Oct 2024 01:37:02 GMT
last-modified
Mon, 11 Dec 2023 17:19:47 GMT
vary
Accept-Encoding
x-served-by
cache-iad-kcgs7200077-IAD, cache-muc13970-MUC
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=315360000
tw-cdn
FT
accept-ranges
bytes
access-control-allow-origin
*
content-length
2965
x-amz-server-side-encryption
AES256
sodar
pagead2.googlesyndication.com/getconfig/ Frame BDF3
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20241014&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
5fd1a8ac773e37cf584b2618d36fdc54c92c6258e409e9a706919f08dd37a37d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12566
date
Thu, 17 Oct 2024 01:37:03 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
www.cluedofan.com/
1 KB
2 KB
Other
General
Full URL
https://www.cluedofan.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
80.93.160.136 , United Kingdom, ASN45014 (HOSTIT-MK-AS Milton Keynes Facility, GB),
Reverse DNS
bester.psicorps.co.uk
Software
nginx /
Resource Hash
129ca7684f1650411a3d8de2a85c7a73707c2e165dee484cbccbc2415df3ba85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

strict-transport-security
max-age=15768000
cache-control
max-age=2592000
etag
"3beefa78-57e"
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 01:37:03 GMT
accept-ranges
bytes
content-length
1406
date
Thu, 17 Oct 2024 01:37:03 GMT
content-type
image/x-icon
last-modified
Sun, 11 Nov 2001 22:23:52 GMT
server
nginx
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BDF3
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3623468102127762&plah=www.cluedofan.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.cluedofan.com/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 17 Oct 2024 01:37:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 17 Oct 2024 01:37:03 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 65E8
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cluedofan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1524
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Oct 2024 01:11:40 GMT
expires
Thu, 17 Oct 2024 02:01:40 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame BDF3
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/en_US/i/btn/x-click-but04.gif
Domain
www.paypal.com
URL
https://www.paypal.com/en_US/i/btn/x-click-but04.gif
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241014&jk=3503684631289857&bg=!JSalJmnNAAaUWUsktFk7ADQBe5WfOEZMQaXRgHnSdNBO3zIudHTCrFoCEyt6QiaeO1wsFtQAG5onukYBi1JsGMZx4gyzAgAAAGdSAAAABGgBB34ANr1Wiwzyf3YY1HUE5wUNFuZiNy6i_4dzZY0wxuv6bbgeUlYgOoRHpDj-B8zBj4z2fQISTXBF35kCnZRX8Ni5CvR36lM8F3_tnsvK5q_i9H4E9WufQQ2xEnvw3x2s6yEGbrQn4NtGqe3w9_2DNxhGXefW2g-50Zr0DRDf-F72j1MiibOVVTJlmxIsTeqR5Rrcb5a6CuJtF_9z8km4HxdVIlSPmH0hmOF3A3VZzelfkYqcHNs4FDTw5sIUKombJz-_S5nN4COELSF5g35x6axv9LmGouX7Y3dkMDlM4XUWnYDT3kL_ltvk878fU8E_H4jx7D9Nk4TZsmfT6filn9JQShcYxUbp8xso-JLLcHglJZ2Lr15Bgg8jJULmCKdl7EkKORzQ-Dwx4rcaR9uI4W0LmAHqjpLDukF3kohdXbPcuIZmrg7161POhcxJfELcZf_8KJDmi25b5YGnZoewjaWdcGzvrtcMNRd6l9TNBGqamLqjK2LV5xZq3VRolMygn9YUZ8qrf6Chif9KHc-mebuG0W73rL7ctCHqUjWNh7HJ2R_aUjRR4S5JF22c7P20azIbB473gIwear3fcRg5hfowORE9sqPV66WaqrgUXBc23MKpVXwT-ymLuquQi4mutcyF5KK2JjV4WanittTYv7xR5l_y6h-kR8bdZypeRsXa6_YsEwzeydefUnwtLcSVYOv9V1CLPB3oktA5eoBydtUvXNTUr-HnHiB86LegDRdmX7EAnZhqKUe8VDikHM2VB__-1w1rVwAaMoTVd4XLQIdxYUN2hsxL2lfphQPYFNCNCzUDHdMHbK-biQlQKqT-XnQOqTWsarEm3zzjDO3-Cca3HzogefR8SG-Od0VDs_03iA2uLhh__csadoGcChzlStii8vLuiQuI41H3CTt0EgpiZbWu1zrrNi-_tvb7qjuoRUTzhTMz5_PR-L-jOzRWtGHzxUFz0vcpPQ

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients

3 Cookies

Domain/Path Name / Value
.paypal.com/ Name: ts
Value: vreXpYrS%3D1823737022%26vteXpYrS%3D1729130822%26vr%3D981f039a1920accc182845b3ff6dcfca%26vt%3D981f039a1920accc182845b3ff6dcfc9%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D981f039a1920accc182845b3ff6dcfca%26vt%3D981f039a1920accc182845b3ff6dcfc9
.cluedofan.com/ Name: __eoi
Value: ID=2ef06443906e43a7:T=1729129022:RT=1729129022:S=AA-AfjYsNw1iNHYEF9ZKQv3oo-e-

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

pagead2.googlesyndication.com
platform.twitter.com
tpc.googlesyndication.com
www.cluedofan.com
www.paypal.com
www.paypalobjects.com
pagead2.googlesyndication.com
www.paypal.com
142.250.184.226
142.250.186.161
192.229.221.25
199.232.188.157
80.93.160.136
00b6c7a2902b1144381bed7780dd29693f41020ff2d586ecab60a8b84df5ef51
129ca7684f1650411a3d8de2a85c7a73707c2e165dee484cbccbc2415df3ba85
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
209e7969bb56eba58d6e763ecc98ca25e7e5e595461ea5f667a1264e6e42c443
2f5f27fabb6bbc4f4ccefa6f758046f433d9af099418e3728416356230e63895
41be776ed56c47e285fa0e0e355f36bf7e2a4a225e345684afbec48ffe69c185
5673ed2b3a22a5b4e920739529d552fa8eab2accbbce392b6abd9ef3ee64a09d
5ee164ff8e899bd66dc996ac92242787c812e2956a9f4b54dd90fc7ab0cc90c1
5fd1a8ac773e37cf584b2618d36fdc54c92c6258e409e9a706919f08dd37a37d
7ed7b18749293f00ab8cc4384cfa41686155f0fd1277ee11081b0dd3db460580
80b55587a82a0bd482930ca38ecc13c4a582830b2599fd975a572f72fdf2f980
899e05f7b97b5d9792bc1a76866a9946c30d2d9dd5fbea8f28a203f7491aa5e7
8eb03026b51c00b7fa50a5dfb13d08a1983b2f2680b67b7fb01090e0acb882b3
93c97a152ec4fc4c0c442bebb2d56bbc94573ae2c567e34c5bdf66e0008010dd
99b01bc2fb7471d801039042da5ed94430b1b04cb62b3cea8328ceb2b4b7662f
a8f36837d21e73e1a17fa2936ec161187b3d1e6b08c0335433aec8153cd41049
b4e09c33de5feca7c52c954979b68686ac10f969836de6e338deb2fd82b7fa34
c5f24055b538826c63f6ffcd07690ca26037efcae41f8f35c7ff29e9166c4944
c9f09628962ad306817d6764e4267b405792619e8d4d5377700767d006787dd6
d0599e0e1dddde5ee8ab062bdbf64853a6a3aa27a3392fa09fbaa647068dd73c
e6e9523c85d37bb7c9677eb459366fb81a650df0ecfef5ab6e661dd18bbdaacb
f6594ee97d0ab2c4214def35a3c488e533c73334fd6e4209603212328b746509
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99