urlscan.io logo urlscan.io
SecurityTrails logo

abnormalreturns.com Open in urlscan Pro
192.124.249.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://abnormalreturns.com/
Effective URL: https://abnormalreturns.com/
Submission: On September 27 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 78 HTTP transactions. The main IP is 192.124.249.169, located in United States and belongs to SUCURI-SEC - Sucuri, US. The main domain is abnormalreturns.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 6th 2018. Valid for: 3 months.
This is the only time abnormalreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 192.124.249.169 30148 (SUCURI-SEC)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 54.230.95.79 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.230.95.139 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.68.56.226 16509 (AMAZON-02)
1 18.197.206.75 16509 (AMAZON-02)
2 38.140.99.21 174 (COGENT-174)
1 3 23.43.115.95 20940 (AKAMAI-ASN1)
1 2600:9000:200... 16509 (AMAZON-02)
1 18.195.140.49 16509 (AMAZON-02)
9 54.200.150.117 16509 (AMAZON-02)
6 62.113.194.2 47447 (TTM)
5 54.148.199.253 16509 (AMAZON-02)
3 185.172.148.132 44239 (PROINITY ...)
78 23
15    192.124.249.169 (United States)

ASN30148 (SUCURI-SEC - Sucuri, US)
PTR: cloudproxy10169.sucuri.net
abnormalreturns.com
3    2a00:1450:4001:816::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
3    2a00:1450:4001:816::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
8    2a00:1450:4001:81b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    54.230.95.79 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-79.fra2.r.cloudfront.net
cdn1.lockerdome.com
4    2a00:1450:4001:816::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.gstatic.com
fonts.gstatic.com
4    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:816::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    54.230.95.139 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-95-139.fra2.r.cloudfront.net
cdn2.lockerdome.com
2    2a00:1450:400c:c00::9c (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
7    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
googleads.g.doubleclick.net
1    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
1    54.68.56.226 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-68-56-226.us-west-2.compute.amazonaws.com
load.sumo.com
1    18.197.206.75 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-197-206-75.eu-central-1.compute.amazonaws.com
secure.quantserve.com
2    38.140.99.21 (Saint Louis, United States)

ASN174 (COGENT-174 - Cogent Communications, US)
lockerdome.com
3    23.43.115.95 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-43-115-95.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2600:9000:200c:7e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
1    18.195.140.49 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-140-49.eu-central-1.compute.amazonaws.com
pixel.quantserve.com
9    54.200.150.117 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-200-150-117.us-west-2.compute.amazonaws.com
sumo.com
6    62.113.194.2 (Germany)

ASN47447 (TTM, DE)
sumo.b-cdn.net
5    54.148.199.253 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-148-199-253.us-west-2.compute.amazonaws.com
sumo.com
3    185.172.148.132 (Germany)

ASN44239 (PROINITY PROINITY, DE)
media.sumo.com
Domain Requested by
15 abnormalreturns.com 1 redirects abnormalreturns.com
14 sumo.com load.sumo.com
8 pagead2.googlesyndication.com abnormalreturns.com
pagead2.googlesyndication.com
6 sumo.b-cdn.net load.sumo.com
sumo.b-cdn.net
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 www.google-analytics.com 2 redirects abnormalreturns.com
3 media.sumo.com sumo.b-cdn.net
load.sumo.com
3 sb.scorecardresearch.com 1 redirects abnormalreturns.com
www.googletagmanager.com
3 fonts.gstatic.com abnormalreturns.com
sumo.b-cdn.net
3 fonts.googleapis.com abnormalreturns.com
sumo.b-cdn.net
3 www.google.com abnormalreturns.com
www.gstatic.com
2 lockerdome.com cdn2.lockerdome.com
2 stats.g.doubleclick.net abnormalreturns.com
1 pixel.quantserve.com abnormalreturns.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com abnormalreturns.com
1 load.sumo.com abnormalreturns.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 cdn2.lockerdome.com cdn1.lockerdome.com
1 www.googletagmanager.com abnormalreturns.com
1 www.gstatic.com www.google.com
1 cdn1.lockerdome.com abnormalreturns.com
78 23

This site contains links to these domains. Also see Links.

Domain
ritholtzwealth.com
Subject Issuer Validity Valid
abnormalreturns.com
Let's Encrypt Authority X3		 2018-08-06 -
2018-11-04		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.lockerdome.com
Amazon		 2018-02-07 -
2019-03-07		 a year crt.sh
*.google.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.sumo.com
Go Daddy Secure Certificate Authority - G2		 2017-11-17 -
2019-01-16		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2015-08-05 -
2018-11-02		 3 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2017-12-06 -
2018-12-26		 a year crt.sh
*.b-cdn.net
COMODO RSA Domain Validation Secure Server CA		 2018-04-23 -
2020-04-23		 2 years crt.sh

This page contains 16 frames:

Primary Page: https://abnormalreturns.com/
Frame ID: 14113323276A653D713DEBA160BA67B6
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html
Frame ID: BB74F3EE06A20A87C3252A6C1DBA00B7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: F2FDC67DCEFA8B833FB8BD1E0162B7D6
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/9638146090670950?pubid=ld-9023-2474&pubo=https%3A%2F%2Fabnormalreturns.com&rid=&width=620
Frame ID: F16CB765FFB4D203F5427BDF090AD72E
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/9638143775415142?pubid=ld-9995-8883&pubo=https%3A%2F%2Fabnormalreturns.com&rid=&width=620
Frame ID: 384154391E640334170116FF78EB5B52
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&co=aHR0cHM6Ly9hYm5vcm1hbHJldHVybnMuY29tOjQ0Mw..&hl=en&v=v1537165899310&size=normal&cb=nj3r09aru88c
Frame ID: D9DEFCF91368CC75DC4E47A8928FD846
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&adk=1812271804&adf=3025194257&lmt=1538071140&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fabnormalreturns.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538071139766&bpp=11&bdt=117&fdt=13&idt=232&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=8297605431696&frm=20&pv=2&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=33569423&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=463733034&ifi=0&fsb=1&dtd=276
Frame ID: 7F3D4BE10CCF417A08FCACAAD6B46773
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 2FC28AFC7BA99DD9304276D66CEDBA3A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=90&slotname=5061757204&adk=2474622598&adf=1887281470&w=1000&fwrn=4&fwrnh=100&lmt=1538071140&rafmt=1&guci=1.2.0.0.2.2.0&format=1000x90&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&fwr=0&rh=0&rw=1000&resp_fmts=3&wgl=1&adsid=NT&dt=1538071139780&bpp=9&bdt=132&fdt=279&idt=281&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=117&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=73253044&ifi=1&fsb=1&xpc=xAGcH6ynHR&p=https%3A//abnormalreturns.com&dtd=289
Frame ID: C917A5BEE878101DA1A11BEBACBE9876
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 7ACFB7B304DE33D0BE04BD0C6D984618
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=6538490408&adk=3929987250&adf=2878686882&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139789&bpp=6&bdt=141&fdt=305&idt=308&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1230&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1420656107&ifi=2&fsb=1&xpc=ZZkRsfg2E9&p=https%3A//abnormalreturns.com&dtd=312
Frame ID: 6780260D9469A77D7D199B676B5E38E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: C8ED7D1F4334A99A89B1824F7771A46F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=600&slotname=4782555605&adk=589923663&adf=3652105102&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&wgl=1&adsid=NT&dt=1538071139795&bpp=5&bdt=147&fdt=358&idt=360&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1709536122&ifi=3&fsb=1&xpc=TkyPwasZZt&p=https%3A//abnormalreturns.com&dtd=369
Frame ID: 937EFAC0E84BB4D13BD812B9EEE38D39
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1537165899310&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&cb=borbt6l0tq50
Frame ID: 0274C81299763019993714A6B1610A72
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Frame ID: 26C4838B5BA4A31A2FDD36B0571AEE15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=2887020007&adk=3244292554&adf=4061651233&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139800&bpp=3&bdt=152&fdt=416&idt=418&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250%2C300x600&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=2541&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=185638998&ifi=4&fsb=1&xpc=cbLvMqvWiV&p=https%3A//abnormalreturns.com&dtd=428
Frame ID: E692C317116039FDC570B514EAAA1B70
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://abnormalreturns.com/ HTTP 301
    https://abnormalreturns.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • env /woocommerce/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • env /woocommerce/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
  • env /woocommerce/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • env /^Recaptcha$/i

Page Statistics

78
Requests

100 %
HTTPS

45 %
IPv6

15
Domains

23
Subdomains

23
IPs

4
Countries

1276 kB
Transfer

5943 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://abnormalreturns.com/ HTTP 301
    https://abnormalreturns.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1647911491&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalreturns.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1561124752&gjid=1680760528&cid=246848603.1538071140&tid=UA-55944108-1&_gid=139251583.1538071140&_r=1&z=834035028 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1561124752&_gid=139251583.1538071140&gjid=1680760528&_v=j69&z=834035028
Request Chain 34
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1647911491&t=event&ni=1&_s=1&dl=https%3A%2F%2Fabnormalreturns.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Outbound%20Links&ea=Click&_u=aEDAAEAB~&jid=1788307938&gjid=946140715&cid=246848603.1538071140&tid=UA-55944108-1&_gid=139251583.1538071140&_r=1&gtm=G9hPZQX9M&z=1092267306 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1788307938&_gid=139251583.1538071140&gjid=946140715&_v=j69&z=1092267306
Request Chain 36
  • https://sb.scorecardresearch.com/b?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9=

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
abnormalreturns.com/
Redirect Chain
  • http://abnormalreturns.com/
  • https://abnormalreturns.com/
90 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
f168660bccd9cabcb94cc62553eca65899b986b6717fe6c6593758fdcae712e5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
abnormalreturns.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 27 Sep 2018 17:58:59 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
15019
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
vary
Accept-Encoding Accept-Encoding
link
<https://abnormalreturns.com/wp-json/>; rel="https://api.w.org/"
x-fw-server
Flywheel/4.1.0
x-fw-hash
ikgfc9t2h6
x-cacheable
NO:Not Cacheable
x-fw-serve
TRUE
x-cache
MISS
x-fw-static
NO
x-fw-type
VISIT
content-encoding
gzip
x-sucuri-cache
EXPIRED

Redirect headers

Server
Sucuri/Cloudproxy
Date
Thu, 27 Sep 2018 17:58:58 GMT
Content-Type
text/html
Content-Length
178
Connection
keep-alive
X-Sucuri-ID
15019
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Location
https://abnormalreturns.com/
api.js
www.google.com/recaptcha/ 		762 B
539 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
26e0b406fb2610ba6e2d2e1aff2fd26fecc8c96a52ce64641c7d7aaa5965d34b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
448
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 17:58:59 GMT
form-style.css
abnormalreturns.com/wp-content/plugins/mailbag/includes/css/ 		2 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/wp-content/plugins/mailbag/includes/css/form-style.css
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
e6a889e4c6c9d69f0d125ba55f27e87256a9f43582eacdacc6cf9a60b04fd3c8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/plugins/mailbag/includes/css/form-style.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
510
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sun, 14 May 2017 20:03:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5918b818-68f"
vary
Accept-Encoding
content-type
text/css
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
42
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,700,700italic|Roboto+Slab:400,700&subset=latin
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
7972cc95bc2c74a7889c1d41aecbea9d157ed8f89fbb39be8aafd250f71600d0
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 17:58:59 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 27 Sep 2018 17:58:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 17:58:59 GMT
application.min.css
abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/ 		24 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/application.min.css
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
124df0ebd25738ff91943e2da501f22ae70f6c9f87b7fe672de8d6af9ab553b4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/abnormalreturns/library/public/application.min.css
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
5727
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:31:54 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"58fbafaa-5e99"
vary
Accept-Encoding
content-type
text/css
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
42
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
27479
x-xss-protection
1; mode=block
server
cafe
etag
9435517286743240179
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
abnormalreturns_main_content_multi_impression_unit.js
cdn1.lockerdome.com/embeds/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdome.com/embeds/abnormalreturns_main_content_multi_impression_unit.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-79.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afc6b25a872f86def7368a612ecfbc5b891894593c55696a2dcf42211818dc56

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 07:56:23 GMT
via
1.1 bd785324d865b594e6f1838b58cb0dae.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2017 23:32:53 GMT
server
AmazonS3
age
78099
etag
"b685c9b89b42f985bd5cf82784a41e9e"
x-cache
Hit from cloudfront
x-amz-version-id
ECfC7auT4dD.dRzg9Zp9s.XKBBI2KZ_Q
status
200
accept-ranges
bytes
content-type
application/javascript
content-length
1296
x-amz-cf-id
lUwJge_Yni4yBy6RyomgfM8_eQbPz6Qr9i-C4ZJhGahCpgbm_6FTzA==
tadas-300x285.jpg
abnormalreturns.com/wp-content/uploads/2017/03/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2017/03/tadas-300x285.jpg
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
9092e0fdc26ae9defbc82084e33fb7e24b56f894a517a7cbabf2e3a4b06d3697
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2017/03/tadas-300x285.jpg
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
14199
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 11 Mar 2017 17:26:25 GMT
server
nginx
etag
"58c43341-3777"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
19
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
barrons.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/barrons.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
73d1dcdda95dca27d54de4d659775365c4a1d3c68756df11df0949f91501179b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/barrons.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
8559
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:17 GMT
server
nginx
etag
"58fbafc1-216f"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
16
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
businessinsider.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/businessinsider.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
403e59d59639812ed775bfbd8872802f38695160b0adebaa56b76f57c11d7327
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/businessinsider.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
11618
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:17 GMT
server
nginx
etag
"58fbafc1-2d62"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
14
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
investmentnews.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/investmentnews.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
8f089a30ad57685485ee7155d913c25f194450ac4e0677f4d8805c19c4f27e0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/investmentnews.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
5851
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:23 GMT
server
nginx
etag
"58fbafc7-16db"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
16
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
thewashingtonpost.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/thewashingtonpost.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
b5dbd74382713a3b9aeeaee8313b73679177dc6c3f513f68f8d9aab6fea9ac57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/thewashingtonpost.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
5764
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:18 GMT
server
nginx
etag
"58fbafc2-1684"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
14
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wallstreetjournal.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/wallstreetjournal.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
60cdebfc458c17234f59ed48d38d31c7b075af5da871f17f403e201f2576a520
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/wallstreetjournal.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
9526
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:20 GMT
server
nginx
etag
"58fbafc4-2536"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
16
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
yahoo.png
abnormalreturns.com/wp-content/uploads/2014/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2014/12/yahoo.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
817530c7eb9efc094e619ba8212fc07f6d722e7d4de40569ea0178a71c21f868
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2014/12/yahoo.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
9058
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:32:27 GMT
server
nginx
etag
"58fbafcb-2362"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
14
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
enterprisingInvestor.png
abnormalreturns.com/wp-content/uploads/2016/10/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abnormalreturns.com/wp-content/uploads/2016/10/enterprisingInvestor.png
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
36a6eb4aaf097f7c7c1ad5318e8028f57e5e006c404b6ac38ad919f8f4696b58
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/uploads/2016/10/enterprisingInvestor.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
21532
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sun, 30 Oct 2016 20:38:25 GMT
server
nginx
etag
"58165a41-541c"
x-frame-options
SAMEORIGIN
content-type
image/png
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
14
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
application.min.js
abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/ 		141 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/application.min.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
2a229cf0200b94777172b07f22d4ecc9aca880385a3d439ca95bbffc2d28fa57
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-content/themes/abnormalreturns/library/public/application.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
46820
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Sat, 22 Apr 2017 19:31:55 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"58fbafab-23314"
vary
Accept-Encoding
content-type
application/javascript
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
48
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
abnormalreturns.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/wp-includes/js/wp-embed.min.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-embed.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
751
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Fri, 03 Aug 2018 05:32:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5b63e8f2-576"
vary
Accept-Encoding
content-type
application/javascript
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
47
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/api2/v1537165899310/ 		237 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/api2/v1537165899310/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
01be295d9648229a5eed43b6c27836a569362324ceee92e99a4f40e23ee0c464
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 15:28:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 17 Sep 2018 16:45:00 GMT
server
sffe
age
527428
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
80281
x-xss-protection
1; mode=block
expires
Sat, 21 Sep 2019 15:28:31 GMT
wp-emoji-release.min.js
abnormalreturns.com/wp-includes/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://abnormalreturns.com/wp-includes/js/wp-emoji-release.min.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.124.249.169 , United States, ASN30148 (SUCURI-SEC - Sucuri, US),
Reverse DNS
cloudproxy10169.sucuri.net
Software
nginx /
Resource Hash
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
abnormalreturns.com
referer
https://abnormalreturns.com/
:scheme
https
:method
GET
Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-fw-static
YES
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-fw-server
Flywheel/4.1.0
x-cache
HIT
status
200
x-sucuri-cache
HIT
content-length
4421
x-xss-protection
1; mode=block
x-fw-type
VISIT
pragma
public
last-modified
Fri, 03 Aug 2018 05:32:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"5b63e8f6-2efa"
vary
Accept-Encoding
content-type
application/javascript
x-fw-serve
TRUE
cache-control
max-age=315360000
x-hits
46
x-sucuri-id
15019
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 23:12:19 GMT
server
Golfe2
age
1193
date
Thu, 27 Sep 2018 17:39:06 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
16173
expires
Thu, 27 Sep 2018 19:39:06 GMT
gtm.js
www.googletagmanager.com/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PZQX9M
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
3960e6b1b2180f927632341f89b9f18bab7ea7c942e742e5de12a697cd2a1a40
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26098
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 17:58:59 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,700,700italic|Roboto+Slab:400,700&subset=latin
Origin
https://abnormalreturns.com

Response headers

date
Sun, 26 Aug 2018 07:41:17 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
2801862
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Mon, 26 Aug 2019 07:41:17 GMT
BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
fonts.gstatic.com/s/robotoslab/v7/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v7/BngRUXZYTXPIvIBgJJSb6u92w7CGwR2oefDo.woff2
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400italic,700,700italic|Roboto+Slab:400,700&subset=latin
Origin
https://abnormalreturns.com

Response headers

date
Fri, 21 Sep 2018 01:24:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:32:29 GMT
server
sffe
age
578093
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
11096
x-xss-protection
1; mode=block
expires
Sat, 21 Sep 2019 01:24:06 GMT
ajs.js
cdn2.lockerdome.com/_js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdome.com/_js/ajs.js
Requested by
Host: cdn1.lockerdome.com
URL: https://cdn1.lockerdome.com/embeds/abnormalreturns_main_content_multi_impression_unit.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.139 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-139.fra2.r.cloudfront.net
Software
/
Resource Hash
bd834fdd2e7697c615a3340370be7f99aad843dc2ecd5a687db06e60cb52680d

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 00:34:58 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 01:33:36 GMT
age
62641
etag
"4787-1537925616000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
IqQoJWujrdC_qafz34b4g0HhzjCuvA3AWlW5RH_cEvFC4GCGVHMBZw==
via
1.1 fd0b6604a702c913fca13c5d665f0604.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1647911491&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalreturns.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&ji...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1561124752&_gid=139251583.1538071140&gjid=1680760528&_v=j69&z=834035028
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1561124752&_gid=139251583.1538071140&gjid=1680760528&_v=j69&z=834035028
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 27 Sep 2018 17:58:59 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Sep 2018 17:58:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1561124752&_gid=139251583.1538071140&gjid=1680760528&_v=j69&z=834035028
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=abnormalreturns.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=abnormalreturns.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
ca-pub-2748210115748051.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		133 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-2748210115748051.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 10:39:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 26 Sep 2018 21:37:45 GMT
server
sffe
age
26394
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
125
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 22:39:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/ Frame BB74 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20180924/r20180604/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20180924/r20180604/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Mon, 24 Sep 2018 19:27:57 GMT
expires
Mon, 08 Oct 2018 19:27:57 GMT
content-type
text/html; charset=UTF-8
etag
12810928231326100212
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
6940
x-xss-protection
1; mode=block
cache-control
public, max-age=1209600
age
253862
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame F2FD 		196 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
/
load.sumo.com/ 		430 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.68.56.226 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-68-56-226.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
729033cc60e54762fdbb94ec59f8cf3db90ac06ac6931f0aa530ea0c3073c2d9

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:00 GMT
content-encoding
gzip
last-modified
Wed, 26 Sep 2018 20:57:32 GMT
server
nginx/1.12.1
etag
W/"5babf2bc-6b910"
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
max-age=600
content-type
application/javascript
expires
Thu, 27 Sep 2018 18:00:27 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.197.206.75 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-197-206-75.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 17:58:59 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27-Sep-2018 17:58:59 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Thu, 04 Oct 2018 17:58:59 GMT
9638146090670950
lockerdome.com/lad/ Frame F16C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/9638146090670950?pubid=ld-9023-2474&pubo=https%3A%2F%2Fabnormalreturns.com&rid=&width=620
Requested by
Host: cdn2.lockerdome.com
URL: https://cdn2.lockerdome.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
38.140.99.21 Saint Louis, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://abnormalreturns.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1384
Date
Thu, 27 Sep 2018 17:59:00 GMT
Connection
keep-alive
9638143775415142
lockerdome.com/lad/ Frame 3841 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/lad/9638143775415142?pubid=ld-9995-8883&pubo=https%3A%2F%2Fabnormalreturns.com&rid=&width=620
Requested by
Host: cdn2.lockerdome.com
URL: https://cdn2.lockerdome.com/_js/ajs.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
38.140.99.21 Saint Louis, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://abnormalreturns.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Type
text/html; charset=utf-8
Content-Length
1384
Date
Thu, 27 Sep 2018 17:59:00 GMT
Connection
keep-alive
anchor
www.google.com/recaptcha/api2/ Frame D9DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&co=aHR0cHM6Ly9hYm5vcm1hbHJldHVybnMuY29tOjQ0Mw..&hl=en&v=v1537165899310&size=normal&cb=nj3r09aru88c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1537165899310/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O6bTc40IBpcqKdaLFyKCokh5YbI' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&co=aHR0cHM6Ly9hYm5vcm1hbHJldHVybnMuY29tOjQ0Mw..&hl=en&v=v1537165899310&size=normal&cb=nj3r09aru88c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 27 Sep 2018 17:58:59 GMT
content-security-policy
script-src 'report-sample' 'nonce-O6bTc40IBpcqKdaLFyKCokh5YbI' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
11718
server
GSE
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j69&a=1647911491&t=event&ni=1&_s=1&dl=https%3A%2F%2Fabnormalreturns.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Outbound%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1788307938&_gid=139251583.1538071140&gjid=946140715&_v=j69&z=1092267306
35 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1788307938&_gid=139251583.1538071140&gjid=946140715&_v=j69&z=1092267306
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 27 Sep 2018 17:58:59 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 27 Sep 2018 17:58:59 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-55944108-1&cid=246848603.1538071140&jid=1788307938&_gid=139251583.1538071140&gjid=946140715&_v=j69&z=1092267306
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j69&a=1647911491&t=pageview&_s=1&dl=https%3A%2F%2Fabnormalreturns.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=&gjid=&cid=246848603.1538071140&tid=UA-55944108-1&_gid=139251583.1538071140&gtm=G9hPZQX9M&z=77823570
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Sep 2018 20:57:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1198914
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9=
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9=
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-115-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 17:58:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=16807273&ns__t=1538071139960&ns_c=UTF-8&c8=&c7=https%3A%2F%2Fabnormalreturns.com%2F&c9=
Pragma
no-cache
Date
Thu, 27 Sep 2018 17:58:59 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-jPLpqjKXxrKmq.js
rules.quantcount.com/ 		3 B
336 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-jPLpqjKXxrKmq.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:7e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 19 Nov 2017 01:36:21 GMT
via
1.1 63c6fe97aba90610d2a46b7713c49586.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
71
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
3
x-amz-cf-id
CqfvU1R1SbxinsK1G8iiRxI-dAmsclDLaeJpq7FGF37WS_9iSzR5BQ==
ads
googleads.g.doubleclick.net/pagead/ Frame 7F3D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&adk=1812271804&adf=3025194257&lmt=1538071140&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fabnormalreturns.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538071139766&bpp=11&bdt=117&fdt=13&idt=232&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=8297605431696&frm=20&pv=2&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=33569423&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=463733034&ifi=0&fsb=1&dtd=276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2748210115748051&output=html&adk=1812271804&adf=3025194257&lmt=1538071140&plat=1%3A32776%2C2%3A16809992%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C26%3A32768%2C30%3A1081344&guci=1.2.0.0.2.2.0&format=0x0&url=https%3A%2F%2Fabnormalreturns.com%2F&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1538071139766&bpp=11&bdt=117&fdt=13&idt=232&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&nras=1&correlator=8297605431696&frm=20&pv=2&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=33569423&dssz=28&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=2&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&ppjl=u&fu=16&bc=7&osw_key=463733034&ifi=0&fsb=1&dtd=276
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Sep 2018 17:59:00 GMT
server
cafe
cache-control
private
content-length
665
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 27-Sep-2018 18:14:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 27 Sep 2018 17:59:00 GMT
osd.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 00:24:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26707
x-xss-protection
1; mode=block
server
cafe
etag
11387632783651716424
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Oct 2018 00:24:11 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 2FC2 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame C917 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=90&slotname=5061757204&adk=2474622598&adf=1887281470&w=1000&fwrn=4&fwrnh=100&lmt=1538071140&rafmt=1&guci=1.2.0.0.2.2.0&format=1000x90&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&fwr=0&rh=0&rw=1000&resp_fmts=3&wgl=1&adsid=NT&dt=1538071139780&bpp=9&bdt=132&fdt=279&idt=281&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=117&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=73253044&ifi=1&fsb=1&xpc=xAGcH6ynHR&p=https%3A//abnormalreturns.com&dtd=289
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2748210115748051&output=html&h=90&slotname=5061757204&adk=2474622598&adf=1887281470&w=1000&fwrn=4&fwrnh=100&lmt=1538071140&rafmt=1&guci=1.2.0.0.2.2.0&format=1000x90&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&fwr=0&rh=0&rw=1000&resp_fmts=3&wgl=1&adsid=NT&dt=1538071139780&bpp=9&bdt=132&fdt=279&idt=281&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=117&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&ppjl=u&pfx=0&fu=144&bc=7&osw_key=73253044&ifi=1&fsb=1&xpc=xAGcH6ynHR&p=https%3A//abnormalreturns.com&dtd=289
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Sep 2018 17:59:00 GMT
server
cafe
cache-control
private
content-length
388
x-xss-protection
1; mode=block
set-cookie
test_cookie=CheckForPermission; expires=Thu, 27-Sep-2018 18:14:00 GMT; path=/; domain=.doubleclick.net
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 27 Sep 2018 17:59:00 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 7ACF 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6780 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=6538490408&adk=3929987250&adf=2878686882&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139789&bpp=6&bdt=141&fdt=305&idt=308&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1230&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1420656107&ifi=2&fsb=1&xpc=ZZkRsfg2E9&p=https%3A//abnormalreturns.com&dtd=312
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=6538490408&adk=3929987250&adf=2878686882&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139789&bpp=6&bdt=141&fdt=305&idt=308&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1230&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1420656107&ifi=2&fsb=1&xpc=ZZkRsfg2E9&p=https%3A//abnormalreturns.com&dtd=312
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Sep 2018 17:59:00 GMT
server
cafe
cache-control
private
content-length
385
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUnOGdTVCZmfdpYspfVEOx0j3AxIwW7FEoD_8GeQkxWz1J2YSVpN_Kvyz6Ym; expires=Tue, 22-Oct-2019 17:59:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 27 Sep 2018 17:59:00 GMT
pixel;r=1936012748;source=wp;rf=0;a=p-jPLpqjKXxrKmq;url=https%3A%2F%2Fabnormalreturns.com%2F;fpan=1;fpa=P0-167250850-1538071140110;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x12...
pixel.quantserve.com/ 		35 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1936012748;source=wp;rf=0;a=p-jPLpqjKXxrKmq;url=https%3A%2F%2Fabnormalreturns.com%2F;fpan=1;fpa=P0-167250850-1538071140110;ns=0;ce=1;qjs=1;qv=4c19192-20180628134937;cm=;ref=;je=0;sr=1600x1200x24;enc=n;dst=0;et=1538071140109;tzo=0;ogl=
Requested by
Host: abnormalreturns.com
URL: https://abnormalreturns.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.140.49 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-140-49.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 27 Sep 2018 17:59:00 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-cache, no-store, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame C8ED 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 937E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=600&slotname=4782555605&adk=589923663&adf=3652105102&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&wgl=1&adsid=NT&dt=1538071139795&bpp=5&bdt=147&fdt=358&idt=360&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1709536122&ifi=3&fsb=1&xpc=TkyPwasZZt&p=https%3A//abnormalreturns.com&dtd=369
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2748210115748051&output=html&h=600&slotname=4782555605&adk=589923663&adf=3652105102&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x600&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&wgl=1&adsid=NT&dt=1538071139795&bpp=5&bdt=147&fdt=358&idt=360&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=1674&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1709536122&ifi=3&fsb=1&xpc=TkyPwasZZt&p=https%3A//abnormalreturns.com&dtd=369
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Sep 2018 17:59:00 GMT
server
cafe
cache-control
private
content-length
384
x-xss-protection
1; mode=block
set-cookie
IDE=AHWqTUn0Zrnp-PZDDK8JQfa4WiKYEnqvMdlaNg_EpwycT1T1221uB8hkPo3k3vch; expires=Tue, 22-Oct-2019 17:59:00 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires
Thu, 27 Sep 2018 17:59:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 0274 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=v1537165899310&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&cb=borbt6l0tq50
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/api2/v1537165899310/recaptcha__en.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F4gt88PrqfPEWwWNuKsgek6SqoY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=v1537165899310&k=6Ld4EBYUAAAAABT9MMnnxZUGdiFJyINE4CdeR7Nk&cb=borbt6l0tq50
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 27 Sep 2018 17:59:00 GMT
content-security-policy
script-src 'report-sample' 'nonce-F4gt88PrqfPEWwWNuKsgek6SqoY' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1128
server
GSE
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/ Frame 26C4 		196 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

date
Thu, 27 Sep 2018 17:58:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
74272
x-xss-protection
1; mode=block
server
cafe
etag
7811001293577937216
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 27 Sep 2018 17:58:59 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E692 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=2887020007&adk=3244292554&adf=4061651233&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139800&bpp=3&bdt=152&fdt=416&idt=418&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250%2C300x600&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=2541&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=185638998&ifi=4&fsb=1&xpc=cbLvMqvWiV&p=https%3A//abnormalreturns.com&dtd=428
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20180924/r20180604/show_ads_impl.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2748210115748051&output=html&h=250&slotname=2887020007&adk=3244292554&adf=4061651233&w=300&lmt=1538071140&guci=1.2.0.0.2.2.0&format=300x250&url=https%3A%2F%2Fabnormalreturns.com%2F&flash=0&avail_w=300&wgl=1&adsid=NT&dt=1538071139800&bpp=3&bdt=152&fdt=416&idt=418&shv=r20180924&cbv=r20180604&saldr=aa&abxe=1&prev_fmts=0x0%2C1000x90%2C300x250%2C300x600&nras=1&correlator=8297605431696&frm=20&pv=1&ga_vid=246848603.1538071140&ga_sid=1538071140&ga_hid=1647911491&ga_fc=0&iag=0&icsg=34393307791&dssz=29&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=293&ady=2541&biw=1585&bih=1200&scr_x=0&scr_y=0&eid=21060853&oid=3&rx=0&eae=0&fc=1808&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=185638998&ifi=4&fsb=1&xpc=cbLvMqvWiV&p=https%3A//abnormalreturns.com&dtd=428
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://abnormalreturns.com/
accept-encoding
gzip, deflate
cookie
IDE=AHWqTUnOGdTVCZmfdpYspfVEOx0j3AxIwW7FEoD_8GeQkxWz1J2YSVpN_Kvyz6Ym
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://abnormalreturns.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 27 Sep 2018 17:59:00 GMT
server
cafe
cache-control
private
content-length
386
x-xss-protection
1; mode=block
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
cs.js
sb.scorecardresearch.com/c2/16807273/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/16807273/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PZQX9M
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.115.95 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-43-115-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 27 Sep 2018 17:59:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Sun, 30 Sep 2018 17:59:01 GMT
/
sumo.com/api/load/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
112b0a52e4002660bbd84357e2911559b551ec5895040b22750a1a3893a8b047
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 27 Sep 2018 17:59:01 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx/1.12.1
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://abnormalreturns.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/png
services
sumo.com/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
x-sumo-auth

Response headers

date
Thu, 27 Sep 2018 17:59:01 GMT
server
nginx/1.12.1
access-control-allow-origin
https://abnormalreturns.com
access-control-max-age
2592000
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
services
sumo.com/ 		50 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
27880bfea5a10f6a873d5b3cd8a704a6b31d8374d92024fbb26dc78071409673
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Sumo-Auth
6MPgbUecoqJYPwFLWggGTiQd

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx/1.12.1
status
200
x-frame-options
SAMEORIGIN
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://abnormalreturns.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
service.js
sumo.b-cdn.net/virtual/e0ab496fd8c11ac322024414eb17760883e23b7c/client/js/156085c5-0017-4150-b225-a731ad248f38/ 		1001 KB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/e0ab496fd8c11ac322024414eb17760883e23b7c/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
79c7688d568edd74fffcbd6decf39927354e2f7ab8000c94089c32545ef347d4

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
last-modified
Fri, 21 Sep 2018 19:01:17 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-pullzone
31826
cdn-cachedat
2018-09-21 21:03:41
cdn-requestid
26d674bc2f92ef8456bb1de3546ad249
content-type
application/javascript
cdn-cache
HIT
expires
Sun, 21 Oct 2018 19:03:38 GMT
services.js
sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/ 		434 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/services.js
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
b283a10879fd9d4c930aca559dcddb5a488586e646989fb686bdc2cc8c817774

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
last-modified
Mon, 24 Sep 2018 23:06:03 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-pullzone
31826
cdn-cachedat
2018-09-25 01:07:23
cdn-requestid
11e8d7e57ad48ddc729215f84eb61cae
content-type
application/javascript
cdn-cache
HIT
expires
Wed, 24 Oct 2018 23:07:20 GMT
scroll
sumo.com/apps/contentanalytics/ 		43 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sumo.com/apps/contentanalytics/scroll?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000&last=&read=46&path=%2F&_=0.4501993404222058
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
date
Thu, 27 Sep 2018 17:59:02 GMT
server
nginx/1.12.1
content-type
image/gif
content-length
43
x-frame-options
SAMEORIGIN
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
sme-contactform-popup.css
sumo.b-cdn.net/virtual/22ba032e2a95e963f78eb402401e2a85c8e8ce07/client/css/ 		277 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/22ba032e2a95e963f78eb402401e2a85c8e8ce07/client/css/sme-contactform-popup.css
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/services.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
559edd6497477c8776dc19ce565d327b9f5e0d9b068b43f984f6e89bfb07bb7b

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-cachedat
2018-09-17 17:45:22
cdn-pullzone
31826
expires
Wed, 17 Oct 2018 14:16:16 GMT
last-modified
Tue, 04 Sep 2018 22:55:30 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-requestid
8a380b480e4d2c0c392831ce3deb2488
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range
sumome-share-client.css
sumo.b-cdn.net/virtual/f9601844b2965d750bb765a2a3f2d61938a7033e/client/css/ 		582 KB
43 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/f9601844b2965d750bb765a2a3f2d61938a7033e/client/css/sumome-share-client.css
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/services.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
6ccd29d8a00f2d01af1ada1d0c1c995cd405d9161e42d3dc46c61a60506410f5

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-cachedat
2018-09-17 17:45:17
cdn-pullzone
31826
expires
Wed, 17 Oct 2018 15:45:09 GMT
last-modified
Tue, 04 Sep 2018 22:55:51 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-requestid
09432234437e2dc5b898bffe11e633dc
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range
highlighter-popup.css
sumo.b-cdn.net/virtual/1603653d8bad0517eba86dd7d117133c5c02627f/client/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/1603653d8bad0517eba86dd7d117133c5c02627f/client/css/highlighter-popup.css
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/services.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
3fa4d29ea63e7b02b47ef709166bed6e16f1e34689136b4361b9a82068a7ad1c

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-cachedat
2018-09-17 17:45:16
cdn-pullzone
31826
expires
Wed, 17 Oct 2018 14:15:38 GMT
last-modified
Tue, 04 Sep 2018 22:55:36 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-requestid
75622ff16fea28d99c7c1c32aa2a2271
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 17:59:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 27 Sep 2018 17:59:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 17:59:02 GMT
listbuilder-popup.css
sumo.b-cdn.net/virtual/936205277279f153d34eb20ddee708960e846b00/client/css/listbuilder/ 		1 MB
83 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sumo.b-cdn.net/virtual/936205277279f153d34eb20ddee708960e846b00/client/css/listbuilder/listbuilder-popup.css
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/ef41f3cb6d0bf952ce805f3dd874e9b709a5258f/client/js/services/services.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
62.113.194.2 , Germany, ASN47447 (TTM, DE),
Reverse DNS
Software
BunnyCDN-DE1-367 /
Resource Hash
8e7baaa4c82ed25ea8992739a2d5d6a3c7914804dd353cf738c0476176a6b927

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cdn-cachedat
2018-09-05 00:56:51
cdn-pullzone
31826
expires
Thu, 04 Oct 2018 22:56:48 GMT
last-modified
Tue, 04 Sep 2018 22:55:45 GMT
server
BunnyCDN-DE1-367
vary
Accept-Encoding
content-type
text/css
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=2592000
cdn-requestid
b7ef3a5f6631f30cd59973e5a7327492
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Range
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Range
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
x-sumo-auth

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
server
nginx/1.12.1
access-control-allow-origin
https://abnormalreturns.com
access-control-max-age
2592000
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
x-sumo-auth

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
server
nginx/1.12.1
access-control-allow-origin
https://abnormalreturns.com
access-control-max-age
2592000
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		1 KB
932 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
8022030c648350c4cfa4571166188fc41821eeb604206f25c19e7b5fe3cea172
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Sumo-Auth
6MPgbUecoqJYPwFLWggGTiQd

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx/1.12.1
status
200
etag
"1325058455"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://abnormalreturns.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		1 KB
952 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
8022030c648350c4cfa4571166188fc41821eeb604206f25c19e7b5fe3cea172
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Sumo-Auth
6MPgbUecoqJYPwFLWggGTiQd

Response headers

date
Thu, 27 Sep 2018 17:59:02 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx/1.12.1
status
200
etag
"1325058455"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://abnormalreturns.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
css
fonts.googleapis.com/ 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:900,900italic,800,800italic,700,700italic,600,600italic,500,500italic,400,400italic,300,300italic,200,200italic,100,100italic
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/e0ab496fd8c11ac322024414eb17760883e23b7c/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Thu, 27 Sep 2018 17:59:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Thu, 27 Sep 2018 17:59:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Thu, 27 Sep 2018 17:59:02 GMT
1dcbf4c7840b65dcc6ec115025bb53468f14917afcf97a03f05a0d4b2844e897
media.sumo.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sumo.com/1dcbf4c7840b65dcc6ec115025bb53468f14917afcf97a03f05a0d4b2844e897
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/e0ab496fd8c11ac322024414eb17760883e23b7c/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
8c84d8f1fe9b8a73e43771a318ae955e1871d2397e15e670082bfb0352ffd7f7

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:05 GMT
x-amz-request-id
7A9141A271CC12A0
x-edge-location
defr
x-cache
HIT
status
200
content-disposition
attachment; filename="AR.png"; filename*=UTF-8''AR.png
content-length
65326
x-amz-id-2
PV/T4JZdxAuC6A+TGJEz6qRS1Bt6dewyINuTh/7/GJ/C/wejZL+T+apkSxxPWcnu77Bc1feiITs=
last-modified
Mon, 26 Jun 2017 20:07:43 GMT
server
keycdn-engine
etag
"226a96f49ac9e07f89b7036cc08b85a8-1"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
link
<http://sumome-media.s3.amazonaws.com/1dcbf4c7840b65dcc6ec115025bb53468f14917afcf97a03f05a0d4b2844e897>; rel="canonical"
expires
Fri, 27 Sep 2019 23:48:05 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: sumo.b-cdn.net
URL: https://sumo.b-cdn.net/virtual/e0ab496fd8c11ac322024414eb17760883e23b7c/client/js/156085c5-0017-4150-b225-a731ad248f38/service.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Origin
https://abnormalreturns.com

Response headers

date
Fri, 21 Sep 2018 11:14:28 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 21:49:46 GMT
server
sffe
age
542674
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
8892
x-xss-protection
1; mode=block
expires
Sat, 21 Sep 2019 11:14:28 GMT
/
sumo.com/api/event/ 		2 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sumo.com/api/event/?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000&app_id=156085c5-0017-4150-b225-a731ad248f38&shortcut_id=&visitor_id=d9cf845465216178b56d2327d82841167c5e96b94edbbf61d9ec0de78feff601&event=popup&href=https%3A%2F%2Fabnormalreturns.com%2F&ref=&cache=0.9080671579505044
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
vary
Accept-Encoding
server
nginx/1.12.1
etag
"-684271315"
x-frame-options
SAMEORIGIN
content-type
text/plain
status
200
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/ 		2 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sumo.com/api/event/?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000&app_id=156085c5-0017-4150-b225-a731ad248f38.3b11ed1f3418d1e40290dc4688352f1c057a8ebedbe586811be70b6e63c1dbfe&shortcut_id=&visitor_id=d9cf845465216178b56d2327d82841167c5e96b94edbbf61d9ec0de78feff601&event=popup&href=https%3A%2F%2Fabnormalreturns.com%2F&ref=&cache=0.9918839865032665
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
vary
Accept-Encoding
server
nginx/1.12.1
etag
"-684271315"
x-frame-options
SAMEORIGIN
content-type
text/plain
status
200
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/ 		2 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sumo.com/api/event/?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000&app_id=156085c5-0017-4150-b225-a731ad248f38.dcb24c9bb297df6f43993fbd12e0f28f6ed9109bfc6f8867f030eb9d9a124056&shortcut_id=&visitor_id=d9cf845465216178b56d2327d82841167c5e96b94edbbf61d9ec0de78feff601&event=popup&href=https%3A%2F%2Fabnormalreturns.com%2F&ref=&cache=0.5827580088352458
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
vary
Accept-Encoding
server
nginx/1.12.1
etag
"-684271315"
x-frame-options
SAMEORIGIN
content-type
text/plain
status
200
x-robots-tag
noindex, nofollow
content-length
2
/
sumo.com/api/event/ 		2 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sumo.com/api/event/?site_id=904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000&app_id=156085c5-0017-4150-b225-a731ad248f38.3b11ed1f3418d1e40290dc4688352f1c057a8ebedbe586811be70b6e63c1dbfe.dcb24c9bb297df6f43993fbd12e0f28f6ed9109bfc6f8867f030eb9d9a124056&shortcut_id=&visitor_id=d9cf845465216178b56d2327d82841167c5e96b94edbbf61d9ec0de78feff601&event=popup&href=https%3A%2F%2Fabnormalreturns.com%2F&ref=&cache=0.14684707941771857
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.148.199.253 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-148-199-253.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
vary
Accept-Encoding
server
nginx/1.12.1
etag
"-684271315"
x-frame-options
SAMEORIGIN
content-type
text/plain
status
200
x-robots-tag
noindex, nofollow
content-length
2
45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30
media.sumo.com/ 		283 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.sumo.com/45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c037855cd066624d34ec96ab3c369756d7c4dfc82ba988b8b0e4df0ced19de5f

Request headers

Referer
https://abnormalreturns.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:05 GMT
x-amz-request-id
2D201A4EF6CFE80D
x-edge-location
defr
x-cache
HIT
status
200
content-disposition
attachment; filename="close-03.svg"; filename*=UTF-8''close-03.svg
content-length
283
x-amz-id-2
hfNnXFh8+4on+JIU/EL6RURa4UULRMtNzc9p/H9XafPxghk8ur4KzumYKfKZKGfKKtrdc/9abB8=
last-modified
Wed, 10 May 2017 23:42:10 GMT
server
keycdn-engine
etag
"502d300e7b61b8d2d5ecc901e3284d03-1"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
link
<http://sumome-media.s3.amazonaws.com/45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30>; rel="canonical"
expires
Fri, 27 Sep 2019 23:48:05 GMT
45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30
media.sumo.com/ 		283 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://media.sumo.com/45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.172.148.132 , Germany, ASN44239 (PROINITY PROINITY, DE),
Reverse DNS
Software
keycdn-engine /
Resource Hash
c037855cd066624d34ec96ab3c369756d7c4dfc82ba988b8b0e4df0ced19de5f

Request headers

Accept
application/json, text/plain, */*
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 27 Sep 2018 17:59:05 GMT
x-amz-request-id
2D201A4EF6CFE80D
x-edge-location
defr
x-cache
HIT
status
200
content-disposition
attachment; filename="close-03.svg"; filename*=UTF-8''close-03.svg
content-length
283
x-amz-id-2
hfNnXFh8+4on+JIU/EL6RURa4UULRMtNzc9p/H9XafPxghk8ur4KzumYKfKZKGfKKtrdc/9abB8=
last-modified
Wed, 10 May 2017 23:42:10 GMT
server
keycdn-engine
etag
"502d300e7b61b8d2d5ecc901e3284d03-1"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31556940
accept-ranges
bytes
link
<http://sumome-media.s3.amazonaws.com/45d154f11c85fe61b30739cd787b14949801114f5d495d37e173996de74e0e30>; rel="canonical"
expires
Fri, 27 Sep 2019 23:48:05 GMT
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
GET
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
x-sumo-auth

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
server
nginx/1.12.1
access-control-allow-origin
https://abnormalreturns.com
access-control-max-age
2592000
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
features
sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/ 		1 KB
953 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/904af20038a5f900922eab000d1af000a355ad005a7d8500e0f95d008a687000/features
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.200.150.117 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-54-200-150-117.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
8022030c648350c4cfa4571166188fc41821eeb604206f25c19e7b5fe3cea172
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://abnormalreturns.com/
Origin
https://abnormalreturns.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-Sumo-Auth
6MPgbUecoqJYPwFLWggGTiQd

Response headers

date
Thu, 27 Sep 2018 17:59:03 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx/1.12.1
status
200
etag
"1325058455"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://abnormalreturns.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ___grecaptcha_cfg object| grecaptcha boolean| __google_recaptcha_client object| _wpemojiSettings object| adsbygoogle string| GoogleAnalyticsObject function| ga object| dataLayer object| ldAdInit object| google_tag_data object| gaplugins object| sa object| gaGlobal object| gaData object| twemoji object| wp object| google_js_reporting_queue object| google_ad_modifications boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken object| google_reactive_ads_global_state function| google_spfd object| google_sv_map object| google_t12n_vars object| google_jobrunner object| google_iframe_oncopy number| google_unique_id string| ajaxurl function| sumo_add_woocommerce_coupon function| sumo_remove_woocommerce_coupon function| sumo_get_woocommerce_cart_subtotal object| _qevents object| _ldAdIdMap object| google_tag_manager object| recaptcha function| resizeHeaderAd undefined| $ function| jQuery object| jQuery11240018450357006785767 object| closure_lm_958685 function| quantserve function| __qc object| ezt object| _qoptions object| google_persistent_state_async object| google_pub_config object| __google_ad_urls number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_AdSense_getAdAdapterInstance boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb boolean| google_ama_all_ads_detection_enabled object| sumo boolean| __smLoaded object| jQuery110207207190678794013 boolean| currentUrlIncluded

12 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUn0Zrnp-PZDDK8JQfa4WiKYEnqvMdlaNg_EpwycT1T1221uB8hkPo3k3vch
.lockerdome.com/ Name: __utmb
Value: 197528754.2.10.1538071140
.lockerdome.com/ Name: __utmt
Value: 1
.abnormalreturns.com/ Name: _gat_UA-55944108-1
Value: 1
.lockerdome.com/ Name: __utmz
Value: 197528754.1538071140.1.1.utmcsr=abnormalreturns.com|utmccn=(referral)|utmcmd=referral|utmcct=/
abnormalreturns.com/ Name: __smVID
Value: d9cf845465216178b56d2327d82841167c5e96b94edbbf61d9ec0de78feff601
.lockerdome.com/ Name: __utmc
Value: 197528754
.lockerdome.com/ Name: __utma
Value: 197528754.677164988.1538071140.1538071140.1538071140.1
.abnormalreturns.com/ Name: _gat
Value: 1
.abnormalreturns.com/ Name: _ga
Value: GA1.2.246848603.1538071140
.abnormalreturns.com/ Name: __qca
Value: P0-167250850-1538071140110
.abnormalreturns.com/ Name: _gid
Value: GA1.2.139251583.1538071140

3 Console Messages

Source Level URL
Text
console-api log URL: https://abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/application.min.js(Line 4)
Message:
JQMIGRATE: Migrate is installed with logging active, version 1.4.1
console-api warning URL: https://abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/application.min.js(Line 4)
Message:
JQMIGRATE: 'ready' event is deprecated
console-api log URL: https://abnormalreturns.com/wp-content/themes/abnormalreturns/library/public/application.min.js(Line 4)
Message:
console.trace

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

abnormalreturns.com
adservice.google.com
adservice.google.de
cdn1.lockerdome.com
cdn2.lockerdome.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
load.sumo.com
lockerdome.com
media.sumo.com
pagead2.googlesyndication.com
pixel.quantserve.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
stats.g.doubleclick.net
sumo.b-cdn.net
sumo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
18.195.140.49
18.197.206.75
185.172.148.132
192.124.249.169
23.43.115.95
2600:9000:200c:7e00:6:44e3:f8c0:93a1
2a00:1450:4001:816::2002
2a00:1450:4001:816::2003
2a00:1450:4001:816::2004
2a00:1450:4001:816::2008
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:4001:81a::2002
2a00:1450:4001:81b::2002
2a00:1450:400c:c00::9c
38.140.99.21
54.148.199.253
54.200.150.117
54.230.95.139
54.230.95.79
54.68.56.226
62.113.194.2
01be295d9648229a5eed43b6c27836a569362324ceee92e99a4f40e23ee0c464
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
112b0a52e4002660bbd84357e2911559b551ec5895040b22750a1a3893a8b047
124df0ebd25738ff91943e2da501f22ae70f6c9f87b7fe672de8d6af9ab553b4
26e0b406fb2610ba6e2d2e1aff2fd26fecc8c96a52ce64641c7d7aaa5965d34b
27880bfea5a10f6a873d5b3cd8a704a6b31d8374d92024fbb26dc78071409673
2a229cf0200b94777172b07f22d4ecc9aca880385a3d439ca95bbffc2d28fa57
36a6eb4aaf097f7c7c1ad5318e8028f57e5e006c404b6ac38ad919f8f4696b58
3960e6b1b2180f927632341f89b9f18bab7ea7c942e742e5de12a697cd2a1a40
3fa4d29ea63e7b02b47ef709166bed6e16f1e34689136b4361b9a82068a7ad1c
403e59d59639812ed775bfbd8872802f38695160b0adebaa56b76f57c11d7327
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
4c98ba9fcd2e7c8a9417933865a2ac9d733af6d14c848e1a83fda13fa461445d
559edd6497477c8776dc19ce565d327b9f5e0d9b068b43f984f6e89bfb07bb7b
60cdebfc458c17234f59ed48d38d31c7b075af5da871f17f403e201f2576a520
6ccd29d8a00f2d01af1ada1d0c1c995cd405d9161e42d3dc46c61a60506410f5
6f01cd141422005ab5880e329c34b6df03b52b41464fd707fac7602e3dd84dc0
729033cc60e54762fdbb94ec59f8cf3db90ac06ac6931f0aa530ea0c3073c2d9
734371ae3281d7a36957ab5d66796041b7cfa199ecc0a58c51cad5322587cc3e
73d1dcdda95dca27d54de4d659775365c4a1d3c68756df11df0949f91501179b
7972cc95bc2c74a7889c1d41aecbea9d157ed8f89fbb39be8aafd250f71600d0
79c7688d568edd74fffcbd6decf39927354e2f7ab8000c94089c32545ef347d4
7e7fa886d5d75c745d95be4fc3c5bfb4c988019b3f643c669734612345e1b8c8
8022030c648350c4cfa4571166188fc41821eeb604206f25c19e7b5fe3cea172
817530c7eb9efc094e619ba8212fc07f6d722e7d4de40569ea0178a71c21f868
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8c055f4fc89b73bc480ac07d607782cb3482fc98cbec6f89135ff76ce5512280
8c84d8f1fe9b8a73e43771a318ae955e1871d2397e15e670082bfb0352ffd7f7
8e7baaa4c82ed25ea8992739a2d5d6a3c7914804dd353cf738c0476176a6b927
8f089a30ad57685485ee7155d913c25f194450ac4e0677f4d8805c19c4f27e0a
9092e0fdc26ae9defbc82084e33fb7e24b56f894a517a7cbabf2e3a4b06d3697
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
afc6b25a872f86def7368a612ecfbc5b891894593c55696a2dcf42211818dc56
b283a10879fd9d4c930aca559dcddb5a488586e646989fb686bdc2cc8c817774
b5dbd74382713a3b9aeeaee8313b73679177dc6c3f513f68f8d9aab6fea9ac57
bd834fdd2e7697c615a3340370be7f99aad843dc2ecd5a687db06e60cb52680d
c037855cd066624d34ec96ab3c369756d7c4dfc82ba988b8b0e4df0ced19de5f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
e2f8895970c9774cbc67344d9100532f5107e5c819404c4b00ee0fa80f14b393
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a889e4c6c9d69f0d125ba55f27e87256a9f43582eacdacc6cf9a60b04fd3c8
ed17a6e7532cc3065f9fbd8f607dfd30e09b4531ada9f7cb5732a2bf6cf6744c
f168660bccd9cabcb94cc62553eca65899b986b6717fe6c6593758fdcae712e5
f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896