urlscan.io logo urlscan.io
SecurityTrails logo

www.websleuths.com Open in urlscan Pro
104.243.41.90  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.websleuths.com/
Effective URL: https://www.websleuths.com/forums/
Submission: On July 12 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 69 HTTP transactions. The main IP is 104.243.41.90, located in Piscataway, United States and belongs to AS-CHOOPA - Choopa, LLC, US. The main domain is www.websleuths.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on June 13th 2018. Valid for: 3 months.
This is the only time www.websleuths.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 32 104.243.41.90 20473 (AS-CHOOPA)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.85.254.207 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 172.217.22.98 15169 (GOOGLE)
6 169.55.70.149 36351 (SOFTLAYER)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:200... 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 52.94.218.7 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
3 52.85.255.187 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:200... 16509 (AMAZON-02)
69 20
32    104.243.41.90 (Piscataway, United States)

ASN20473 (AS-CHOOPA - Choopa, LLC, US)
PTR: tks.ahfbweb.com
www.websleuths.com
6    2a00:1450:4001:814::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
pagead2.googlesyndication.com
1    2600:9000:2001:9000:1f:287:d208:7ea1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
get.s-onetag.com
1    2a00:1450:4001:81d::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    52.85.254.207 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-254-207.ams1.r.cloudfront.net
c.amazon-adsystem.com
1    2a00:1450:4001:824::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    2a00:1450:4001:81e::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
3    172.217.22.98 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f2.1e100.net
securepubads.g.doubleclick.net
6    169.55.70.149 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 95.46.37a9.ip4.static.sl-reverse.com
ap.lijit.com
3    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:81d::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2600:9000:200e:1a00:5:ae3a:ba00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo.s-onetag.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    52.94.218.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
1    2600:9000:200e:6000:7:8699:e840:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
onetag-geo-grouping.s-onetag.com
3    52.85.255.187 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-255-187.ams1.r.cloudfront.net
sovrn.mgr.consensu.org
2    2a00:1450:4001:814::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
1    2a03:2880:f11c:8186:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2600:9000:200e:8600:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
Domain Requested by
32 www.websleuths.com 2 redirects www.websleuths.com
www.google-analytics.com
sovrn.mgr.consensu.org
6 ap.lijit.com www.websleuths.com
ap.lijit.com
5 pagead2.googlesyndication.com www.websleuths.com
pagead2.googlesyndication.com
3 sovrn.mgr.consensu.org get.s-onetag.com
sovrn.mgr.consensu.org
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
2 onetag-geo.s-onetag.com get.s-onetag.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 c.amazon-adsystem.com www.websleuths.com
c.amazon-adsystem.com
1 vendorlist.consensu.org sovrn.mgr.consensu.org
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 onetag-geo-grouping.s-onetag.com get.s-onetag.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 connect.facebook.net www.websleuths.com
1 stats.g.doubleclick.net www.websleuths.com
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagmanager.com www.websleuths.com
1 get.s-onetag.com www.websleuths.com
1 www.googletagservices.com www.websleuths.com
69 22

This site contains links to these domains. Also see Links.

Domain
xenforo.com
Subject Issuer Validity Valid
websleuths.com
cPanel, Inc. Certification Authority		 2018-06-13 -
2018-09-11		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-06-19 -
2018-08-28		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh
sovrn.mgr.consensu.org
Amazon		 2018-05-03 -
2019-06-03		 a year crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2018-06-19 -
2018-08-28		 2 months crt.sh

This page contains 12 frames:

Primary Page: https://www.websleuths.com/forums/
Frame ID: 2BB78CFC3CA45D27E8493BC293E5E713
Requests: 56 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: F936B8F0649124820C1B90F05C726423
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180702/r20180604/zrt_lookup.html
Frame ID: FF3B0C9F940C75AD51610388BD9FBB73
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Frame ID: C4CE5455F5B3103EC98AB90CD893F0C4
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/sync
Frame ID: B3A7EBD79F45B1C5632B8938259B829C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=689663336&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254083&bpp=11&bdt=636&fdt=12&idt=292&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&correlator=3120090952924&frm=20&pv=2&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=571128992&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=275&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=1&fsb=1&xpc=Qt61Fu54tU&p=https%3A//www.websleuths.com&dtd=311
Frame ID: 67B19210AABBAE86D4F5C3AC14DD6A16
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Frame ID: 1C2B95910E83AC192F3E6B8098D1BDD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=709986084&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254097&bpp=13&bdt=650&fdt=333&idt=335&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1173x90&correlator=3120090952924&frm=20&pv=1&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=36644254336&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=5253&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=2&fsb=1&xpc=udSbQAIJfm&p=https%3A//www.websleuths.com&dtd=340
Frame ID: 1F1104839A2B9E21D24FE633C9905851
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/1e2RywyANNe.js?version=42
Frame ID: 74358BB3976E7345EDCFD0458C0BF5EF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=362074203988922&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F1e2RywyANNe.js%3Fversion%3D42%23cb%3Df1df0756510776%26domain%3Dwww.websleuths.com%26origin%3Dhttps%253A%252F%252Fwww.websleuths.com%252Ff316f73a2063718%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2FWebsleuths-311461642390611&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false
Frame ID: D855D1D4F227A20FFCB16F19CA66D4A1
Requests: 1 HTTP requests in this frame

Frame: https://sovrn.mgr.consensu.org/cmp/portal/portal.html
Frame ID: EF281FBAECE772F237C2EF604CEC64E1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Frame ID: 649F8D1B8CC223D3A2962F6F9EBDCF41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.websleuths.com/ HTTP 301
    https://www.websleuths.com/forums/index.php HTTP 301
    https://www.websleuths.com/forums/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

69
Requests

54 %
HTTPS

70 %
IPv6

14
Domains

22
Subdomains

20
IPs

2
Countries

652 kB
Transfer

2103 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.websleuths.com/ HTTP 301
    https://www.websleuths.com/forums/index.php HTTP 301
    https://www.websleuths.com/forums/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=43718775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=Websleuths&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1718208415&gjid=1283259090&cid=795566495.1531427254&tid=UA-7620263-1&_gid=1642018450.1531427254&_r=1&gtm=u6t&z=1775544389 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7620263-1&cid=795566495.1531427254&jid=1718208415&_gid=1642018450.1531427254&gjid=1283259090&_v=j68&z=1775544389

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.websleuths.com/forums/
Redirect Chain
  • https://www.websleuths.com/
  • https://www.websleuths.com/forums/index.php
  • https://www.websleuths.com/forums/
197 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache / PHP/5.4.45
Resource Hash
d4b7383fba553538a74c445f0bc798e2d9c134ad199f5e0f897b863401261617
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

Host
www.websleuths.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713

Response headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-control
private, max-age=0
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1
Content-Encoding
gzip
Vary
Accept-Encoding,User-Agent
Last-Modified
Thu, 12 Jul 2018 20:27:33 GMT
Content-Length
38143
Cache-Control
max-age=1, private, must-revalidate
Keep-Alive
timeout=5, max=98
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-control
private, max-age=0
X-Frame-Options
SAMEORIGIN
X-Xss-Protection
1
Set-Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; path=/; secure; httponly
Last-Modified
Thu, 12 Jul 2018 20:27:33 GMT
Location
https://www.websleuths.com/forums/
Vary
User-Agent
Cache-Control
max-age=1, private, must-revalidate
Content-Length
0
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
gpt.js
www.googletagservices.com/tag/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3e680984bb1ad23237ee8e18bfbd1c4681499655c31593455e290ed3ec35e700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"5 / 455 of 1000 / last-modified: 1531424699"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7861
x-xss-protection
1; mode=block
expires
Thu, 12 Jul 2018 20:27:33 GMT
tag.min.js
get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
SPDY
Server
2600:9000:2001:9000:1f:287:d208:7ea1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
85ba7cc777ea14e9f294677fda785d468ec0a705615ef0446f27ae04e06ef359

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 12:34:53 GMT
content-encoding
gzip
last-modified
Thu, 12 Jul 2018 11:44:53 GMT
server
AmazonS3
age
28361
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
k3aWCnxsjYXJVcK6uY.C49pi9zZdMJRf
status
200
content-type
text/javascript
x-amz-cf-id
_nbuVIRxEqACrfJijHAlIt1FeHk3RLDAZg5ikLYKzNCzZuSi8EPF4w==
via
1.1 3fe3cb67da7e790ebadf1baabec782f6.cloudfront.net (CloudFront)
css.php
www.websleuths.com/forums/ 		99 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache / PHP/5.4.45
Resource Hash
d6b4ae790c46cc85ab0d3464c5efa306aa1593e8ea9050c0c2929ff9af48f17d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jul 2018 14:02:50 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding,User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public max-age=1, private, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
27118
Expires
Wed, 01 Jan 2020 00:00:00 GMT
css.php
www.websleuths.com/forums/ 		24 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache / PHP/5.4.45
Resource Hash
196a442dda6dd71836325266775d85bba5e78fe6b312e92b0ce5a5aa45ce1516

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Content-Encoding
gzip
Last-Modified
Thu, 12 Jul 2018 14:02:50 GMT
Server
Apache
X-Powered-By
PHP/5.4.45
Vary
Accept-Encoding,User-Agent
Content-Type
text/css; charset=utf-8
Cache-Control
public max-age=1, private, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
6792
Expires
Wed, 01 Jan 2020 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		70 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-7620263-1
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
SPDY
Server
2a00:1450:4001:81d::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
de048ea1c786917f09b8fb47e29215a2535275588dcc81d0d8e56d75e2b30758
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
25188
x-xss-protection
1; mode=block
expires
Thu, 12 Jul 2018 20:27:33 GMT
jquery-1.11.0.min.js
www.websleuths.com/forums/js/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/forums/js/jquery/jquery-1.11.0.min.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
33369
Expires
Fri, 12 Jul 2019 20:27:33 GMT
xenforo.js
www.websleuths.com/forums/js/xenforo/ 		165 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/forums/js/xenforo/xenforo.js?_v=17c354f1
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
7e9859e5db3354ac2ed913889efd51835672ba6cf448dda17963d5a1f19fb011

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, private
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
53040
Expires
Fri, 12 Jul 2019 20:27:33 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5ce8acd4457662c6b922c696da8ec34a20fe4670a1cf161e07ab7bc3b1321666
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27348
x-xss-protection
1; mode=block
server
cafe
etag
14027534507066007032
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Jul 2018 20:27:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Server
52.85.254.207 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-254-207.ams1.r.cloudfront.net
Software
Server /
Resource Hash
384e30e2bb474d8d51182cb3d58d22c74a950447633126cea40d2225914fa35b

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 16:25:34 GMT
Content-Encoding
gzip
Server
Server
Age
14519
ETag
671fc12128bf116e39a2c90d11ca49fe
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3fe3cb67da7e790ebadf1baabec782f6.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
ubOg_wIAHeqISr9qPOjtWGwXjcsr4NWa4DgnC827cMV8jZWLkEEERA==
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.websleuths.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.websleuths.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
2a00:1450:4001:81e::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_231.js
securepubads.g.doubleclick.net/gpt/ 		178 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_231.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
1c80619aa99b4bce0b57edaeaf2bae35ad0e1929096a51d0ced52df4dfa68e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Jul 2018 21:28:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
62603
x-xss-protection
1; mode=block
expires
Thu, 12 Jul 2018 20:27:33 GMT
fpi.js
ap.lijit.com/www/delivery/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=135302&width=300&height=250
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
5054394c18eb0998b9577d81b612470f8f3dc7dc31b00a6efb7604cde6011d04

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jul 2018 20:27:33 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5b452189-1534"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
xenforo-ui-sprite.png
www.websleuths.com/forums/styles/default/xenforo/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/xenforo-ui-sprite.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3894
Expires
Fri, 12 Jul 2019 20:27:34 GMT
category-23px-light.png
www.websleuths.com/forums/styles/default/xenforo/gradients/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/gradients/category-23px-light.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1072
Expires
Fri, 12 Jul 2019 20:27:34 GMT
node-sprite.png
www.websleuths.com/forums/styles/default/xenforo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/node-sprite.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
61448c860facc88d10432ab1dd84afae5e52f847a986ec1f458f189deef52207

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=facebook,login_bar,node_category,node_forum,node_list,notices,panel_scroller,resource_list_mini,sidebar_share_page,thread_list_simple,wf_default&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2672
Expires
Fri, 12 Jul 2019 20:27:34 GMT
form-button-white-25px.png
www.websleuths.com/forums/styles/default/xenforo/gradients/ 		192 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/gradients/form-button-white-25px.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
192
Expires
Fri, 12 Jul 2019 20:27:34 GMT
111244.jpg
www.websleuths.com/forums/data/avatars/s/111/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/111/111244.jpg?1526986638
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
7e17294763e12695b645dd38cdfa8d7d2618893032a815c860f41cd1a5318e9b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:57:18 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1553
Expires
Fri, 12 Jul 2019 20:27:34 GMT
110919.jpg
www.websleuths.com/forums/data/avatars/s/110/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/110/110919.jpg?1528734174
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
f2fcf93973aad8f843461eeb1e9093ba4ab851a2afcf84f13e73d128d606e965

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Mon, 11 Jun 2018 16:22:54 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1336
Expires
Fri, 12 Jul 2019 20:27:34 GMT
116754.jpg
www.websleuths.com/forums/data/avatars/s/116/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/116/116754.jpg?1528505470
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
cb605dbe266844381a6d5ca3918238b55deb2cd2d7353099301b4317cbb64e7b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Sat, 09 Jun 2018 00:51:10 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1444
Expires
Fri, 12 Jul 2019 20:27:34 GMT
avatar_male_s.png
www.websleuths.com/forums/styles/default/xenforo/avatars/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/avatars/avatar_male_s.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
7347386c63b8c4f09155fb15f00b8daa2436d01fe5094561fcdab865a90f93c5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1040
Expires
Fri, 12 Jul 2019 20:27:34 GMT
195741.jpg
www.websleuths.com/forums/data/avatars/s/195/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/195/195741.jpg?1526986724
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
616f4aaeb08f9a8715b54ddedd773ed25b3247db2aff8bf2e6e81d37863cc8ea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:58:44 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1602
Expires
Fri, 12 Jul 2019 20:27:34 GMT
98584.jpg
www.websleuths.com/forums/data/avatars/s/98/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/98/98584.jpg?1527212550
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
9619e38f4a604f55d115dcc9369bb7150f589aa76bcd6d7ba37789093ff01b40

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Fri, 25 May 2018 01:42:31 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1414
Expires
Fri, 12 Jul 2019 20:27:34 GMT
201678.jpg
www.websleuths.com/forums/data/avatars/s/201/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/201/201678.jpg?1526986729
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
ff176434b61b0468e7612a4483818d38bb238e0b56fa33deafbdd97fd7a1295c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:58:50 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1256
Expires
Fri, 12 Jul 2019 20:27:34 GMT
avatar_s.png
www.websleuths.com/forums/styles/default/xenforo/avatars/ 		905 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/avatars/avatar_s.png
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
29eb067facf6fdf42a162a8f2e62fede3c230745ed2ba535bdbe819b900ec3f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
905
Expires
Fri, 12 Jul 2019 20:27:34 GMT
217695.jpg
www.websleuths.com/forums/data/avatars/s/217/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/217/217695.jpg?1527369636
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
7f744c0e2a46d62792ece5cddea6b013c835010af40b2fafd7b188a847a84096

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Sat, 26 May 2018 21:20:37 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
1195
Expires
Fri, 12 Jul 2019 20:27:34 GMT
96922.jpg
www.websleuths.com/forums/data/avatars/s/96/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/96/96922.jpg?1527335181
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
e0ac94574d3ed53036646b6afe2fcbe54195c2443d34030151c57c693eb6e834

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Sat, 26 May 2018 11:46:21 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2562
Expires
Fri, 12 Jul 2019 20:27:34 GMT
82582.jpg
www.websleuths.com/forums/data/avatars/s/82/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/82/82582.jpg?1526986569
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
76400b51a223b8146b5f49da36a8876cfc36fd7a885a118f640a804ce49db7e1

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:56:11 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
1738
Expires
Fri, 12 Jul 2019 20:27:34 GMT
fpi.js
ap.lijit.com/www/delivery/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=345996&width=300&height=250
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
5054394c18eb0998b9577d81b612470f8f3dc7dc31b00a6efb7604cde6011d04

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jul 2018 20:27:34 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"5b45218b-1534"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
347.jpg
www.websleuths.com/forums/data/avatars/s/0/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/0/347.jpg?1526986431
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
3f77039e94ac3c4526fa8e0fa4f569172d0e74f449efe0feb01de1ce2ad58bd9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:53:51 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1714
Expires
Fri, 12 Jul 2019 20:27:34 GMT
225922.jpg
www.websleuths.com/forums/data/avatars/s/225/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/225/225922.jpg?1530841796
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
b3a0b5c1073cc739ee8ee8c5fa6a07c04b822aa52af78531a5b2aba2af58e5e2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; _ga=GA1.2.795566495.1531427254; _gid=GA1.2.1642018450.1531427254; _gat_gtag_UA_7620263_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Fri, 06 Jul 2018 01:49:56 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1710
Expires
Fri, 12 Jul 2019 20:27:34 GMT
225958.jpg
www.websleuths.com/forums/data/avatars/s/225/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/225/225958.jpg?1530783347
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
444358f360e091484760bf04ccb38ff6aaf887171fdf8d25bbbe2e0e2665705d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; _ga=GA1.2.795566495.1531427254; _gid=GA1.2.1642018450.1531427254; _gat_gtag_UA_7620263_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Thu, 05 Jul 2018 09:35:47 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1580
Expires
Fri, 12 Jul 2019 20:27:34 GMT
40733.jpg
www.websleuths.com/forums/data/avatars/s/40/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/40/40733.jpg?1526986474
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
0c0357620e2bd8a6083306c1d9867ed25550b216447a0b98d6930f1405c0402c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; _ga=GA1.2.795566495.1531427254; _gid=GA1.2.1642018450.1531427254; _gat_gtag_UA_7620263_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:54:34 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1315
Expires
Fri, 12 Jul 2019 20:27:34 GMT
80056.jpg
www.websleuths.com/forums/data/avatars/s/80/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/80/80056.jpg?1526986564
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
be65c496bd062e114d54d9f63b682c56ad9db118760c3d7495d32bfbf7d2e74d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; _ga=GA1.2.795566495.1531427254; _gid=GA1.2.1642018450.1531427254; _gat_gtag_UA_7620263_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:56:04 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1849
Expires
Fri, 12 Jul 2019 20:27:34 GMT
47231.jpg
www.websleuths.com/forums/data/avatars/s/47/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/data/avatars/s/47/47231.jpg?1526986494
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
a1c406d5830f79e5bc047af3131f756ba9e319cdfbe3380fe590a1d0eaaebfae

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa; _ga=GA1.2.795566495.1531427254; _gid=GA1.2.1642018450.1531427254; _gat_gtag_UA_7620263_1=1
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Tue, 22 May 2018 10:54:54 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1403
Expires
Fri, 12 Jul 2019 20:27:34 GMT
ws_black.jpg
www.websleuths.com/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/images/ws_black.jpg
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
bd2240e9942ae55b5fdc4e0cd0110b4e18a561430dfb3a4e8e6b68c02e2bf786

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Thu, 23 Nov 2017 01:43:35 GMT
Server
Apache
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
11015
Expires
Fri, 12 Jul 2019 20:27:34 GMT
sync
ap.lijit.com/ Frame F936 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=135302&width=300&height=250
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
3e820698023f61d4cd58001c51b9ada64009945c3b1a0c30c67d0ce83efffb26

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jul 2018 21:13:38 GMT
Server
nginx
ETag
W/"5b452182-c3de"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Expires
Fri, 13 Jul 2018 20:27:34 GMT
ca-pub-9455744174637442.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-9455744174637442.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 17:03:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Jul 2018 21:28:45 GMT
server
sffe
age
12255
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Fri, 13 Jul 2018 05:03:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180702/r20180604/ Frame FF3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180702/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180702/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 09 Jul 2018 22:22:37 GMT
expires
Mon, 23 Jul 2018 22:22:37 GMT
content-type
text/html; charset=UTF-8
etag
4726315756816018096
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6958
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
252297
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/ Frame C4CE 		181 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b5ae65667ffe904e42eb6b11707878eab490b62a9be99cdfcf45730dd60473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
68956
x-xss-protection
1; mode=block
server
cafe
etag
14419972815237788536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jul 2018 20:27:34 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
52.85.254.207 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-254-207.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

Date
Thu, 12 Jul 2018 16:04:39 GMT
Via
1.1 c4031fa00155eb8e412e373cfcb79d42.cloudfront.net (CloudFront)
Vary
Origin
Age
15776
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6456
Last-Modified
Fri, 29 Jun 2018 13:30:33 GMT
Server
AmazonS3
ETag
"afe2b01377d6dacb3dac3b80df6a3b24"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
X-Amz-Cf-Id
lk8yI0e_1JEECokSyq1Lbydb4IcnlEhU8Gb6682oDVOILkB-xxWT1Q==
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-7620263-1
Protocol
SPDY
Server
2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
1211
date
Thu, 12 Jul 2018 20:07:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14386
expires
Thu, 12 Jul 2018 22:07:23 GMT
sync
ap.lijit.com/ Frame B3A7 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=345996&width=300&height=250
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
3e820698023f61d4cd58001c51b9ada64009945c3b1a0c30c67d0ce83efffb26

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jul 2018 21:13:39 GMT
Server
nginx
ETag
W/"5b452183-c3de"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Expires
Fri, 13 Jul 2018 20:27:34 GMT
navigation-tab.png
www.websleuths.com/forums/styles/default/xenforo/gradients/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/gradients/navigation-tab.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
08edf588670f7002d869ca63d5cf8edcde6ee5d80db55aad3faf0b942a34f10a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1240
Expires
Fri, 12 Jul 2019 20:27:34 GMT
clear.png
www.websleuths.com/forums/styles/default/xenforo/ 		137 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.websleuths.com/forums/styles/default/xenforo/clear.png
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
77f692fa63083335d82bc3d1ed0c93b9d9826ffda16f365ca2eef18039c34370

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
Cookie
xf_session=a2a8fd0b8184ec94b5de44f5a0e5affa
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/css.php?css=xenforo,form,public&style=2&dir=LTR&d=1531404170
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Last-Modified
Wed, 23 May 2018 16:29:00 GMT
Server
Apache
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
137
Expires
Fri, 12 Jul 2019 20:27:34 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j68&a=43718775&t=pageview&_s=1&dl=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&ul=en-us&de=UTF-8&dt=Websleuths&sd=24-bit&sr=1600x1200&vp=1585x1200&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7620263-1&cid=795566495.1531427254&jid=1718208415&_gid=1642018450.1531427254&gjid=1283259090&_v=j68&z=1775544389
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7620263-1&cid=795566495.1531427254&jid=1718208415&_gid=1642018450.1531427254&gjid=1283259090&_v=j68&z=1775544389
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/
Protocol
SPDY
Server
2a00:1450:400c:c0c::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 12 Jul 2018 20:27:34 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Jul 2018 20:27:34 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-7620263-1&cid=795566495.1531427254&jid=1718208415&_gid=1642018450.1531427254&gjid=1283259090&_v=j68&z=1775544389
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-geo.s-onetag.com/ 		23 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Protocol
SPDY
Server
2600:9000:200e:1a00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

date
Wed, 11 Jul 2018 21:42:48 GMT
via
1.1 b2eb119180a1f499dade55aa4e26c619.cloudfront.net (CloudFront), 1.1 b451ce1932d9b97c4ef54f2f37ecb931.cloudfront.net (CloudFront)
age
81886
x-amzn-requestid
5a6f8d50-8553-11e8-84c0-2991f7b37e66
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
J4f5wEdjSK4Fq-g=
content-length
23
x-amz-cf-id
vdu0XSTFXOWSxsTGlhXmPa7mvr1RfmdIZFuvzhB5NSb-H4HtNX54BQ==
sdk.js
connect.facebook.net/en_US/ 		214 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.websleuths.com
URL: https://www.websleuths.com/forums/js/xenforo/xenforo.js?_v=17c354f1
Protocol
SPDY
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1db08f6e655ffb3440fcc63c178a26805c30d5938d978b4af721660b4788894b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
YdHTrX5AZGIipxOGaCQt7Q==
status
200
content-length
65813
x-xss-protection
0
x-fb-debug
wZIX7I8gGCK0OPxSyGP9AMVsU8EKLT+kea164h5cxGelyR5a32+UUMGaNae3omq7LWTI3Dat6/prHnVl2vfKiQ==
x-fb-content-md5
814e56ba3dcb68d9f0120286eb6328f8
x-frame-options
DENY
date
Thu, 12 Jul 2018 20:27:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"cf4b7bda3e84a813165ffaff1dcd0f7b"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Thu, 12 Jul 2018 20:35:43 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		47 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&pubid=ca4bd84d-78d0-4d8a-865f-eedc3c6e26ca&u=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&pid=9947626119471531427254119&cb=5105187954211531427254322&ws=1600x1200&v=7.8.1&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1469214856336-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F1001550%2FSidebar-1%22%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Server
52.94.218.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
5a29a476f1da35b5dce7b7d3ceb2b111bcf9e783f834254131ca91dba767772f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

Date
Thu, 12 Jul 2018 20:27:34 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://www.websleuths.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
47
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Protocol
SPDY
Server
2600:9000:200e:6000:7:8699:e840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

date
Tue, 10 Jul 2018 00:40:07 GMT
via
1.1 487cdcdf7a19623b97a27be170bb81f4.cloudfront.net (CloudFront), 1.1 c438f26ccd08e3dcd1f5cc4a61417fde.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
1128
x-amzn-remapped-date
Tue, 10 Jul 2018 00:41:56 GMT
age
244047
x-amzn-requestid
cb1282d3-83d9-11e8-83ca-61d6e0c40728
x-cache
Hit from cloudfront
status
200
x-amzn-remapped-content-md5
V3bqcw6aFQKp3T52xvqaow==
request-id
56219767-4da7-413d-b820-28498a2ab1b2
content-encoding
gzip
x-amz-apigw-id
JyUAIHyOyK4FiSQ=
access-control-allow-headers
Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, Api-Version, Response-Time
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
https://www.websleuths.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
x-amzn-remapped-server
restify
response-time
19
x-amz-cf-id
dAC0qnj9mOd53ETRANoWWy-2retQ708_sM2bHvcrAbG2yuuJx4nZ5w==
x-amzn-remapped-connection
Keep-Alive
ads
googleads.g.doubleclick.net/pagead/ Frame 67B1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=689663336&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254083&bpp=11&bdt=636&fdt=12&idt=292&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&correlator=3120090952924&frm=20&pv=2&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=571128992&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=275&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=1&fsb=1&xpc=Qt61Fu54tU&p=https%3A//www.websleuths.com&dtd=311
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=689663336&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254083&bpp=11&bdt=636&fdt=12&idt=292&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&correlator=3120090952924&frm=20&pv=2&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=571128992&dssz=26&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=275&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=1&fsb=1&xpc=Qt61Fu54tU&p=https%3A//www.websleuths.com&dtd=311
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 12 Jul 2018 20:27:34 GMT
server
cafe
cache-control
private
content-length
15449
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 12-Jul-2018 20:42:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 12 Jul 2018 20:27:34 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/ 		70 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
5cf423c404b0e2ef68823ac98abeeb04fea71af5311f146bf5cc7cdaa6befb4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 02 Jul 2018 22:09:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
857884
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26239
x-xss-protection
1; mode=block
server
cafe
etag
8359588440358283728
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 16 Jul 2018 22:09:30 GMT
adcfg
ap.lijit.com/ Frame F936 		158 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=135302&tid=edbdd955d85449b2bf918eaaad2e97dc17f45736&mode=1&dmn=www.websleuths.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
d334ff58cb63f3ffdcfdbabd9a45dc054b332862614a1313ecebec2805a79a03

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jul 2018 20:27:34 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Content-Type
application/x-javascript; charset=UTF-8
Expires
Fri, 20 Mar 2009 00:00:00 GMT
stylesheet.css
sovrn.mgr.consensu.org/344ae774-7cf4-4658-8475-323ce2d76441/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sovrn.mgr.consensu.org/344ae774-7cf4-4658-8475-323ce2d76441/stylesheet.css
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Protocol
SPDY
Server
52.85.255.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-255-187.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b79b22c9a5255a54c4cdc887a11167679da14197889edf9a999d0b67ed5400e

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 12:34:54 GMT
content-encoding
gzip
last-modified
Thu, 12 Jul 2018 11:44:41 GMT
server
AmazonS3
age
28361
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
81f0HLew1_O6Ss.C2w0SncMLJWob_XrE
status
200
content-type
text/css
x-amz-cf-id
rxxwYRmi_2vpoAI3tt0YF512HukRTYUmdyr5oezILQ8NZT6qkZVBuA==
via
1.1 939414900b0e5d33a5f9bf346ea3a331.cloudfront.net (CloudFront)
cmp.min.js
sovrn.mgr.consensu.org/cmp/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sovrn.mgr.consensu.org/cmp/cmp.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Protocol
SPDY
Server
52.85.255.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-255-187.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce10d06d0a8385a991b249af48b272b8fa074a8b731ff83fbaa08f8ce6125663

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 18 Jun 2018 12:56:36 GMT
content-encoding
gzip
last-modified
Mon, 18 Jun 2018 12:41:40 GMT
server
AmazonS3
age
27014
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
IZMXRFjBIlt4J4rPVmnj6i12hxGASydf
status
200
content-type
application/javascript
x-amz-cf-id
1VO1mSQNFUYLevzgzD-KIcKtBwrAzoXDS_pZypnVMrF-520HYr--lQ==
via
1.1 939414900b0e5d33a5f9bf346ea3a331.cloudfront.net (CloudFront)
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/ Frame 1C2B 		181 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Server
2a00:1450:4001:814::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b5ae65667ffe904e42eb6b11707878eab490b62a9be99cdfcf45730dd60473
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 12 Jul 2018 20:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
68956
x-xss-protection
1; mode=block
server
cafe
etag
14419972815237788536
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 12 Jul 2018 20:27:34 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1F11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=709986084&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254097&bpp=13&bdt=650&fdt=333&idt=335&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1173x90&correlator=3120090952924&frm=20&pv=1&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=36644254336&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=5253&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=2&fsb=1&xpc=udSbQAIJfm&p=https%3A//www.websleuths.com&dtd=340
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180702/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-9455744174637442&output=html&h=90&slotname=3092147560&adk=1752620857&adf=709986084&w=1173&fwrn=4&fwrnh=100&lmt=1531427253&rafmt=1&guci=1.2.0.0.2.2.0&format=1173x90&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&flash=0&fwr=0&rh=0&rw=1173.31&resp_fmts=3&wgl=1&adsid=NT&dt=1531427254097&bpp=13&bdt=650&fdt=333&idt=335&shv=r20180702&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=1173x90&correlator=3120090952924&frm=20&pv=1&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775&ga_fc=0&iag=0&icsg=36644254336&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=41&ady=5253&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21061122%2C368226400&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=4130573969&ifi=2&fsb=1&xpc=udSbQAIJfm&p=https%3A//www.websleuths.com&dtd=340
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 12 Jul 2018 20:27:34 GMT
server
cafe
cache-control
private
content-length
383
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 12-Jul-2018 20:42:34 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 12 Jul 2018 20:27:34 GMT
adcfg
ap.lijit.com/ Frame B3A7 		158 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=345996&tid=9406d9f4c220456ea09176b1091beb2dbeea58e4&mode=1&dmn=www.websleuths.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Server
169.55.70.149 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),
Reverse DNS
95.46.37a9.ip4.static.sl-reverse.com
Software
nginx /
Resource Hash
0b734c0ad5362da51d9847e7367c8b43f7cc2d6bd3c781bb0d68f145a3774f3e

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Jul 2018 20:27:34 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ap5iad1
Content-Type
application/x-javascript; charset=UTF-8
Expires
Fri, 20 Mar 2009 00:00:00 GMT
1e2RywyANNe.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 7435 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/1e2RywyANNe.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/1e2RywyANNe.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
expires
Wed, 10 Jul 2019 20:17:31 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
jU48DSJRo96ZGeKImAwswtHTo6ThHvenY0emWUi5Rncf+zuAzwZiJlZa406kR6k6hIaysUBJhzu8lDRbLztPjw==
content-length
13920
date
Thu, 12 Jul 2018 20:27:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4191012004671984&correlator=3910115599918866&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061645&vrg=231&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=1001550%2CSidebar-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=7&abxe=1&lmt=1531427253&dt=1531427254582&frm=20&biw=1585&bih=1185&oid=3&adxs=1234&adys=2055&adks=927576803&gut=v2&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.websleuths.com%2Fforums%2F&dssz=27&icsg=36644254336&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=320x298&ga_vid=1019519788.1531427254&ga_sid=1531427254&ga_hid=43718775
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_231.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
cafe /
Resource Hash
2388494161bdadec904f9763ab0312dffd369a355a9a3ac3506801500fe3e175
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

date
Thu, 12 Jul 2018 20:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8870
x-xss-protection
1; mode=block
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.websleuths.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_231.js
securepubads.g.doubleclick.net/gpt/ 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_231.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_231.js
Protocol
SPDY
Server
172.217.22.98 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f2.1e100.net
Software
sffe /
Resource Hash
2b18451f41f398f69d9e7435f3b80e11b53b9afc9395b42742c41e36928bde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 12 Jul 2018 20:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 06 Jul 2018 21:28:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16423
x-xss-protection
1; mode=block
expires
Thu, 12 Jul 2018 20:27:34 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_231.js
Protocol
SPDY
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Tue, 02 Jul 2019 15:03:13 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html
page.php
www.facebook.com/v2.10/plugins/ Frame D855 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.10/plugins/page.php?adapt_container_width=true&app_id=362074203988922&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F1e2RywyANNe.js%3Fversion%3D42%23cb%3Df1df0756510776%26domain%3Dwww.websleuths.com%26origin%3Dhttps%253A%252F%252Fwww.websleuths.com%252Ff316f73a2063718%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2FWebsleuths-311461642390611&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8186:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.10/plugins/page.php?adapt_container_width=true&app_id=362074203988922&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2F1e2RywyANNe.js%3Fversion%3D42%23cb%3Df1df0756510776%26domain%3Dwww.websleuths.com%26origin%3Dhttps%253A%252F%252Fwww.websleuths.com%252Ff316f73a2063718%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=http%3A%2F%2Fwww.facebook.com%2FWebsleuths-311461642390611&locale=en_US&sdk=joey&show_facepile=true&show_posts=true&small_header=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v2.10
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
cache-control
private, no-cache, no-store, must-revalidate
timing-allow-origin
*
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
pragma
no-cache
x-xss-protection
0
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset="utf-8"
x-fb-debug
VICd0gLVWtxznblWUSGkqYB1F1pdF3kfYT2rd7fTRct9TvfmGHcsN4iyy05DJ4MaHMcHNrgaOD88QcGftb1SBw==
date
Thu, 12 Jul 2018 20:27:34 GMT
portal.html
sovrn.mgr.consensu.org/cmp/portal/ Frame EF28 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sovrn.mgr.consensu.org/cmp/portal/portal.html
Requested by
Host: sovrn.mgr.consensu.org
URL: https://sovrn.mgr.consensu.org/cmp/cmp.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.255.187 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-255-187.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
sovrn.mgr.consensu.org
:scheme
https
:path
/cmp/portal/portal.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
content-type
text/html
content-length
137
date
Mon, 18 Jun 2018 12:56:36 GMT
last-modified
Wed, 13 Jun 2018 09:40:16 GMT
etag
"1201552aae3c926a127f037ea9206343"
x-amz-version-id
gXaDeR2SPAYiKectAa5s.IhB8aw.BDv8
accept-ranges
bytes
server
AmazonS3
age
26975
x-cache
Hit from cloudfront
via
1.1 939414900b0e5d33a5f9bf346ea3a331.cloudfront.net (CloudFront)
x-amz-cf-id
GYMtuStZGGYQH4VqWZWnJcB32NY3vQUDkkWODlsdFAxXWuMhTkArBQ==
pubvendors.json
www.websleuths.com/.well-known/ 		563 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.websleuths.com/.well-known/pubvendors.json
Requested by
Host: sovrn.mgr.consensu.org
URL: https://sovrn.mgr.consensu.org/cmp/cmp.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.243.41.90 Piscataway, United States, ASN20473 (AS-CHOOPA - Choopa, LLC, US),
Reverse DNS
tks.ahfbweb.com
Software
Apache /
Resource Hash
4dbbbe9d1fc784b9eaaa59625ef463c8590e77cc4fa9e0fdb7a2010a464f1b69

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.websleuths.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://www.websleuths.com/forums/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://www.websleuths.com/forums/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 12 Jul 2018 20:27:35 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
114
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ Frame 649F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_231.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-29/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://www.websleuths.com/forums/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
2BB78CFC3CA45D27E8493BC293E5E713
Referer
https://www.websleuths.com/forums/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
1479
date
Mon, 02 Jul 2018 15:03:13 GMT
expires
Tue, 02 Jul 2019 15:03:13 GMT
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
883461
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
vendorlist.json
vendorlist.consensu.org/ 		62 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: sovrn.mgr.consensu.org
URL: https://sovrn.mgr.consensu.org/cmp/cmp.min.js
Protocol
SPDY
Server
2600:9000:200e:8600:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b17b2d930dcaa509f8e23258e4c4f3d9043fbf6e728ca36ce990f176cb1a2cfc

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

date
Thu, 12 Jul 2018 17:48:35 GMT
content-encoding
gzip
last-modified
Thu, 12 Jul 2018 16:00:17 GMT
server
AmazonS3
age
40
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
x-amz-version-id
OW.p1Y4w70eWRaFgHCjn1xokeFauqazm
access-control-allow-origin
*
access-control-max-age
86400
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
gOl36Yo_03uyQ5N_ekcvrysbf3VMVRAkMlF-rBeAEaVQFvrLFtdU6g==
via
1.1 973544984500f17f202d338274a94acc.cloudfront.net (CloudFront)
/
onetag-geo.s-onetag.com/ 		23 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/344ae774-7cf4-4658-8475-323ce2d76441/tag.min.js
Protocol
SPDY
Server
2600:9000:200e:1a00:5:ae3a:ba00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
/
Resource Hash
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.websleuths.com/forums/
Origin
https://www.websleuths.com

Response headers

date
Wed, 11 Jul 2018 21:42:48 GMT
via
1.1 b2eb119180a1f499dade55aa4e26c619.cloudfront.net (CloudFront), 1.1 b451ce1932d9b97c4ef54f2f37ecb931.cloudfront.net (CloudFront)
age
81896
x-amzn-requestid
5a6f8d50-8553-11e8-84c0-2991f7b37e66
status
200
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
J4f5wEdjSK4Fq-g=
content-length
23
x-amz-cf-id
P7hlx-ygD6inEtJJLr_uxRsUV7_suiaxmYIaioUqjT_xMHV6wztcGQ==

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| googletag object| apstag function| __cmp object| _b string| _bH object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken function| gtag object| dataLayer function| $ function| jQuery object| $jscomp object| XenForo object| jQuery111002721244199108366 function| XFNoCaptchaCallback object| adsbygoogle object| sovrn object| true object| q function| D number| F function| E function| G function| K function| L function| M string| state object| __onetag object| google_tag_manager object| google_ad_modifications boolean| google_measure_js_timing function| google_spfd number| google_unique_id object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| api function| fbAsyncInit object| GPT_jstiming object| closure_memoize_cache_ boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| google_persistent_state_async object| google_reactive_ads_global_state object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| FB string| sovrn_beacon_tid object| core object| __core-js_shared__ function| Goog_AdSense_OsdAdapter function| google_osd_amcb

0 Cookies

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.websleuths.com/forums/js/xenforo/xenforo.js?_v=17c354f1(Line 225)
Message:
XenForo.activate(%o)
console-api log URL: https://www.websleuths.com/forums/js/xenforo/xenforo.js?_v=17c354f1(Line 227)
Message:
console.groupEnd
console-api info URL: https://www.websleuths.com/forums/js/xenforo/xenforo.js?_v=17c354f1(Line 212)
Message:
XenForo.init() %dms. jQuery %s/%s

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
ap.lijit.com
c.amazon-adsystem.com
connect.facebook.net
get.s-onetag.com
googleads.g.doubleclick.net
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
sovrn.mgr.consensu.org
staticxx.facebook.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vendorlist.consensu.org
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.websleuths.com
104.243.41.90
169.55.70.149
172.217.22.98
2600:9000:2001:9000:1f:287:d208:7ea1
2600:9000:200e:1a00:5:ae3a:ba00:93a1
2600:9000:200e:6000:7:8699:e840:93a1
2600:9000:200e:8600:1:af78:4c0:93a1
2a00:1450:4001:814::2001
2a00:1450:4001:814::2002
2a00:1450:4001:816::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2002
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8186:face:b00c:0:50fb
52.85.254.207
52.85.255.187
52.94.218.7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08edf588670f7002d869ca63d5cf8edcde6ee5d80db55aad3faf0b942a34f10a
0b734c0ad5362da51d9847e7367c8b43f7cc2d6bd3c781bb0d68f145a3774f3e
0b79b22c9a5255a54c4cdc887a11167679da14197889edf9a999d0b67ed5400e
0c0357620e2bd8a6083306c1d9867ed25550b216447a0b98d6930f1405c0402c
148805ef840df5f06de10c18349522ea3f2ce394218c5515f54e9265828691e5
196a442dda6dd71836325266775d85bba5e78fe6b312e92b0ce5a5aa45ce1516
1c80619aa99b4bce0b57edaeaf2bae35ad0e1929096a51d0ced52df4dfa68e3d
1db08f6e655ffb3440fcc63c178a26805c30d5938d978b4af721660b4788894b
2388494161bdadec904f9763ab0312dffd369a355a9a3ac3506801500fe3e175
29eb067facf6fdf42a162a8f2e62fede3c230745ed2ba535bdbe819b900ec3f6
2b18451f41f398f69d9e7435f3b80e11b53b9afc9395b42742c41e36928bde0d
384e30e2bb474d8d51182cb3d58d22c74a950447633126cea40d2225914fa35b
3e680984bb1ad23237ee8e18bfbd1c4681499655c31593455e290ed3ec35e700
3e820698023f61d4cd58001c51b9ada64009945c3b1a0c30c67d0ce83efffb26
3f77039e94ac3c4526fa8e0fa4f569172d0e74f449efe0feb01de1ce2ad58bd9
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
444358f360e091484760bf04ccb38ff6aaf887171fdf8d25bbbe2e0e2665705d
4cc4cae0bb86846428c4d8471ec2cd1627e7df4ce1fc4e4bb11c94cf557f9c8e
4dbbbe9d1fc784b9eaaa59625ef463c8590e77cc4fa9e0fdb7a2010a464f1b69
5054394c18eb0998b9577d81b612470f8f3dc7dc31b00a6efb7604cde6011d04
5a29a476f1da35b5dce7b7d3ceb2b111bcf9e783f834254131ca91dba767772f
5ce8acd4457662c6b922c696da8ec34a20fe4670a1cf161e07ab7bc3b1321666
5cf423c404b0e2ef68823ac98abeeb04fea71af5311f146bf5cc7cdaa6befb4f
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
61448c860facc88d10432ab1dd84afae5e52f847a986ec1f458f189deef52207
616f4aaeb08f9a8715b54ddedd773ed25b3247db2aff8bf2e6e81d37863cc8ea
6a7df56f580bf0b383dfcacf6f1962e04f5acbb343b270fa4749a16864cac5ac
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
7347386c63b8c4f09155fb15f00b8daa2436d01fe5094561fcdab865a90f93c5
76400b51a223b8146b5f49da36a8876cfc36fd7a885a118f640a804ce49db7e1
77f692fa63083335d82bc3d1ed0c93b9d9826ffda16f365ca2eef18039c34370
7e17294763e12695b645dd38cdfa8d7d2618893032a815c860f41cd1a5318e9b
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
7e9859e5db3354ac2ed913889efd51835672ba6cf448dda17963d5a1f19fb011
7f744c0e2a46d62792ece5cddea6b013c835010af40b2fafd7b188a847a84096
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85ba7cc777ea14e9f294677fda785d468ec0a705615ef0446f27ae04e06ef359
9619e38f4a604f55d115dcc9369bb7150f589aa76bcd6d7ba37789093ff01b40
a1c406d5830f79e5bc047af3131f756ba9e319cdfbe3380fe590a1d0eaaebfae
a5b5ae65667ffe904e42eb6b11707878eab490b62a9be99cdfcf45730dd60473
ad16e1b37490fca28df99d039d6373d2fee4d894fcd279d95b90ae872f4d860f
b17b2d930dcaa509f8e23258e4c4f3d9043fbf6e728ca36ce990f176cb1a2cfc
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b3a0b5c1073cc739ee8ee8c5fa6a07c04b822aa52af78531a5b2aba2af58e5e2
bd2240e9942ae55b5fdc4e0cd0110b4e18a561430dfb3a4e8e6b68c02e2bf786
be65c496bd062e114d54d9f63b682c56ad9db118760c3d7495d32bfbf7d2e74d
cb605dbe266844381a6d5ca3918238b55deb2cd2d7353099301b4317cbb64e7b
ce10d06d0a8385a991b249af48b272b8fa074a8b731ff83fbaa08f8ce6125663
d334ff58cb63f3ffdcfdbabd9a45dc054b332862614a1313ecebec2805a79a03
d4b7383fba553538a74c445f0bc798e2d9c134ad199f5e0f897b863401261617
d6b4ae790c46cc85ab0d3464c5efa306aa1593e8ea9050c0c2929ff9af48f17d
de048ea1c786917f09b8fb47e29215a2535275588dcc81d0d8e56d75e2b30758
e0ac94574d3ed53036646b6afe2fcbe54195c2443d34030151c57c693eb6e834
f2fcf93973aad8f843461eeb1e9093ba4ab851a2afcf84f13e73d128d606e965
ff176434b61b0468e7612a4483818d38bb238e0b56fa33deafbdd97fd7a1295c