www.thebureauinvestigates.com Open in urlscan Pro
2606:4700:10::6816:4f56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Submission: On December 07 via manual (December 7th 2021, 12:56:07 pm UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 11 domains to perform 73 HTTP transactions. The main IP is 2606:4700:10::6816:4f56, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thebureauinvestigates.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time www.thebureauinvestigates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	2606:4700:10:... 2606:4700:10::6816:4f56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:20e... 2600:9000:20eb:bc00:1d:2792:2640:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700:20:... 2606:4700:20::681a:17b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.87.47 13.225.87.47	16509 (AMAZON-02) (AMAZON-02)
12	13.224.189.66 13.224.189.66	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
73	11

37 2606:4700:10::6816:4f56 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thebureauinvestigates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets2.thebureauinvestigates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20eb:bc00:1d:2792:2640:21 (United States)

ASN16509 (AMAZON-02, US)

d3cocnzdt9u6c9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:17b (United States)

ASN13335 (CLOUDFLARENET, US)

flo.uri.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-47.fra2.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.224.189.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-66.fra2.r.cloudfront.net

public.flourish.studio	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	thebureauinvestigates.com www.thebureauinvestigates.com assets2.thebureauinvestigates.com	591 KB
12	flourish.studio public.flourish.studio	588 KB
10	cloudfront.net d3cocnzdt9u6c9.cloudfront.net	1 MB
3	google-analytics.com www.google-analytics.com	40 KB
3	uri.sh flo.uri.sh	85 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	omappapi.com api.omappapi.com a.omappapi.com	9 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	facebook.net connect.facebook.net	26 KB
1	opmnstr.com a.opmnstr.com	59 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
73	11

	Domain	Requested by
31	www.thebureauinvestigates.com	www.thebureauinvestigates.com
12	public.flourish.studio	flo.uri.sh
10	d3cocnzdt9u6c9.cloudfront.net	www.thebureauinvestigates.com
6	assets2.thebureauinvestigates.com	www.thebureauinvestigates.com
3	www.google-analytics.com	flo.uri.sh www.google-analytics.com a.opmnstr.com
3	flo.uri.sh	www.thebureauinvestigates.com flo.uri.sh
2	fonts.gstatic.com	fonts.googleapis.com
1	a.omappapi.com	a.opmnstr.com
1	fonts.googleapis.com	flo.uri.sh
1	api.omappapi.com	a.opmnstr.com
1	connect.facebook.net	www.thebureauinvestigates.com
1	a.opmnstr.com	www.thebureauinvestigates.com
1	www.googletagmanager.com	www.thebureauinvestigates.com
73	13

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.bloomberg.com
www.moodys.com
www.dhs.gov
citizenlab.ca
pgp.mit.edu

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a.opmnstr.com R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-15` - `2021-12-14`	3 months	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
public.flourish.studio Amazon	`2021-05-31` - `2022-06-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a.omappapi.com R3	`2021-11-15` - `2022-02-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-08` - `2022-01-31`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Frame ID: 9D06F9CC16045C75A26DB67BDEC79ED1
Requests: 53 HTTP requests in this frame

Frame: https://flo.uri.sh/visualisation/7876823/embed
Frame ID: EC2CB164006CFC91570B343A7F7DD379
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Swiss tech company boss accused of selling mobile network access for spying — The Bureau of Investigative Journalism (en-GB)

Page Statistics

73
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

11
IPs

2
Countries

2578 kB
Transfer

3838 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thebureauinvestigates
Title: The Bureau on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TBIJ
Title: The Bureau on Twitter

Search URL Search Domain Scan URL

URL: https://twitter.com/home?status=Swiss%20tech%20company%20boss%20accused%20of%20selling%20mobile%20network%20access%20for%20spying%20https%3A%2F%2Fwww.thebureauinvestigates.com%2Fstories%2F2021-12-06%2Fswiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.thebureauinvestigates.com%2Fstories%2F2021-12-06%2Fswiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://www.bloomberg.com/news/articles/2021-12-06/this-swiss-tech-exec-is-said-to-have-operated-a-secret-surveillance-operation?srnd=premium-europe
Title: Read the story

Search URL Search Domain Scan URL

URL: https://www.moodys.com/research/Moodys-assigns-B2-CFR-to-NSO-Group-outlook-stable--PR_396559
Title: as high as $12 billion

Search URL Search Domain Scan URL

URL: https://www.dhs.gov/sites/default/files/publications/DHS%20Study%20on%20Mobile%20Device%20Security%20-%20April%202017-FINAL.pdf
Title: Department of Homeland Security report in 2017

Search URL Search Domain Scan URL

URL: https://citizenlab.ca/2020/12/running-in-circles-uncovering-the-clients-of-cyberespionage-firm-circles/
Title: Citizen Lab

Search URL Search Domain Scan URL

URL: https://twitter.com/@cr0ft0n
Title: Twitter

Search URL Search Domain Scan URL

URL: https://pgp.mit.edu/pks/lookup?op=get&search=0x9F1D0B694D36AECA
Title: PGP

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

73 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying Show response
www.thebureauinvestigates.com/stories/2021-12-06/ 606 KB
85 KB 101ms
41ms Document
text/html 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Craft CMS

Resource Hash

5654f1ca3b17ced176db271ce2c4d92ba87a094f503ffd476abbdba186edae0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-type: text/html; charset=UTF-8
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
x-robots-tag: all
last-modified: Tue, 07 Dec 2021 11:59:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1521
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b9de9630b2859cb-MXP
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 main.1631957150.css
www.thebureauinvestigates.com/assets/css/ 125 KB
20 KB 73ms
72ms Stylesheet
text/css 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180f2195bdae3f048def74498667ae08206a1f7d08a3d2085cf019b463ed1804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 6b9de9636c0f59cb-MXP
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 18 Sep 2021 09:25:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qzmi722qj2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=14400
x-robots-tag: all

GET
H2 200 comments.css
www.thebureauinvestigates.com/cpresources/c054fe9/css/ 9 KB
3 KB 36ms
36ms Stylesheet
text/css 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/cpresources/c054fe9/css/comments.css?v=1635341923

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

d91c59b5ff2cbe4afd1d1332cf49db12a630ddcfd3e4d1e1d2ed4cdeee4e3de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1520
x-powered-by: PHP/7.4.5
content-disposition: inline; filename="comments.css"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Tue, 07 Dec 2021 12:19:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: max-age=14400, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b9de9636c1359cb-MXP
expires: 0

GET
H2 200 cookieCutter.min.1617798521.js Show response
www.thebureauinvestigates.com/assets/js/ 15 KB
6 KB 66ms
66ms Script
application/javascript 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/js/cookieCutter.min.1617798521.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef3392ac9ca52c6155d0b174afc69e3b26638715d3d76be1a7b9cc7bba3af14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 6b9de9636c1559cb-MXP
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btbtn"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: all

GET
H2 200 app.1629228031.js Show response
www.thebureauinvestigates.com/assets/js/dist/ 101 KB
36 KB 67ms
66ms Script
application/javascript 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/js/dist/app.1629228031.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38ba920d1fc6f4f4a111b0dbfdb1919e14f5bf78c76fccf035c19da36ad3d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 6b9de9636c1759cb-MXP
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Aug 2021 19:20:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qy00e727ml"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 tbij-logo.svg
www.thebureauinvestigates.com/assets/img/ 5 KB
2 KB 27ms
27ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/tbij-logo.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6f595b46870d56769cd55c72f847ffdbac2d3789ca9de357ac01c55eb33deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1762
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt3v7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963ddb3692b-FRA

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3R3by1zdGVwcy12ZXJpZmljYXRpb24uanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc...
d3cocnzdt9u6c9.cloudfront.net/ 104 KB
104 KB 97ms
25ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3R3by1zdGVwcy12ZXJpZmljYXRpb24uanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjoxNjAwLCJmaXQiOiJpbnNpZGUiLCJwb3NpdGlvbiI6ImJvdHRvbSJ9LCJzaGFycGVuIjp0cnVlfX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a4f91df341ae2c5fb9c5fb02dec1189546c594a27f8f025ab57f59e5144d8b37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 08:11:56 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 103445
x-amzn-requestid: 23d3e512-c287-479c-a204-c26728e0c9fe
x-cache: Hit from cloudfront
x-amz-apigw-id: J6vX4H5hIAMFizw=
content-length: 106210
last-modified: Fri, 26 Nov 2021 11:19:14 GMT
x-amzn-trace-id: Root=1-61adc5cb-0196dd124fd2c29240b07770;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: dCsT1Daaq9ZZvzFSmqVRYdDDvaOm4ob4rMsEswXZhivGV6HYh9IrxA==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9ibG9vbWJlcmcxLnBuZyIsImVkaXRzIjp7InBuZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZ...
d3cocnzdt9u6c9.cloudfront.net/ 3 KB
3 KB 81ms
9ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9ibG9vbWJlcmcxLnBuZyIsImVkaXRzIjp7InBuZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZX0sInJlc2l6ZSI6eyJ3aWR0aCI6MzQwLCJoZWlnaHQiOjgwLCJmaXQiOiJpbnNpZGUifX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2017083781de3e396e0cdd7938eca60ad968e62dc3b6846c188e7d55a8173f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:56:16 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 104384
x-amzn-requestid: 1a80bfc7-e4ea-4110-a4bd-13fbdd542e3c
x-cache: Hit from cloudfront
x-amz-apigw-id: J6tFKFMioAMFaiA=
content-length: 2892
last-modified: Thu, 18 Nov 2021 16:22:37 GMT
x-amzn-trace-id: Root=1-61adc220-73a4129f4246b26730f63d16;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: gECmQSjU6wTB317uc74vYXYwh8yUaRNZ8AJgPIGEokyjwmrE_Wl8ig==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0dvb2dsZS10d28tc3RlcC12ZXJpZmljYXRpb24uanBlZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsI...
d3cocnzdt9u6c9.cloudfront.net/ 20 KB
21 KB 103ms
31ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0dvb2dsZS10d28tc3RlcC12ZXJpZmljYXRpb24uanBlZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzYXRpb24iOnRydWUsIm92ZXJzaG9vdERlcmluZ2luZyI6dHJ1ZSwib3B0aW1pemVTY2FucyI6dHJ1ZX0sInJlc2l6ZSI6eyJ3aWR0aCI6NjMwLCJmaXQiOiJpbnNpZGUifSwic2hhcnBlbiI6dHJ1ZX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf91aca035854f1e1f4776af5fe13d5483ad574e563118d671e1e25472c30bbf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:56:17 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 104384
x-amzn-requestid: 1d21caa7-81d4-4956-b61b-5879c1049fd4
x-cache: Hit from cloudfront
x-amz-apigw-id: J6tFKFM1oAMFVGA=
content-length: 20710
last-modified: Fri, 26 Nov 2021 15:46:31 GMT
x-amzn-trace-id: Root=1-61adc220-034e81eb4c0c8e3c331c14d8;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: CamxFhfYAU6VRxBEJw-2esdUzpkx5hMNif2abB0O3I98ER7K_sSxNQ==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2N0YXMvSWxqYS1Hb3JlbGlrLnBuZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFud...
d3cocnzdt9u6c9.cloudfront.net/ 49 KB
50 KB 104ms
33ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2N0YXMvSWxqYS1Hb3JlbGlrLnBuZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzYXRpb24iOnRydWUsIm92ZXJzaG9vdERlcmluZ2luZyI6dHJ1ZSwib3B0aW1pemVTY2FucyI6dHJ1ZX0sInJlc2l6ZSI6eyJ3aWR0aCI6NjMwLCJmaXQiOiJpbnNpZGUifSwic2hhcnBlbiI6dHJ1ZX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a103d85792beb901a626ec4e45f362eba0c1295b3e79cc4fe1922b6d733282b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:56:17 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 104384
x-amzn-requestid: b37a2919-29d5-4e5d-a19f-d28a49fd015c
x-cache: Hit from cloudfront
x-amz-apigw-id: J6tFLEFooAMFphg=
content-length: 50312
last-modified: Fri, 26 Nov 2021 17:17:01 GMT
x-amzn-trace-id: Root=1-61adc220-761b433f19ed5af0735e9a8c;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: qP8D4x05mvdINjGISbzznG3ufkaLVAVHpvv4m_2yrrj-8nJRd1u2kw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1ZpZXctb2YtWnVncy1vbGQtdG93bi1hbmQtTGFrZS1adWcuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmY...
d3cocnzdt9u6c9.cloudfront.net/ 509 KB
510 KB 83ms
12ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1ZpZXctb2YtWnVncy1vbGQtdG93bi1hbmQtTGFrZS1adWcuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjoxNjAwLCJmaXQiOiJpbnNpZGUifSwic2hhcnBlbiI6dHJ1ZX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2deb582b571f4adfe165dcec649aa282263b55718602c65433c41de58708defe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 08:46:54 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 101346
x-amzn-requestid: a1625eae-bf49-4ce6-a30a-d338687e834c
x-cache: Hit from cloudfront
x-amz-apigw-id: J60frGB6oAMFnhg=
content-length: 520778
last-modified: Fri, 26 Nov 2021 11:41:14 GMT
x-amzn-trace-id: Root=1-61adcdfd-4bf2e2f065f17f9f6c12b653;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: YzAybaUmZ_kdd-SOO794prqdIAz8lggU5-h1wmdph4ze6jDkfQ9gEw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1JpdmVyc2lkZS1pbi1CZWxncmFkZS5qcGciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzU...
d3cocnzdt9u6c9.cloudfront.net/ 371 KB
372 KB 106ms
35ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1JpdmVyc2lkZS1pbi1CZWxncmFkZS5qcGciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhbnRpc2F0aW9uIjp0cnVlLCJvdmVyc2hvb3REZXJpbmdpbmciOnRydWUsIm9wdGltaXplU2NhbnMiOnRydWV9LCJyZXNpemUiOnsid2lkdGgiOjE2MDAsImZpdCI6Imluc2lkZSJ9LCJzaGFycGVuIjp0cnVlfX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 101e8898b9427eddee9a43aa3fe8dc77c07b0b28e1680fc08ba852049d32f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 08:46:54 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 101347
x-amzn-requestid: 5f8882c4-45df-41ef-ac52-ff73f561ee92
x-cache: Hit from cloudfront
x-amz-apigw-id: J60fqHuuoAMF4Xg=
content-length: 379732
last-modified: Fri, 26 Nov 2021 11:35:30 GMT
x-amzn-trace-id: Root=1-61adcdfd-3b29f9ae472fcbfa10e4008b;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: W5VwRo4bJ3v1jeRJFfA4HNdLZzv6Mq4-Yrzn_2PtVhlRcvy-PbQZlw==

GET
H3 200 email-decode.min.js Show response
www.thebureauinvestigates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
936 B 11ms
11ms Script
application/javascript 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Dec 2021 12:21:00 GMT
server: cloudflare
etag: W/"61a768ac-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6b9de963dda9692b-FRA
vary: Accept-Encoding
expires: Thu, 09 Dec 2021 12:56:01 GMT

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1dvbWFuLWNoZWNraW5nLVNNUy1lbWFpbC1vbi1zbWFydHBob25lLmpwZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2Z...
d3cocnzdt9u6c9.cloudfront.net/ 5 KB
6 KB 32ms
30ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1dvbWFuLWNoZWNraW5nLVNNUy1lbWFpbC1vbi1zbWFydHBob25lLmpwZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzYXRpb24iOnRydWUsIm92ZXJzaG9vdERlcmluZ2luZyI6dHJ1ZSwib3B0aW1pemVTY2FucyI6dHJ1ZX0sInJlc2l6ZSI6eyJ3aWR0aCI6MzA1LCJoZWlnaHQiOjE4MywiZml0IjoiY292ZXIifX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c7506adfe37f650c804dc225d978c43926c8d4b6451464b6fcc749f281af46a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 07:56:17 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 104384
x-amzn-requestid: b8e1f3f5-f1dc-418a-a279-73a41065032e
x-cache: Hit from cloudfront
x-amz-apigw-id: J6tFLFYCIAMFp2w=
content-length: 5310
last-modified: Fri, 26 Nov 2021 12:52:33 GMT
x-amzn-trace-id: Root=1-61adc220-2704607e7a65fa4130f5d020;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: M1FtEjxKPW7MKagiR2DQ0E2TYPM7c9eij8YgKs47UxB19Q8erRU7aw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3JhbWRldi1jb3JvbmlsLmpwZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzY...
d3cocnzdt9u6c9.cloudfront.net/ 8 KB
9 KB 38ms
36ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3JhbWRldi1jb3JvbmlsLmpwZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzYXRpb24iOnRydWUsIm92ZXJzaG9vdERlcmluZ2luZyI6dHJ1ZSwib3B0aW1pemVTY2FucyI6dHJ1ZX0sInJlc2l6ZSI6eyJ3aWR0aCI6MzA1LCJoZWlnaHQiOjE4MywiZml0IjoiY292ZXIiLCJwb3NpdGlvbiI6InRvcCJ9fX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b620260ce18788f5a0588213eb372138def70f252373173803b0337201f848a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 09:52:35 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 97406
x-amzn-requestid: 46267f0c-98fb-4592-bc0b-6d0d27fe18ba
x-cache: Hit from cloudfront
x-amz-apigw-id: J6-HgGhBIAMFw3w=
content-length: 8450
last-modified: Fri, 04 Jun 2021 16:38:42 GMT
x-amzn-trace-id: Root=1-61addd63-512aaef6626de70b10df0455;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: E275_7OqhEXolFm8SvTqVQubYrXZKjyaZPl-yXcUXljaKa8cbsAWhg==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0FsYW15LXNhZC1jb3VwbGUuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50a...
d3cocnzdt9u6c9.cloudfront.net/ 8 KB
9 KB 62ms
60ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0FsYW15LXNhZC1jb3VwbGUuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjozMDUsImhlaWdodCI6MTgzLCJmaXQiOiJjb3ZlciJ9fX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e56b640788bf4ac34fc34ba080b2bbec449ac7a07089e68095a040df7b2f270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 23:16:34 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 49166
x-amzn-requestid: 17692e99-492d-4b3d-aeeb-d59eae79ec92
x-cache: Hit from cloudfront
x-amz-apigw-id: J8z47FaBoAMF4Vg=
content-length: 8610
last-modified: Tue, 16 Mar 2021 11:21:11 GMT
x-amzn-trace-id: Root=1-61ae99d2-51d4eef02e4cd96867887520;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: O7_5GciOwMKts5YdRXGbWdyZXbOjiwIHF6sJkdKIIMyOVJFeAo6waA==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1NjcmVlbnNob3QtMjAyMS0wNC0wNy1hdC0xMS4zMC4wMC5wbmciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhb...
d3cocnzdt9u6c9.cloudfront.net/ 27 KB
27 KB 47ms
45ms Image
image/webp 2600:9000:20eb:bc00:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1NjcmVlbnNob3QtMjAyMS0wNC0wNy1hdC0xMS4zMC4wMC5wbmciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhbnRpc2F0aW9uIjp0cnVlLCJvdmVyc2hvb3REZXJpbmdpbmciOnRydWUsIm9wdGltaXplU2NhbnMiOnRydWV9LCJyZXNpemUiOnsid2lkdGgiOjMwNSwiaGVpZ2h0IjoxODMsImZpdCI6ImNvdmVyIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:bc00:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 24218021ee2c4250f385550d45828f829d73799d83c7e197f36d206c6b120843

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 09:33:54 GMT
via: 1.1 f046bfa1468bb4385e357c8c9128cf51.cloudfront.net (CloudFront)
age: 357727
x-amzn-requestid: ead90883-ed82-41db-ab6e-ccccfb6ad2f4
x-cache: Hit from cloudfront
x-amz-apigw-id: JxCkWEORIAMFiWw=
content-length: 27348
last-modified: Wed, 07 Apr 2021 10:48:35 GMT
x-amzn-trace-id: Root=1-61a9e482-7220c631127ee3411edf7b31;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: MJ79CWz-wedFnaHc3CxIPKh141yE0mJpmk1k16sIb2zcj0cYpCVRrA==

GET
H3 200 footer-logo.svg
www.thebureauinvestigates.com/assets/img/ 11 KB
4 KB 56ms
54ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/footer-logo.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a430d07aaf86f36cfd042ccdcd43afc9b8bc116362801125a04efee9110491f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt8eg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6b9de963fdf9692b-FRA

GET
H2 200 icon-topic-corporations.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 4 KB
1 KB 41ms
29ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-corporations.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cdf00fa550a08c8b3ef33c9f7e29260a994baa9eeb90b6fbc20f1fa65a585d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:31 GMT
server: cloudflare
age: 271750
etag: W/"c7d730b2dae411e24b567be193109b99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9640dab59cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EEW41D0QZ03W24SY
x-amz-id-2: 1iBdsdiwWL20XvjOxOj4ksLTdqJQT5YaEgRkLSTmmUZx9KD2QbqvJjYq6sspAmOYmOBjm7qtiCY=

GET
H2 200 icon-topic-amr.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 1 KB
705 B 43ms
31ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-amr.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441f1443d286027c5db7bb36b0d780f2e8d2bb5ef96caeba07718e1d32d2f163

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:21 GMT
server: cloudflare
age: 271750
etag: W/"a797b7d14d4583e9ced06af322c102e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9640daf59cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EEW9E8M823YKGG53
x-amz-id-2: r9jSnaT3euWVvLZcaYWMa3wofRarV2D4eavhtI1CUmHvidGVt0q3+rY700z8Q7R7/IuYX0328dg=

GET
H2 200 icon-topic-justice.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 1 KB
717 B 46ms
34ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-justice.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c414fd6d170a08f6efd71afa0d5341259ea7168567b6aa09ae24dc7a2b71c08b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:01:03 GMT
server: cloudflare
age: 271750
etag: W/"14c51416cace762609f8c455d248ac4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9641db659cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EEWBGQ5CRWZR6Y9T
x-amz-id-2: uRNhLJK9qTEva5fo1fQR/WAJ5Rgr6fID2K6glvo9jDNFvwiSP8h5yL4NIgI67oQyIzf9jvAGGVE=

GET
H2 200 icon-topic-human-rights.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 2 KB
826 B 42ms
29ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-human-rights.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cdbde6f2e7d6f364c7c1575e15683d007b30d58c0222b36d2405c20d260418f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:53 GMT
server: cloudflare
age: 271750
etag: W/"af593c600e47c6a1c3210ee2c76ee377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9641db559cb-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: EEW5XHD4CEQFMW8K
x-amz-id-2: aHa8wOBWMwjyZKN51e3qvj0OqYyqN+xe7OHaliUcuwuJTAaZ0oa/CQEDJH3iSsFOohl3wDj4Htc=

GET
H3 200 icon-topic-spin.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 981 B
902 B 34ms
32ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-spin.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644d1ebc7fd6f2981023fc129d862e929b5668d2bc5031214728330fb7b00189

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:01:14 GMT
server: cloudflare
age: 355097
etag: W/"fb370de1b73a564123bb4524d91a01e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9643ece692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: XFA3ZB5RT0VFGGVP
x-amz-id-2: VSIm+yAUu0/ZTIRRVwcE+kVPHPL76fXFUhJkgn5niJo+2XZob1nr/yZ/SSA8i9N5DAH3LXHOypY=

GET
H3 200 icon-topic-government.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 3 KB
1 KB 33ms
31ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-government.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e86e2a103f822069377f118acc7a633477ad4eef6d8f0aa1b6cbc43935dc6a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:42 GMT
server: cloudflare
age: 604193
etag: W/"376b5815b0368ebd61161577bc447568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 6b9de9643ecf692b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: CAYJ60W2PCFC3PH8
x-amz-id-2: tVsOqPa3dOn08Kfm+U1LpRuodkfyhB2I0uZXR37hCxhyBFUaUgpQ/p8x4+06Yu2Lyx32x6DbsyQ=

GET
H3 200 members-icon-white.svg
www.thebureauinvestigates.com/assets/img/ 1 KB
856 B 56ms
55ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/members-icon-white.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a22ae34993b865a48ae93f4c17205f5a92c2bd48c90bc5eba767989b5008634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 481
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btw0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fdfc692b-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 109ms
79ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16037974-1

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96374f94d804c5f1aa921379702220ac17065533dd824364587ebdf896c800e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36245
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Dec 2021 12:56:02 GMT

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 208 KB
59 KB 62ms
8ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: df0cce7641391be8048f24da5da415593f34896365034357dec711268b3c960d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 12/06/2021 17:00:46
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: XGRTWBVXTM4C23WJ
x-amz-id-2: wx1UGjfdmNNeNqPfL4n/KeoWgnuitki16KFc+QzjSPeLvviwOXhTmPsD0H/llQJFsf/P1NUVHv4=
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Mon, 06 Dec 2021 16:00:37 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: ef44122297cc619e90b53c669984ff0d
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 comments.js Show response
www.thebureauinvestigates.com/cpresources/c054fe9/js/ 13 KB
4 KB 56ms
55ms Script
application/javascript 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/cpresources/c054fe9/js/comments.js?v=1635341923

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.5

Resource Hash

13b15c84c670a2bbffc7ad9ecb60ce11dc34cadb96361279cfecc2a57c2e97bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3457
x-powered-by: PHP/7.4.5
content-disposition: inline; filename="comments.js"
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
pragma: public
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Tue, 07 Dec 2021 10:17:45 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400, must-revalidate, post-check=0, pre-check=0
cf-ray: 6b9de963fdfe692b-FRA
expires: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 36ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: P2Oj2UxyzCTao2OlcWnDkXMIFg497UXq1I9lq25SpZ+PDuEaIIRDQtPmdQucZQwLj3hAqhR8IgEsGdDBQOkmjw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 07 Dec 2021 12:56:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 embed
flo.uri.sh/visualisation/7876823/ Frame EC2C 0
0 101ms
32ms Document
text/html 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/7876823/embed
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-type: text/html; charset=utf-8
x-amz-id-2: Ut7ILNG6QJxo6t3G8ZJM+oHFXuqiURuQLgHq/3hpsT1QgRgSl/dp7oU9mdn3+YPz0HbrgP5pTZM=
x-amz-request-id: CG7QERV25FSR8SCV
cache-control: max-age=0
last-modified: Fri, 03 Dec 2021 12:08:09 GMT
x-amz-version-id: 6NPxH9tEcsTVouKeCYG._9k62LIvDf8f
cf-cache-status: HIT
age: 102007
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2EpB4SCLd2pB9X%2FZ3arguOqMNcOo6UUfuGfpC5GneE59vdcg%2FUmH9eByd560E1KULizII8GtK3JjUCr6RRKh%2FFg5JJ1N9unkFBic0gw9EvJtLca0DZFiG%2FTMo7GM9sLPSoygrVhJOU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b9de964693c59a7-MXP
content-encoding: br

GET
H3 200 search-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 680 B
778 B 56ms
56ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/search-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190922ae32efbd9ed02bb0164a93a1c6357cfc4e7246f1c6bb0a2b609f5fd6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 408
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btiw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe00692b-FRA

GET
H3 200 facebook-icon-dark-grey.svg
www.thebureauinvestigates.com/assets/img/ 483 B
718 B 57ms
57ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/facebook-icon-dark-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f550fbdcc42afd808164719a4d095796a02301d2a178e546fa40d6accf181d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
cf-ray: 6b9de963fe04692b-FRA
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"qr71btdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 twitter-icon-dark-grey.svg
www.thebureauinvestigates.com/assets/img/ 959 B
910 B 23ms
23ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/twitter-icon-dark-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71560977ee94f83dadd0d9d979afddbb37071b68ae2463ab663ea8fe1ec880cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 535
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btqn"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe05692b-FRA

GET
H3 200 more-icon-white.svg
www.thebureauinvestigates.com/assets/img/ 520 B
733 B 21ms
20ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/more-icon-white.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a661b1c27b461b952cb569c6c278607e7dd44228a83ddb49c79cca696c00fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 358
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bteg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe07692b-FRA

GET
H3 200 twitter-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 954 B
907 B 57ms
56ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/twitter-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1a10bccbd07aca7c3822a68060eb119516eb67ec88850e1222fd8bb21badf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1291
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 532
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btqi"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe08692b-FRA

GET
H3 200 facebook-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 478 B
715 B 22ms
21ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/facebook-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74ebe2643fe5f2fbfa3c3c17e19dd1be1aba399a7a0220aa0c3c5cb79dcb5379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1291
cf-ray: 6b9de963fe0a692b-FRA
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"qr71btda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 link-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 1007 B
961 B 27ms
27ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/link-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d078255aa8037463c231f257236bc634a4c677ba0530bb942ba03b427d75106

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 586
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btrz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe0d692b-FRA

GET
H3 200 email-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 472 B
689 B 57ms
56ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/email-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e58afd217286f9666888c7c594f19d42b84a0dd6852b8d00e6abad29b4a54e40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
cf-ray: 6b9de963fe0f692b-FRA
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"qr71btd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 more-icon-red.svg
www.thebureauinvestigates.com/assets/img/ 517 B
732 B 20ms
20ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/more-icon-red.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180b5b19ced9e28d609a585eeed684319aba6fc5a67f8b419b88b1a075b065c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 357
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bted"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe10692b-FRA

GET
H3 200 twitter-icon-red.svg
www.thebureauinvestigates.com/assets/img/ 944 B
919 B 18ms
18ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/twitter-icon-red.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a5147a23253cbe02a55aed34f70fb80327d57e87284df76c69544d65eca852c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1291
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 544
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btq8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe14692b-FRA

GET
H3 200 email-icon-red.svg
www.thebureauinvestigates.com/assets/img/ 493 B
705 B 54ms
54ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/email-icon-red.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

733c23fabb723431e37fa5cec2b3db7b4b66eb761a2e62a825b126ed12a89f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
cf-ray: 6b9de963fe16692b-FRA
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"qr71btdp"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 key-icon-red.svg
www.thebureauinvestigates.com/assets/img/ 517 B
734 B 54ms
53ms Image
image/svg+xml 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/key-icon-red.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b2418cef6b9a987ffca23a2d3d66340cf8c99ee1434d51b91e67b87487a9f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1345
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 359
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bted"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b9de963fe26692b-FRA

GET
H3 200 TiemposTextWeb-Regular.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposText/ 55 KB
56 KB 21ms
20ms Font
font/woff2 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposText/TiemposTextWeb-Regular.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f1e8b88778413dc103a0b2f23f9df5f206135c1819e563b278e114835a4435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt17k8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 6b9de963fe29692b-FRA

GET
H3 200 GT-America-Standard-Regular.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 49 KB
50 KB 56ms
54ms Font
font/woff 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Regular.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt12xo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 6b9de963fe2a692b-FRA

GET
H3 200 GT-America-Standard-Bold.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 53 KB
53 KB 24ms
23ms Font
font/woff 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Bold.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0086bc27856d9d109bc1ef98621e3b1025dc950546b46b84e66da0105e7f8e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt15po"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 6b9de963fe2b692b-FRA

GET
H3 200 GT-America-Mono-Light.woff
www.thebureauinvestigates.com/assets/fonts/GT-America-Mono/ 40 KB
40 KB 55ms
54ms Font
font/woff 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America-Mono/GT-America-Mono-Light.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9210265615064ba604ade4c307414039fe391a20986c4811f1c61670791c5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btvbo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 6b9de963fe2d692b-FRA

GET
H3 200 BebasNeue-Bold.woff2
www.thebureauinvestigates.com/assets/fonts/BebasNeue/ 15 KB
15 KB 57ms
57ms Font
font/woff2 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/BebasNeue/BebasNeue-Bold.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97093c025bf247dbcbb0334533712b67fa36132e77680557a2e8578e8d53dbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btbpw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 6b9de963fe30692b-FRA

GET
H3 200 TiemposHeadlineWeb-Bold.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposHeadline/ 36 KB
37 KB 60ms
59ms Font
font/woff2 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposHeadline/TiemposHeadlineWeb-Bold.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b1d94b5d498f9951ebdb170a9295c18b0e6bdb1d89a85c3f0ef6ab5fc2abdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btsp8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 6b9de963fe31692b-FRA

GET
H3 200 TiemposTextWeb-Bold.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposText/ 56 KB
56 KB 60ms
60ms Font
font/woff2 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposText/TiemposTextWeb-Bold.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

450c13014afb3c9690f67a4d26fe7d8a168d4a9cb4934846e064bd1957047bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1299
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt1814"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 6b9de963fe34692b-FRA

GET
H3 200 GT-America-Standard-Black.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 52 KB
52 KB 62ms
61ms Font
font/woff 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Black.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47bbab99a448b2f6d405a77ed6436829d0b807001d9baad4110c4e55be3b29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1303
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt14zo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 6b9de963fe37692b-FRA

GET
H3 200 TiemposTextWeb-RegularItalic.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposText/ 57 KB
57 KB 64ms
63ms Font
font/woff2 2606:4700:10::6816:4f56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposText/TiemposTextWeb-RegularItalic.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4f56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294987a3a5b54bc5fdc01337e661f61c8102e89cd4376ccf9addda92e9426f84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1167
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt18u8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 6b9de963fe38692b-FRA

GET
H2 200 embed Show response
flo.uri.sh/visualisation/7876823/ Frame EC2C 278 KB
84 KB 29ms
29ms Document
text/html 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/visualisation/7876823/embed
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/js/dist/app.1629228031.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12788cd5adc7132fefab3a39b172f61ba66430b9959212de950cae08e08f4ca3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-type: text/html; charset=utf-8
x-amz-id-2: Ut7ILNG6QJxo6t3G8ZJM+oHFXuqiURuQLgHq/3hpsT1QgRgSl/dp7oU9mdn3+YPz0HbrgP5pTZM=
x-amz-request-id: CG7QERV25FSR8SCV
cache-control: max-age=0
last-modified: Fri, 03 Dec 2021 12:08:09 GMT
x-amz-version-id: 6NPxH9tEcsTVouKeCYG._9k62LIvDf8f
cf-cache-status: HIT
age: 102008
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9TTUhNEeLvFC1TNM1XpkLXMC4NrEwYkVb%2BjLaro2Rwo4XODXLBt%2Ffv%2Fu3mUu4LclQKvjj%2BGKndXDjdYJIcyAsDWLbokogjIhm5bOKw2ao2hNMRs0MCd%2BWhqSNL%2BkFCOjQVP3QwUl9M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6b9de964da3659a7-MXP
content-encoding: br

GET
H2 200 72240 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 158ms
99ms XHR
application/json 13.225.87.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/72240?d=thebureauinvestigates.com
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-47.fra2.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: 3baae418a905be20c55783a9679bcd4556eda8a9b594f7c0004e84e036320540

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: FRA2-C2
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 81197
x-user-agent: standard--
last-modified: Thu, 11 Feb 2021 12:19:15 GMT
server: Pagely Gateway/1.5.1
etag: W/"f5a583a29f9b1c25089f3606165ae252"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: QTZlH4UoNNkNqmVtLOAXci3YF7THa2AYWgjSN5QjaTTCiQFIOauGpQ==
expires: Tue, 07 Dec 2021 12:48:06 GMT

GET
H2 200 style.css
flo.uri.sh/template/2060/v9/static/ Frame EC2C 3 KB
1 KB 27ms
27ms Stylesheet
text/css 2606:4700:20::681a:17b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://flo.uri.sh/template/2060/v9/static/style.css
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:17b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37c1e82d2ae803a2d4bc609432f7673a12e3ae76e41030d3fcdec2aa4ae73eed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/visualisation/7876823/embed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1122629
x-amz-request-id: W1E8C8PM2FJCE704
x-amz-id-2: aOLSkXm6gegSir3Yf67MPHUCuBu4CNfaE9z8dxwOiNsgM6Bf6GGB+8sPh6rvBGM7dmzk3ZGVTFM=
last-modified: Wed, 24 Nov 2021 12:23:09 GMT
server: cloudflare
etag: W/"8ab6442c473829811999dd040c8f5d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=albZ3e0OpO9i81kj5OkqhfsR4S77gJfgvd56sBHpwPo0uuXNdMnNfRLkmFdbLaCDMciWYH61XJ6fYcEl%2FX7FrDLP4KE1788jVpKc8mvSnMcI%2FbgiC8VLEnFMyhGEcLCPwlFYZ3R7sh0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, immutable
x-amz-version-id: belgMp3Gsh9AlNyZkFXfUOyOesyS9AW6
cf-ray: 6b9de9655bb359a7-MXP

GET
H2 200 embedded.js Show response
public.flourish.studio/resources/v3/ Frame EC2C 7 KB
3 KB 40ms
9ms Script
application/javascript 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.flourish.studio/resources/v3/embedded.js
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e708fd9e4697516df2595d1d1fa5f9d4e97dc18ce53d7dfa9074af7dd2db460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: naTVMEo4QB5CdsXpefYxur2h3c4sGXGR
content-encoding: gzip
etag: W/"ba1c53f1992171670817234d60b1eac4"
age: 69
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 03 Dec 2021 12:20:56 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 12:54:54 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript; charset=utf-8
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HbMSxiJjke39q_4EmdQjZFXSNbdvYClbj4zy8WSJID4A8sixZTsqmA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame EC2C 49 KB
20 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6895
date: Tue, 07 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:01:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EC2C 4 KB
1 KB 42ms
17ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Requested by

Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Dec 2021 11:56:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Dec 2021 12:56:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Dec 2021 12:56:02 GMT

GET
H2 200 e357b045-8211-40ad-a7f3-743dc2e8354c.png
public.flourish.studio/uploads/ Frame EC2C 18 KB
19 KB 9ms
9ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/e357b045-8211-40ad-a7f3-743dc2e8354c.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a42f92821660aaadd24e51774a2a5c3de88402be952daff699a5b38d224f2b20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: _q9kScMEzPVwuarPYSBfoM.ZU4PFHy5m
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "660bcb3e9408cfa1747d2d6e4c8c4526"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 18674
last-modified: Thu, 25 Nov 2021 11:38:10 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: DfhRu_b-1LswW-4I7Md5S-nE7Tubg6q8V9T-vd_qcW8LFxekcRyYMA==

GET
H2 200 077e3ba5-06b7-491b-b823-db1d88a22814.png
public.flourish.studio/uploads/ Frame EC2C 9 KB
10 KB 12ms
11ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/077e3ba5-06b7-491b-b823-db1d88a22814.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e945a512f98ff30058d202072f32d3cf29abab8e8a526bbb70b3e9bcc5f0c608

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: Tn.d2AaiNjbH3PRZ6RvBYFHTYslj6jOE
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "dcde7f8781de01e411c7774a5002ad10"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 9566
last-modified: Thu, 25 Nov 2021 13:38:53 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ljek8xpmz-6IK7iuWPpsx_yrBKFsrrdNBjmhFkUkmqKQhP_ZKlTXCA==

GET
H2 200 454a261b-0e9f-4c2f-92ce-a7a400af6e6f.png
public.flourish.studio/uploads/ Frame EC2C 19 KB
20 KB 12ms
11ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/454a261b-0e9f-4c2f-92ce-a7a400af6e6f.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2596d8f65980bc00a7a9f297de9713935ea63d98f79e988ff5f8ac59cfc1bc4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: lRDlDkm1Mt353zX6TUeFTXh0zvDvLjym
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "7571ea13179d06d922f912f64d14abc6"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 19683
last-modified: Thu, 25 Nov 2021 13:37:09 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ftw06h9HfgsQ-D11z_eNt-0vgNiAWEu2NOL9WZjQfBsfNHTiliGKDQ==

GET
H2 200 84e8be17-7c5a-4f0e-968f-5719d1c727c9.png
public.flourish.studio/uploads/ Frame EC2C 44 KB
44 KB 15ms
14ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/84e8be17-7c5a-4f0e-968f-5719d1c727c9.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f21d560e9607b208085410a7f84e652a2c8cbbf54c6dee2e72523fb6ea666f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: 9UEngg56j1Q9gaIdwFIqts.1vZMVBOor
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "8ca61b7f26d977f94ec54069e463a9d5"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 44917
last-modified: Thu, 25 Nov 2021 11:20:07 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: bsd5h-0mVZDR5WVuj9F8B18hwN7OI3b3HPJNpBpXBdf_4NAkAc1lLw==

GET
H2 200 17013413-a40e-4db7-9bfa-8c353c1f65d0.png
public.flourish.studio/uploads/ Frame EC2C 39 KB
39 KB 21ms
19ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/17013413-a40e-4db7-9bfa-8c353c1f65d0.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ada8e8cbeff74f250fc327f75383f13c528675607d9d9c71a9a61889588b5f4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: xNzr6ZR2l5nqSLK7DDGihI7DH8RLztdX
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "33477a485165adc3b20ae7c4342262e7"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 39845
last-modified: Thu, 25 Nov 2021 13:33:27 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 0uRak2b1Dtj2VTAuGWKAZyQ0d0zp8VH3Tw_-nP9a2m7Igx9dJjD3kw==

GET
H2 200 9d34907e-666e-4ec0-b036-79e1587ec8dc.jpeg
public.flourish.studio/uploads/ Frame EC2C 114 KB
115 KB 23ms
22ms Image
image/jpeg 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/9d34907e-666e-4ec0-b036-79e1587ec8dc.jpeg
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c0bd42c7bcbb97a787db7b787ceb9b1aad9c915add8d097c77130c6d1049441

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: PRh7O2u8eOOMqwniT7ix2_Xp9hDhWOg0
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "932f0193d9df97ac0f279c282e5cbea8"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 116673
last-modified: Thu, 25 Nov 2021 11:26:27 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 1yeQD-ouoGsQL68XsjpIO7S9kmNmZ2aXXZVcj1VSNXgAZhR6tdCX2Q==

GET
H2 200 8db7e439-35d6-475b-9792-f7c3369985e3.jpeg
public.flourish.studio/uploads/ Frame EC2C 79 KB
79 KB 23ms
23ms Image
image/jpeg 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/8db7e439-35d6-475b-9792-f7c3369985e3.jpeg
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8d86f42172b5503292bfc1c5768cfa1fb5ecc935232030f2cbfe11ff62e38f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: r9z5TiDqG1_VUTtbHLnpdmC9S_8n7wdK
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "4ebcaaffcaf8ee409bc8902524e71a6b"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 80679
last-modified: Thu, 25 Nov 2021 13:39:05 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 7E0zYB2sejtR-k19e-5qQ8AJolvTADd8nxiOWPBJsOhugLpxHq20aQ==

GET
H2 200 68a8555b-f29b-4f63-aa33-784942de87b7.png
public.flourish.studio/uploads/ Frame EC2C 21 KB
21 KB 27ms
26ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/68a8555b-f29b-4f63-aa33-784942de87b7.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a260ab672ae2172ba75b6251bbb679a2f899dd2d5b414bc8faa389cfbc429b7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: tNUyhIqtw_WTBDeNhqctZItxZrcJLsi3
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "a01e8bc4cf2fc9c059426262a0c99230"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 21466
last-modified: Thu, 25 Nov 2021 11:25:59 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Ep5MwaSPnnCXdLTD7UDSvsrjBgbwSTHih8tCextrSe3bX52cqfE7pA==

GET
H2 200 eb58774a-2ec1-4578-b52a-58cd6f051330.jpeg
public.flourish.studio/uploads/ Frame EC2C 26 KB
26 KB 27ms
27ms Image
image/jpeg 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/eb58774a-2ec1-4578-b52a-58cd6f051330.jpeg
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8ce6ffefbd22c192053195024b2f29bec0ec5157d61a9847b51fabc3e0f7072

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: vGXt8UMmxdUnpIXeRUauw4OBkkAJ4flq
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "d14b39914ccdd22765d449b69b89ba94"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 26540
last-modified: Tue, 30 Nov 2021 14:42:47 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: tn9o-XJaPV7RqzNCNgiWsZjyP00IiGGFgeIXa_5pByrHzoiZCEfNBg==

GET
H2 200 abb04697-50f6-4ecc-9d06-6a80f0f124c4.png
public.flourish.studio/uploads/ Frame EC2C 206 KB
207 KB 27ms
27ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/abb04697-50f6-4ecc-9d06-6a80f0f124c4.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0b0b8840de4bc2a04d4743b007330bb8ec1d55a6f8ad61dbf562531aa1f148b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: NWNDzrqE3UvmFy5ocVGQEhTAe0kUsoOT
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "0d1590ae2c83cce857bb0a84458f8e23"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 211448
last-modified: Thu, 25 Nov 2021 10:51:16 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: g3t3GCPDZS5TXT4cIHlxI2SGX1-Xz2EYHXJJnpQ7-RjQLmH6UILkRg==

GET
H2 200 783dc953-45f5-4e3c-b4d5-9456da969ea2.png
public.flourish.studio/uploads/ Frame EC2C 3 KB
4 KB 30ms
29ms Image
image/png 13.224.189.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://public.flourish.studio/uploads/783dc953-45f5-4e3c-b4d5-9456da969ea2.png
Requested by: Host: flo.uri.sh
URL: https://flo.uri.sh/visualisation/7876823/embed
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-66.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0799c36d9e018fe238e7005ef3ac43503e7ab2549d405e5bfbb1952e96151bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://flo.uri.sh/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: MWMkdTgkG3hWn0lPusXLOkcj2DD_T89G
via: 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
etag: "363961ade81c301f11a99929988866cd"
age: 18899
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-disposition: attachment
content-length: 3513
last-modified: Thu, 25 Nov 2021 10:51:30 GMT
server: AmazonS3
date: Tue, 07 Dec 2021 07:41:04 GMT
vary: Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: HvWSYs9vy_8jxbUhpdO2NLQMRyAE75Lru69_qGeyA4CahFOZT2dPnQ==

POST
H3 200 collect
www.google-analytics.com/ Frame EC2C 35 B
55 B 33ms
14ms Ping
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://flo.uri.sh/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 07 Dec 2021 12:56:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://flo.uri.sh
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 58ms
9ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 07 Dec 2021 12:56:02 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 08/11/2021 05:08:04
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver: 1.0
cdn-fileserver: 162
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 273ea8004a058dbf07be507b21c99b49
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thebureauinvestigates.com/stories/2021-12-06/swiss-tech-company-boss-accused-of-selling-mobile-network-access-for-spying
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6895
date: Tue, 07 Dec 2021 11:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Dec 2021 13:01:07 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame EC2C 15 KB
16 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 06 Dec 2021 17:55:21 GMT
x-content-type-options: nosniff
age: 68441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15640
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:37 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 06 Dec 2022 17:55:21 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v19/ Frame EC2C 15 KB
15 KB 37ms
14ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v19/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://flo.uri.sh
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 14:17:54 GMT
x-content-type-options: nosniff
age: 599888
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15720
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:08:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 30 Nov 2022 14:17:54 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.thebureauinvestigates.com/	1970-01-23 23:13:15	Name: _omappvp Value: n4vcu0JeEhMmwv1tgWLH3WTEMHQT7ePjsihM530JX97SQBtkYBn6gb8EY7kRot0YVOKJMtrJIhqTNyuoCddvT6Twwx9ugDoW
			www.thebureauinvestigates.com/	1970-01-19 23:14:42	Name: _omappvs Value: 1638881762104

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.opmnstr.com
api.omappapi.com
assets2.thebureauinvestigates.com
connect.facebook.net
d3cocnzdt9u6c9.cloudfront.net
flo.uri.sh
fonts.googleapis.com
fonts.gstatic.com
public.flourish.studio
www.google-analytics.com
www.googletagmanager.com
www.thebureauinvestigates.com
13.224.189.66
13.225.87.47
2600:9000:20eb:bc00:1d:2792:2640:21
2606:4700:10::6816:4f56
2606:4700:20::681a:17b
2a00:1450:4001:808::200e
2a00:1450:4001:809::200a
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a03:2880:f02d:12:face:b00c:0:3
89.187.169.47
0086bc27856d9d109bc1ef98621e3b1025dc950546b46b84e66da0105e7f8e2a
05b1d94b5d498f9951ebdb170a9295c18b0e6bdb1d89a85c3f0ef6ab5fc2abdd
0799c36d9e018fe238e7005ef3ac43503e7ab2549d405e5bfbb1952e96151bda
0a430d07aaf86f36cfd042ccdcd43afc9b8bc116362801125a04efee9110491f
0b0b8840de4bc2a04d4743b007330bb8ec1d55a6f8ad61dbf562531aa1f148b7
0c0bd42c7bcbb97a787db7b787ceb9b1aad9c915add8d097c77130c6d1049441
0d078255aa8037463c231f257236bc634a4c677ba0530bb942ba03b427d75106
0e86e2a103f822069377f118acc7a633477ad4eef6d8f0aa1b6cbc43935dc6a3
101e8898b9427eddee9a43aa3fe8dc77c07b0b28e1680fc08ba852049d32f12b
12788cd5adc7132fefab3a39b172f61ba66430b9959212de950cae08e08f4ca3
13b15c84c670a2bbffc7ad9ecb60ce11dc34cadb96361279cfecc2a57c2e97bc
180b5b19ced9e28d609a585eeed684319aba6fc5a67f8b419b88b1a075b065c3
180f2195bdae3f048def74498667ae08206a1f7d08a3d2085cf019b463ed1804
190922ae32efbd9ed02bb0164a93a1c6357cfc4e7246f1c6bb0a2b609f5fd6b5
1ef3392ac9ca52c6155d0b174afc69e3b26638715d3d76be1a7b9cc7bba3af14
2017083781de3e396e0cdd7938eca60ad968e62dc3b6846c188e7d55a8173f5b
24218021ee2c4250f385550d45828f829d73799d83c7e197f36d206c6b120843
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2596d8f65980bc00a7a9f297de9713935ea63d98f79e988ff5f8ac59cfc1bc4e
294987a3a5b54bc5fdc01337e661f61c8102e89cd4376ccf9addda92e9426f84
2deb582b571f4adfe165dcec649aa282263b55718602c65433c41de58708defe
2e708fd9e4697516df2595d1d1fa5f9d4e97dc18ce53d7dfa9074af7dd2db460
2f550fbdcc42afd808164719a4d095796a02301d2a178e546fa40d6accf181d0
37c1e82d2ae803a2d4bc609432f7673a12e3ae76e41030d3fcdec2aa4ae73eed
3baae418a905be20c55783a9679bcd4556eda8a9b594f7c0004e84e036320540
3cdbde6f2e7d6f364c7c1575e15683d007b30d58c0222b36d2405c20d260418f
3cdf00fa550a08c8b3ef33c9f7e29260a994baa9eeb90b6fbc20f1fa65a585d1
441f1443d286027c5db7bb36b0d780f2e8d2bb5ef96caeba07718e1d32d2f163
450c13014afb3c9690f67a4d26fe7d8a168d4a9cb4934846e064bd1957047bc2
48f1e8b88778413dc103a0b2f23f9df5f206135c1819e563b278e114835a4435
4a22ae34993b865a48ae93f4c17205f5a92c2bd48c90bc5eba767989b5008634
4a5147a23253cbe02a55aed34f70fb80327d57e87284df76c69544d65eca852c
53b907326f7c21a04f6d39cc32ff471aafec57d887feabfabb53394f378c659f
5654f1ca3b17ced176db271ce2c4d92ba87a094f503ffd476abbdba186edae0f
5b6f595b46870d56769cd55c72f847ffdbac2d3789ca9de357ac01c55eb33deb
644d1ebc7fd6f2981023fc129d862e929b5668d2bc5031214728330fb7b00189
71560977ee94f83dadd0d9d979afddbb37071b68ae2463ab663ea8fe1ec880cb
733c23fabb723431e37fa5cec2b3db7b4b66eb761a2e62a825b126ed12a89f0c
74ebe2643fe5f2fbfa3c3c17e19dd1be1aba399a7a0220aa0c3c5cb79dcb5379
7b2418cef6b9a987ffca23a2d3d66340cf8c99ee1434d51b91e67b87487a9f8d
7f21d560e9607b208085410a7f84e652a2c8cbbf54c6dee2e72523fb6ea666f7
803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e56b640788bf4ac34fc34ba080b2bbec449ac7a07089e68095a040df7b2f270
96374f94d804c5f1aa921379702220ac17065533dd824364587ebdf896c800e7
97093c025bf247dbcbb0334533712b67fa36132e77680557a2e8578e8d53dbdd
a103d85792beb901a626ec4e45f362eba0c1295b3e79cc4fe1922b6d733282b3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a260ab672ae2172ba75b6251bbb679a2f899dd2d5b414bc8faa389cfbc429b7c
a42f92821660aaadd24e51774a2a5c3de88402be952daff699a5b38d224f2b20
a4f91df341ae2c5fb9c5fb02dec1189546c594a27f8f025ab57f59e5144d8b37
ada8e8cbeff74f250fc327f75383f13c528675607d9d9c71a9a61889588b5f4d
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b620260ce18788f5a0588213eb372138def70f252373173803b0337201f848a9
c414fd6d170a08f6efd71afa0d5341259ea7168567b6aa09ae24dc7a2b71c08b
c7506adfe37f650c804dc225d978c43926c8d4b6451464b6fcc749f281af46a8
c867104326e3c4b658209d8e5bcea0900aaf7fbc2bbc181ca01c482cac2810f3
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf91aca035854f1e1f4776af5fe13d5483ad574e563118d671e1e25472c30bbf
d91c59b5ff2cbe4afd1d1332cf49db12a630ddcfd3e4d1e1d2ed4cdeee4e3de2
df0cce7641391be8048f24da5da415593f34896365034357dec711268b3c960d
e47bbab99a448b2f6d405a77ed6436829d0b807001d9baad4110c4e55be3b29e
e58afd217286f9666888c7c594f19d42b84a0dd6852b8d00e6abad29b4a54e40
e7a661b1c27b461b952cb569c6c278607e7dd44228a83ddb49c79cca696c00fe
e8d86f42172b5503292bfc1c5768cfa1fb5ecc935232030f2cbfe11ff62e38f2
e945a512f98ff30058d202072f32d3cf29abab8e8a526bbb70b3e9bcc5f0c608
f1a10bccbd07aca7c3822a68060eb119516eb67ec88850e1222fd8bb21badf83
f38ba920d1fc6f4f4a111b0dbfdb1919e14f5bf78c76fccf035c19da36ad3d56
f4ddb2f3c22c9b168d1e4d11a4008f36151709c7085e497d32273a3efe850745
f8ce6ffefbd22c192053195024b2f29bec0ec5157d61a9847b51fabc3e0f7072
f9210265615064ba604ade4c307414039fe391a20986c4811f1c61670791c5b2

www.thebureauinvestigates.com Open in urlscan Pro 2606:4700:10::6816:4f56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

73 Requests

100 %HTTPS

73 %IPv6

11 Domains

13 Subdomains

11 IPs

2 Countries

2578 kBTransfer

3838 kBSize

2 Cookies

10 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thebureauinvestigates.com Open in urlscan Pro
2606:4700:10::6816:4f56 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

13
Subdomains

11
IPs

2
Countries

2578 kB
Transfer

3838 kB
Size

2
Cookies

73 HTTP transactions
0 data transactions