urlscan.io logo urlscan.io
SecurityTrails logo

www.allprivateinvestigations.com Open in urlscan Pro
173.249.147.141  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://allprivateinvestigation.com/
Effective URL: https://www.allprivateinvestigations.com/
Submission: On November 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 20 domains to perform 74 HTTP transactions. The main IP is 173.249.147.141, located in United States and belongs to VPSDATACENTER, US. The main domain is www.allprivateinvestigations.com.
TLS certificate: Issued by R11 on October 25th 2024. Valid for: 3 months.
This is the only time www.allprivateinvestigations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 15.197.225.128 16509 (AMAZON-02)
37 173.249.147.141 40819 (VPSDATACE...)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
8 54.80.240.223 14618 (AMAZON-AES)
3 2a00:1450:400... 15169 (GOOGLE)
3 172.217.18.3 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.4 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 216.58.206.35 15169 (GOOGLE)
2 2620:1ec:33:2... 8075 (MICROSOFT...)
2 157.240.253.1 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.40 15169 (GOOGLE)
1 1 142.250.186.162 15169 (GOOGLE)
1 216.58.206.67 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
2 157.240.253.35 32934 (FACEBOOK)
74 19
1    15.197.225.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
allprivateinvestigation.com
37    173.249.147.141 (United States)

ASN40819 (VPSDATACENTER, US)
PTR: cloudhost-2840114.us-west-1.nxcli.net
www.allprivateinvestigations.com
allprivateinvestigations.com
0d73722e00.nxcli.net
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    54.80.240.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-240-223.compute-1.amazonaws.com
conversions.marketing360.com
callconversions.mad.services
3    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    172.217.18.4 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f4.1e100.net
www.google.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net
www.gstatic.com
2    2620:1ec:33:2::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net
connect.facebook.net
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    216.58.206.40 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f8.1e100.net
www.googletagmanager.com
1    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com
1    216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net
www.google.de
2    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
36 allprivateinvestigations.com
www.allprivateinvestigations.com
allprivateinvestigations.com
578 KB
7 mad.services
callconversions.mad.services — Cisco Umbrella Rank: 216809
38 KB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
107 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
316 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
22 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 bing.net
bat.bing.net — Cisco Umbrella Rank: 8327
465 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
74 KB
2 bing.com
bat.bing.com — Cisco Umbrella Rank: 359
15 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 79
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
110 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
20 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
658 B
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 nxcli.net
0d73722e00.nxcli.net
394 KB
1 marketing360.com
conversions.marketing360.com — Cisco Umbrella Rank: 272589
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
3 KB
1 allprivateinvestigation.com
allprivateinvestigation.com
316 B
0 Failed
function sub() { [native code] }. Failed
74 20
Domain Requested by
30 www.allprivateinvestigations.com www.allprivateinvestigations.com
7 callconversions.mad.services www.googletagmanager.com
callconversions.mad.services
6 allprivateinvestigations.com www.allprivateinvestigations.com
4 www.googletagmanager.com www.allprivateinvestigations.com
www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 www.facebook.com www.allprivateinvestigations.com
2 bat.bing.net bat.bing.com
www.allprivateinvestigations.com
2 connect.facebook.net www.allprivateinvestigations.com
connect.facebook.net
2 bat.bing.com www.googletagmanager.com
bat.bing.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.youtube.com www.allprivateinvestigations.com
2 fonts.googleapis.com www.allprivateinvestigations.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.google.de www.allprivateinvestigations.com
1 www.googleadservices.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.google.com www.googletagmanager.com
1 0d73722e00.nxcli.net www.allprivateinvestigations.com
1 conversions.marketing360.com www.allprivateinvestigations.com
1 cdnjs.cloudflare.com www.allprivateinvestigations.com
1 allprivateinvestigation.com 1 redirects
0 185.16.40.238 Failed www.allprivateinvestigations.com
74 23

This site contains links to these domains. Also see Links.

Domain
allprivateinvestigations.com
www.facebook.com
twitter.com
Subject Issuer Validity Valid
0d73722e00.nxcli.net
R11		 2024-10-25 -
2025-01-23		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
conversions.marketing360.com
R11		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 03		 2024-09-16 -
2025-03-15		 6 months crt.sh
callconversions.mad.services
R11		 2024-09-27 -
2024-12-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-09-01 -
2024-11-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
bat.bing.net
Microsoft Azure RSA TLS Issuing CA 07		 2024-10-27 -
2025-04-25		 6 months crt.sh

This page contains 4 frames:

Primary Page: https://www.allprivateinvestigations.com/
Frame ID: C904F948A177ED29396FC6027819C2BA
Requests: 68 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ENCxbFtipzs
Frame ID: 9A90A27E55ECD7ACE6C29DD1C299389E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ENCxbFtipzs
Frame ID: F799664A529667AFE40299E91421A580
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.allprivateinvestigations.com
Frame ID: 9CF92428A869E6B35CBC6EE2A089BDAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

All Private Investigations

Page URL History Show full URLs

  1. https://allprivateinvestigation.com/ HTTP 302
    http://www.allprivateinvestigations.com/ HTTP 307
    https://www.allprivateinvestigations.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

74
Requests

97 %
HTTPS

40 %
IPv6

20
Domains

23
Subdomains

19
IPs

4
Countries

1553 kB
Transfer

3145 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://allprivateinvestigation.com/ HTTP 302
    http://www.allprivateinvestigations.com/ HTTP 307
    https://www.allprivateinvestigations.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60
  • https://www.googleadservices.com/pagead/conversion/952765169/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo&npa=1&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo

74 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.allprivateinvestigations.com/
Redirect Chain
  • https://allprivateinvestigation.com/
  • http://www.allprivateinvestigations.com/
  • https://www.allprivateinvestigations.com/
62 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
cf4dcf8c9c678f916a74a96fda187ade1cea68f2914c8bda833405ca78a593f7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 22 Nov 2024 10:18:39 GMT
link
<https://www.allprivateinvestigations.com/wp-json/>; rel="https://api.w.org/" <https://www.allprivateinvestigations.com/wp-json/wp/v2/pages/25>; rel="alternate"; type="application/json" <https://www.allprivateinvestigations.com/>; rel=shortlink
server
nginx
vary
Accept-Encoding
x-cache-nxaccel
BYPASS

Redirect headers

Location
https://www.allprivateinvestigations.com/
Non-Authoritative-Reason
HttpsUpgrades
bootstrap.css
www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/css/ 		120 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/css/bootstrap.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"1dead-59a10354dd200"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Thu, 19 Dec 2019 15:28:08 GMT
shortcodes.css
www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/css/shortcodes.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
e94d720449fd37c54620434749e46867be54d0ad27998a57dfe7e028c6dfd0aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"284d-57a2b306a2b80"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Thu, 08 Nov 2018 18:13:18 GMT
style.min.css
www.allprivateinvestigations.com/wp-includes/css/dist/block-library/ 		81 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-nocache
1
content-encoding
br
etag
W/"145db-5e56c75cecba0"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Thu, 04 Aug 2022 16:01:19 GMT
style.css
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
9621571f515a7def9c6a634317c51239eaa07c508b4cd7f00a4b64a8bb45e502

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"5000-56adbfed04f40"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 27 Apr 2018 22:26:29 GMT
25-layout.css
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/ 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/25-layout.css?ver=bc1b0860db4493f609e0c34f360a9cb3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
137b9d15578a0cbd0c6ea14bdd7068ffad87fcecd6fd1cfb8c2249c8bace7a3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"8e1f-5c0e55c16f1a1"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Mon, 26 Apr 2021 19:43:28 GMT
all.min.css
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/ 		58 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.1/css/all.min.css?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"e7d0-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
foundation-icons.css
cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/ 		19 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/foundicons/3.0.0/foundation-icons.css?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03e66-4c34"
age
225008
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uTbRUVj236E17kGXOykA78DdMEABU2uBV6%2BFJcgWrcjtknvK4fkDFeeH5mHH8nLNUDCylJ5NQ2Jo7bHYK1LQiPFPBKTwXs9mbj9OOT0Z%2FjouZcIt9Ons0hNG1mSAdZiPdF%2Bitl0M"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 10:18:39 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:10:14 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e682d3dbd199bbc-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2855
server
cloudflare
bb6b3876f06ecd2d75a44b407d8eafd3-layout-bundle.css
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/ 		37 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/bb6b3876f06ecd2d75a44b407d8eafd3-layout-bundle.css?ver=2.4.2.2-1.3.3.1
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
0ce4aea20792ad59f713134a1e0b0b4c1a0ef1a511a92c91351bff20c05033f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"956d-62735e04b03f5"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Mon, 18 Nov 2024 20:36:50 GMT
jquery.magnificpopup.min.css
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/css/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/css/jquery.magnificpopup.min.css?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
2ed3fa8c76740090829d5d4566efb8eb76de9224e0c894f94e8b5fbf8efea8a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"167e-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
base.min.css
www.allprivateinvestigations.com/wp-content/themes/bb-theme/css/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/bb-theme/css/base.min.css?ver=1.7.8
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"bd2a-5bde566d5c780"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:54 GMT
skin-6082fe19ea714.css
www.allprivateinvestigations.com/wp-content/uploads/bb-theme/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-theme/skin-6082fe19ea714.css?ver=1.7.8
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
470795bed83aff909512a3db53e13a9198f8e95c4450902657e6468c1b7d04ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"f009-5c0a6c9c8d91b"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 23 Apr 2021 17:04:26 GMT
main.css
www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/ 		407 B
247 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/main.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
c32b9b3743a0dcc56e86c80965dca65a2634522d5099ef088720ca86b9823999

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"197-5bde566e509c0"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:55 GMT
style-mobile.css
www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/ 		235 B
180 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/style-mobile.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
10f10045c99aaccac4aa93604c0a1c8a6eebd9a15d32778e67422a03d5be8737

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"eb-5bde566e509c0"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:55 GMT
gravity-forms.css
www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/ 		1 KB
346 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/css/gravity-forms.css?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
60ec5eacd7c8d4630f1ba547d93a8cabf572f5e0d85614a9eb0a0b92aa168dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"436-5bde566e509c0"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:55 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%7CRaleway%3A400%2C300%7CRoboto+Slab%3A500&ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
35858cd2f5f754cc91c1850d402f1788d46f994dc6c8c8557a938a22bff1e42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 10:18:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 22 Nov 2024 10:18:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.min.js
www.allprivateinvestigations.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-nocache
1
content-encoding
br
etag
W/"15db1-5e56c75d5288d"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 04 Aug 2022 16:01:19 GMT
jquery-migrate.min.js
www.allprivateinvestigations.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-nocache
1
content-encoding
br
etag
W/"2bd8-5e56c75d520bd"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 04 Aug 2022 16:01:19 GMT
bootstrap.js
www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/js/ 		36 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/js/bootstrap.js?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"8fd0-59a10352f4d80"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 19 Dec 2019 15:28:06 GMT
init.js
www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/js/ 		341 B
206 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bootstrap-shortcodes/js/init.js?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
74429c368e67e52fc6883b58a550ea484e13bac0ef4ae0f8a8c6605ba0b404a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"155-57a2b306a2b80"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 08 Nov 2018 18:13:18 GMT
imagesloaded.min.js
www.allprivateinvestigations.com/wp-includes/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-includes/js/imagesloaded.min.js?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-nocache
1
content-encoding
br
etag
W/"15fd-5e56c75d547cd"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 04 Aug 2022 16:01:19 GMT
m360-dynamic-content.js
www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/js/ 		618 B
377 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/woo360-theme-child/assets/js/m360-dynamic-content.js?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
decc88c9ebc2ca06b17d67f7c0b2c564bdf6678cc1dea9f0483a7ba5de0a850f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"26a-5bde566e509c0"
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:55 GMT
wp-emoji-release.min.js
www.allprivateinvestigations.com/wp-includes/js/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-nocache
1
content-encoding
br
etag
W/"4705-5e56c75d55f3d"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Thu, 04 Aug 2022 16:01:19 GMT
cta2.jpg
allprivateinvestigations.com/wp-content/uploads/2021/04/ 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2021/04/cta2.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
c28c108165c475d3a977f8388497f6e9537996641a317e675283da615a569300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"2b098-5c0e342a766de"
accept-ranges
bytes
content-length
176280
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
image/jpeg
last-modified
Mon, 26 Apr 2021 17:13:11 GMT
server
nginx
cta3.jpg
allprivateinvestigations.com/wp-content/uploads/2021/04/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2021/04/cta3.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
1d0019ae88fe55b519ab123eee043742e5e676f0abe1ee40ad24c9a6156985b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"1822e-5c0e3434e9bcd"
accept-ranges
bytes
content-length
98862
date
Fri, 22 Nov 2024 10:18:39 GMT
content-type
image/jpeg
last-modified
Mon, 26 Apr 2021 17:13:22 GMT
server
nginx
lower-cta.jpg
allprivateinvestigations.com/wp-content/uploads/2015/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2015/03/lower-cta.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
dcaa7c697daec963c86b1a168025c5269e15852ae7d4b5d76b167514fddfa270

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"2e3a-5c0a5f4b1583d"
accept-ranges
bytes
content-length
11834
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
image/jpeg
last-modified
Fri, 23 Apr 2021 16:04:50 GMT
server
nginx
lower-cta2.jpg
allprivateinvestigations.com/wp-content/uploads/2015/03/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2015/03/lower-cta2.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
c97d9a1a0788c5ffe700f7966123fcc7d5ba815390789029ceb16bd33316f461

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"3d3d-5c0a5f4b864ef"
accept-ranges
bytes
content-length
15677
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
image/jpeg
last-modified
Fri, 23 Apr 2021 16:04:51 GMT
server
nginx
lower-cta3.jpg
allprivateinvestigations.com/wp-content/uploads/2015/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2015/03/lower-cta3.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
a481d520c7cd20143f2abf8c6d9b88132f344accb5851ef1dbba5a1766c963b2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"35aa-5c0a5f4bf4a92"
accept-ranges
bytes
content-length
13738
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
image/jpeg
last-modified
Fri, 23 Apr 2021 16:04:51 GMT
server
nginx
M360.js
conversions.marketing360.com/wc/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conversions.marketing360.com/wc/M360.js
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash
eceeb65b6540ae42f64fe27cf9f7579437b761b25919643553003640f1c06efe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

cache-control
public, max-age=0
etag
W/"a4b-186e2075db8"
x-envoy-upstream-service-time
1
accept-ranges
bytes
access-control-allow-origin
*
content-length
2635
date
Fri, 22 Nov 2024 10:18:40 GMT
last-modified
Tue, 14 Mar 2023 21:29:39 GMT
x-powered-by
Express
server
istio-envoy
content-type
application/javascript; charset=UTF-8
css
fonts.googleapis.com/ 		2 KB
749 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab%3A500&ver=5.9.3
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0d385b88e741be9567eac947e4bc0cb4f4962c41543cd51582bdc7f30fbd9f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 10:18:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 22 Nov 2024 10:18:40 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
jquery.waypoints.min.js
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.waypoints.min.js?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"2281-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
jquery.fitvids.min.js
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/ 		2 KB
705 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"6f6-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
25-layout.js
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/25-layout.js?ver=b8182406d0c8cbeff80768ac3be42ebd
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
9bd4f2a79171d0b54ce3ce978a292bda3a8d864382f7431c7463afa919178964

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"55c2-5c0e55c1737f1"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 26 Apr 2021 19:43:28 GMT
jquery.ba-throttle-debounce.min.js
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/ 		731 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"2db-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
ee9862086bc4229029632772098fdb73-layout-bundle.js
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/ 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/cache/ee9862086bc4229029632772098fdb73-layout-bundle.js?ver=2.4.2.2-1.3.3.1
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
33cfac7c9caf3d1a83191bfb216f59928c980ef4c6904f308eef058969462b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"4262-62735e04b03f5"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 18 Nov 2024 20:36:50 GMT
jquery.magnificpopup.min.js
www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.4.2.2
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"4eba-5bcc0a108bb40"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 05 Mar 2021 02:13:25 GMT
theme.min.js
www.allprivateinvestigations.com/wp-content/themes/bb-theme/js/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.8
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
6d7c566c5bd64e282175894143dbc73c8bef0aeaa9673d1985aadf3c06ac6752

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
content-encoding
br
etag
W/"565d-5bde566d5c780"
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Fri, 19 Mar 2021 15:30:54 GMT
gtm.js
www.googletagmanager.com/ 		289 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
079eef21c59e1bea41930845dcbc8fa48042098c0b5c34941b2cbf79098e50db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 22 Nov 2024 10:18:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 22 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104433
x-xss-protection
0
server
Google Tag Manager
/
185.16.40.238/ajax/ 		0
0
city-bg1.jpg
0d73722e00.nxcli.net/wp-content/uploads/2015/03/ 		393 KB
394 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://0d73722e00.nxcli.net/wp-content/uploads/2015/03/city-bg1.jpg
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/wp-content/uploads/bb-theme/skin-6082fe19ea714.css?ver=1.7.8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
f37d0869a0f0387f19325b1107f3bc6a72455250b29b13415acba8280639c9e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"624c8-5c0a5f4c9703e"
accept-ranges
bytes
content-length
402632
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
image/jpeg
last-modified
Fri, 23 Apr 2021 16:04:52 GMT
server
nginx
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%7CRaleway%3A400%2C300%7CRoboto+Slab%3A500&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.allprivateinvestigations.com
Referer
https://fonts.googleapis.com/

Response headers

age
154466
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 15:24:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 15:24:14 GMT
last-modified
Tue, 02 May 2023 15:17:22 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23580
x-xss-protection
0
server
sffe
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%7CRaleway%3A400%2C300%7CRoboto+Slab%3A500&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.allprivateinvestigations.com
Referer
https://fonts.googleapis.com/

Response headers

age
172217
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 10:28:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 10:28:23 GMT
last-modified
Wed, 01 May 2024 20:31:48 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48336
x-xss-protection
0
server
sffe
BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjovoSmb2Rj.woff2
fonts.gstatic.com/s/robotoslab/v34/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v34/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjovoSmb2Rj.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%7CRaleway%3A400%2C300%7CRoboto+Slab%3A500&ver=5.9.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f3.1e100.net
Software
sffe /
Resource Hash
8eaf7f057bfb90f60a49bd984cd64949290700c4056d211f48d89ae1ec2d7374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.allprivateinvestigations.com
Referer
https://fonts.googleapis.com/

Response headers

age
218717
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 21:33:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 21:33:23 GMT
last-modified
Tue, 24 Oct 2023 01:57:47 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14300
x-xss-protection
0
server
sffe
Ultimate-Icons.ttf
www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/ 		91 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/fonts/Ultimate-Icons.ttf?1ddi1j
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.4.2.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.allprivateinvestigations.com
Referer
https://www.allprivateinvestigations.com/wp-content/uploads/bb-plugin/icons/ultimate-icons/style.css?ver=2.4.2.2

Response headers

x-cache-nxaccel
MISS
etag
"16b60-56adbfed04f40"
accept-ranges
bytes
content-length
93024
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
application/font-sfnt
last-modified
Fri, 27 Apr 2018 22:26:29 GMT
server
nginx
ENCxbFtipzs
www.youtube.com/embed/ Frame 9A90 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ENCxbFtipzs
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allprivateinvestigations.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 10:18:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
mockup-logo1.png
allprivateinvestigations.com/wp-content/uploads/2015/03/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://allprivateinvestigations.com/wp-content/uploads/2015/03/mockup-logo1.png
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
2916e86d7df32250c0d45cf511548bd75e60a0a97c400ffed27d5f0b2989c8a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"4d9f-5c0a5f4d89efb"
accept-ranges
bytes
content-length
19871
date
Fri, 22 Nov 2024 10:18:40 GMT
content-type
image/png
last-modified
Fri, 23 Apr 2021 16:04:53 GMT
server
nginx
ENCxbFtipzs
www.youtube.com/embed/ Frame F799 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ENCxbFtipzs
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.allprivateinvestigations.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy
require-trusted-types-for 'script'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Fri, 22 Nov 2024 10:18:41 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=921980754.1732270721&auid=1375161840.1732270721&npa=1&gtm=45He4bk0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732270721417&tfd=4730&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
gzip
age
2915
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 11:30:06 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 09:30:06 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/ 		248 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-952765169&l=dataLayer&cx=c&gtm=45He4bk0za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
088da8d7f9816513dfadb3157a29a61ba6b09678e2511951d4f45f933c2fde09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 22 Nov 2024 10:18:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 22 Nov 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
90902
x-xss-protection
0
server
Google Tag Manager
loader.js
www.gstatic.com/wcm/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
br
age
1031
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Fri, 22 Nov 2024 11:01:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:01:30 GMT
last-modified
Wed, 20 Mar 2024 23:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
2133
x-xss-protection
0
server
sffe
bat.js
bat.bing.com/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"028e0691d20db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 340224E0DE1E41D9A48F4EC66F0EFBF9 Ref B: LON212050701051 Ref C: 2024-11-22T10:18:41Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14570
date
Fri, 22 Nov 2024 10:18:41 GMT
content-type
application/javascript
last-modified
Wed, 16 Oct 2024 22:47:44 GMT
vary
Accept-Encoding
m360.js
callconversions.mad.services/js/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/js/m360.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
bd89bb34088eb7a962d1fbe220796e541b74cef1397c102e93f5a768b1559fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

access-control-expose-headers
sessionId
etag
W/"9514-rYd/zK/lKMlg0kTBRzZqTOdcgSw"
x-content-type-options
nosniff
date
Fri, 22 Nov 2024 10:18:42 GMT
content-type
text/javascript; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0
x-dns-prefetch-control
off
x-envoy-upstream-service-time
2
x-download-options
noopen
access-control-allow-origin
*
content-length
38164
x-xss-protection
1; mode=block
server
istio-envoy
fbevents.js
connect.facebook.net/en_US/ 		239 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-upwrDsjF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:18:41 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-upwrDsjF' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=49, rtx=4, c=4, mss=1232, tbw=9631, tp=15, tpl=4, uplat=0, ullat=-1
pragma
public
x-fb-debug
BiN23z4wEktlOwoXshxB7218LiioiT2276M+XwMmI+rgoSDbwkIT6axA7naI/odUsAAb3/N6sWSMmF1U8DvO5w==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame 9CF9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.allprivateinvestigations.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NSNSF82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
199527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Nov 2024 02:53:14 GMT
expires
Thu, 20 Nov 2025 02:53:14 GMT
last-modified
Tue, 19 Nov 2024 10:38:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		15 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=673745597&t=pageview&_s=1&dl=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&ul=de-de&de=UTF-8&dt=All%20Private%20Investigations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=2362091&gjid=324480681&cid=2076358360.1732270722&tid=UA-61112310-1&_gid=227577448.1732270722&_slc=1&gtm=45He4bk0n81NSNSF82za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&npa=1&z=92403306
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0ee40fe8cdfe03c73fe54ffeb2f81debb65017d1e466136127ec927132b1f763
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.allprivateinvestigations.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.allprivateinvestigations.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
stats.g.doubleclick.net/j/ 		1 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-61112310-1&cid=2076358360.1732270722&jid=2362091&gjid=324480681&_gid=227577448.1732270722&npa=1&_u=YGBAgEABAAAAAGAAI~&z=869714497
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.allprivateinvestigations.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgdc:149:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgdc:149:0
access-control-allow-origin
https://www.allprivateinvestigations.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
call-tracking_9.js
www.gstatic.com/call-tracking/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_9.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
sffe /
Resource Hash
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
br
age
217448
report-to
{"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
x-content-type-options
nosniff
expires
Wed, 19 Nov 2025 21:54:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 19 Nov 2024 21:54:33 GMT
last-modified
Mon, 22 Jan 2024 22:18:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="ads-telephony"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
accept-ranges
bytes
content-length
20777
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/ 		377 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LNGVGZ0779&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2acdfcf689cbfbdfcc374916b19a61ac6f807d3a83b7edd73ba7e25df3f63cc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 22 Nov 2024 10:18:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:41 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
127622
x-xss-protection
0
server
Google Tag Manager
17259118.js
bat.bing.com/p/action/ 		363 B
412 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/17259118.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:2::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 746C5A670D9844FBB273332AF22BA6C0 Ref B: LON212050701051 Ref C: 2024-11-22T10:18:42Z
x-cache
CONFIG_NOCACHE
date
Fri, 22 Nov 2024 10:18:41 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
696568454479977
connect.facebook.net/signals/config/ 		68 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/696568454479977?v=2.9.176&r=stable&domain=www.allprivateinvestigations.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
06db4ef62a254c48b386b3cfab4de50859102299e50a2519420c17e35384ecc9
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3fOQhqen' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:18:42 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-3fOQhqen' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=58, rtx=13, c=68, mss=1232, tbw=86655, tp=81, tpl=13, uplat=230, ullat=1
pragma
public
x-fb-debug
TyM+pBBPtbHWXZz4kmnH9p9u9WnX/tMdAiOSnus+BTCZqtjzL384WMNNZDwNfLn7YzZPwMMhb1f0p+VmHzBV4A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/952765169/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo&npa=1&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo
80 B
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H3
Server
216.58.206.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s08-in-f3.1e100.net
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
87
date
Fri, 22 Nov 2024 10:18:42 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe

Redirect headers

location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=6312684486&cl=io1bCMWq_sUBEPGVqMYD&dma=1&dma_cps=syphamo
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://www.allprivateinvestigations.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Fri, 22 Nov 2024 10:18:42 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
cafe
0
bat.bing.net/actionp/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bat.bing.net/actionp/0?ti=17259118&tm=gtm002&Ver=2&mid=f2ff858b-1477-4d86-8f53-89bf4665cb86&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8C3D1820628D4CCFAEDE3C9BD5AF6966 Ref B: FRA31EDGE0114 Ref C: 2024-11-22T10:18:42Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 22 Nov 2024 10:18:42 GMT
0
bat.bing.net/action/ 		0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.net/action/0?ti=17259118&tm=gtm002&Ver=2&mid=f2ff858b-1477-4d86-8f53-89bf4665cb86&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=All%20Private%20Investigations&p=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&r=&lt=4354&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=299582
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 12FBD2AF348949E3952B1BDB5FA29F8A Ref B: FRA31EDGE0114 Ref C: 2024-11-22T10:18:42Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 22 Nov 2024 10:18:42 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LNGVGZ0779&gtm=45je4bk0v9136737134za200&_p=1732270720191&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&ul=de-de&sr=1600x1200&cid=2076358360.1732270722&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&dt=All%20Private%20Investigations&sid=1732270722&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=5546
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNGVGZ0779&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.allprivateinvestigations.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 22 Nov 2024 10:18:42 GMT
content-type
text/plain
server
Golfe2
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=696568454479977&ev=PageView&dl=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&rl=&if=false&ts=1732270722383&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732270722369.80803063338621373&ler=empty&cdl=API_unavailable&it=1732270722029&coo=false&rqm=GET
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=41, rtx=0, c=23, mss=1232, tbw=4511, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 22 Nov 2024 10:18:42 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=696568454479977&ev=PageView&dl=https%3A%2F%2Fwww.allprivateinvestigations.com%2F&rl=&if=false&ts=1732270722383&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732270722369.80803063338621373&ler=empty&cdl=API_unavailable&it=1732270722029&coo=false&rqm=FGET
Requested by
Host: www.allprivateinvestigations.com
URL: https://www.allprivateinvestigations.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7440046099562100275"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 22 Nov 2024 10:18:42 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
1jNtOfgPULxqOtHMIGwvEzoZlfhkyxmHVVtUyd1XAGoyNNWQxrr6MEC1fRhmvQn8dfwTRzG6UASXCw6MFre7zQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7440046099562100275", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=4879, tp=13, tpl=0, uplat=155, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
www.allprivateinvestigations.com
callconversions.mad.services/callTracking/numbers/ 		354 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/callTracking/numbers/www.allprivateinvestigations.com
Requested by
Host: callconversions.mad.services
URL: https://callconversions.mad.services/js/m360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
3b312cbe35bd4b245f6bfdbc54d94d5150da14765c80d06525d9fc4a9c37afab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.allprivateinvestigations.com/

Response headers

access-control-expose-headers
sessionId
etag
W/"162-kh/DnOs6O2BVx+6XFKt49Gv/MO4"
x-content-type-options
nosniff
date
Fri, 22 Nov 2024 10:18:43 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0
x-dns-prefetch-control
off
x-envoy-upstream-service-time
57
x-download-options
noopen
access-control-allow-origin
*
content-length
354
x-xss-protection
1; mode=block
server
istio-envoy
www.allprivateinvestigations.com
callconversions.mad.services/callTracking/numbers/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/callTracking/numbers/www.allprivateinvestigations.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.allprivateinvestigations.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
sessionId,Content-Type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
sessionId
date
Fri, 22 Nov 2024 10:18:43 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
x-powered-by
Express
cropped-fav32-32x32.png
www.allprivateinvestigations.com/wp-content/uploads/2015/03/ 		976 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.allprivateinvestigations.com/wp-content/uploads/2015/03/cropped-fav32-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
173.249.147.141 , United States, ASN40819 (VPSDATACENTER, US),
Reverse DNS
cloudhost-2840114.us-west-1.nxcli.net
Software
nginx /
Resource Hash
812b4869bdd86fb7d4d4e718299b8621c8e26127f49a61cd297c0208b0b1fec1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.allprivateinvestigations.com/

Response headers

x-cache-nxaccel
MISS
etag
"3d0-5c0a6922b66ba"
accept-ranges
bytes
content-length
976
date
Fri, 22 Nov 2024 10:18:43 GMT
content-type
image/png
last-modified
Fri, 23 Apr 2021 16:48:52 GMT
server
nginx
h
callconversions.mad.services/ 		42 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/h
Requested by
Host: callconversions.mad.services
URL: https://callconversions.mad.services/js/m360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
b309462d3abed16712fd5a49b7a284222c496bee435455cecbac4bd209b1d1e9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.allprivateinvestigations.com/

Response headers

access-control-expose-headers
sessionId
etag
W/"2a-2ussw4yWprtcvvtSOZ0pa5zz8xw"
x-content-type-options
nosniff
date
Fri, 22 Nov 2024 10:18:43 GMT
content-type
application/json; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0
x-dns-prefetch-control
off
x-envoy-upstream-service-time
1
x-download-options
noopen
access-control-allow-origin
*
content-length
42
x-xss-protection
1; mode=block
server
istio-envoy
h
callconversions.mad.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.allprivateinvestigations.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
sessionId,Content-Type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
sessionId
date
Fri, 22 Nov 2024 10:18:43 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
x-powered-by
Express
t
callconversions.mad.services/ 		0
78 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/t
Requested by
Host: callconversions.mad.services
URL: https://callconversions.mad.services/js/m360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://www.allprivateinvestigations.com/

Response headers

access-control-expose-headers
sessionId
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-content-type-options
nosniff
date
Fri, 22 Nov 2024 10:18:43 GMT
content-type
text/html; charset=utf-8
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains
cache-control
max-age=0
x-dns-prefetch-control
off
x-envoy-upstream-service-time
2
x-download-options
noopen
access-control-allow-origin
*
content-length
0
x-xss-protection
1; mode=block
server
istio-envoy
t
callconversions.mad.services/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://callconversions.mad.services/t
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.80.240.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-240-223.compute-1.amazonaws.com
Software
istio-envoy / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.allprivateinvestigations.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
sessionId,Content-Type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-expose-headers
sessionId
date
Fri, 22 Nov 2024 10:18:43 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
185.16.40.238
URL
https://185.16.40.238/ajax/?r1=https://www.allprivateinvestigations.com/?r2=23c307a1c149f9d8f4fc1a7cf43eba49

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _wpemojiSettings function| jQuery function| EvEmitter function| imagesLoaded object| m360dc object| dataLayer object| img object| twemoji object| wp function| readCookie function| getUtmSource function| getURLBuilderData function| subdomainDetector function| delCookie function| setCookie function| Waypoint string| wpAjaxUrl string| flBuilderUrl object| FLBuilderLayoutConfig object| FLBuilderLayout function| FLBuilderVideo function| FLBuilderMenu object| FLThemeBuilderHeaderLayout object| themeopts object| FLTheme string| waypointContextKey object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_f9e77b0959 object| uetq function| jspbGetTypeName function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| google_wcc_status object| m360 object| urlVars object| replace_numbers

10 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: RBFejWIg3mI
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bWTB4Qy9Mcs
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgMQ%3D%3D
.allprivateinvestigations.com/ Name: _gcl_au
Value: 1.1.1375161840.1732270721
.allprivateinvestigations.com/ Name: _ga
Value: GA1.2.2076358360.1732270722
.allprivateinvestigations.com/ Name: _gid
Value: GA1.2.227577448.1732270722
.allprivateinvestigations.com/ Name: _dc_gtm_UA-61112310-1
Value: 1
.allprivateinvestigations.com/ Name: _ga_LNGVGZ0779
Value: GS1.2.1732270722.1.0.1732270722.0.0.0
.allprivateinvestigations.com/ Name: _fbp
Value: fb.1.1732270722369.80803063338621373
www.allprivateinvestigations.com/ Name: m360
Value: %7B%22program%22:%7B%22canOverride%22:false,%22useAsDefault%22:true,%22name%22:%22other%22%7D,%22firstLandingUrl%22:%22https://www.allprivateinvestigations.com/%22,%22tid%22:%22DYwnT-V3Nvm-xjSbA-V6brl%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0d73722e00.nxcli.net
185.16.40.238
allprivateinvestigation.com
allprivateinvestigations.com
bat.bing.com
bat.bing.net
callconversions.mad.services
cdnjs.cloudflare.com
connect.facebook.net
conversions.marketing360.com
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
stats.g.doubleclick.net
www.allprivateinvestigations.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
185.16.40.238
104.17.25.14
142.250.186.162
15.197.225.128
157.240.253.1
157.240.253.35
172.217.18.3
172.217.18.4
173.249.147.141
2001:4860:4802:34::36
216.58.206.35
216.58.206.40
216.58.206.67
2620:1ec:33:2::10
2620:1ec:c11::237
2a00:1450:4001:801::200e
2a00:1450:4001:812::200a
2a00:1450:4001:81c::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9d
54.80.240.223
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
06db4ef62a254c48b386b3cfab4de50859102299e50a2519420c17e35384ecc9
079eef21c59e1bea41930845dcbc8fa48042098c0b5c34941b2cbf79098e50db
088da8d7f9816513dfadb3157a29a61ba6b09678e2511951d4f45f933c2fde09
09696d0bf5be7a592450a862b5cced3e249f137004a7302fae4984a81ebc2f1d
0ce4aea20792ad59f713134a1e0b0b4c1a0ef1a511a92c91351bff20c05033f7
0d385b88e741be9567eac947e4bc0cb4f4962c41543cd51582bdc7f30fbd9f9f
0ee40fe8cdfe03c73fe54ffeb2f81debb65017d1e466136127ec927132b1f763
10f10045c99aaccac4aa93604c0a1c8a6eebd9a15d32778e67422a03d5be8737
137b9d15578a0cbd0c6ea14bdd7068ffad87fcecd6fd1cfb8c2249c8bace7a3f
1d0019ae88fe55b519ab123eee043742e5e676f0abe1ee40ad24c9a6156985b3
1e8dcaec98f99c2b1b43ff8b8655680b69bbf150470b20ecbdd1cb45570a0587
2916e86d7df32250c0d45cf511548bd75e60a0a97c400ffed27d5f0b2989c8a5
2acdfcf689cbfbdfcc374916b19a61ac6f807d3a83b7edd73ba7e25df3f63cc5
2c04e438b5c5b6c29c3fa3831a969f2e7134664af8df56abb1fd930dbfd389dd
2ed3fa8c76740090829d5d4566efb8eb76de9224e0c894f94e8b5fbf8efea8a9
33cfac7c9caf3d1a83191bfb216f59928c980ef4c6904f308eef058969462b01
35858cd2f5f754cc91c1850d402f1788d46f994dc6c8c8557a938a22bff1e42e
3b312cbe35bd4b245f6bfdbc54d94d5150da14765c80d06525d9fc4a9c37afab
416dfabb1ba6878336a0cc23a509cc20cd2203ba0c9e31de37bd64410d18cb8f
470795bed83aff909512a3db53e13a9198f8e95c4450902657e6468c1b7d04ac
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
49f204eb11dd2940cb55d01fbe8f8f2fef9167ff1cb6e22bcecde06c0078f630
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
60ec5eacd7c8d4630f1ba547d93a8cabf572f5e0d85614a9eb0a0b92aa168dfb
670f77f11cb4c747f5de1affa5b53687cf7a20d1eaf99b0ef5c9c60858aefa55
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d7c566c5bd64e282175894143dbc73c8bef0aeaa9673d1985aadf3c06ac6752
6d8f8fd6de0b42e3acc7b2f3005c599e9f54d21355c3d6850a5c13daca10d5ad
74429c368e67e52fc6883b58a550ea484e13bac0ef4ae0f8a8c6605ba0b404a5
812b4869bdd86fb7d4d4e718299b8621c8e26127f49a61cd297c0208b0b1fec1
8eaf7f057bfb90f60a49bd984cd64949290700c4056d211f48d89ae1ec2d7374
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9621571f515a7def9c6a634317c51239eaa07c508b4cd7f00a4b64a8bb45e502
9bd4f2a79171d0b54ce3ce978a292bda3a8d864382f7431c7463afa919178964
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
a1fec7acc9e28feaa2280cd08d30cab4cac8e9557fb8fb35ab6ffcd1e28fade8
a481d520c7cd20143f2abf8c6d9b88132f344accb5851ef1dbba5a1766c963b2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aabc88a6db8b22022f96ca88e4f0a7be426abef2b35169a71515a2d55246402a
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b309462d3abed16712fd5a49b7a284222c496bee435455cecbac4bd209b1d1e9
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd89bb34088eb7a962d1fbe220796e541b74cef1397c102e93f5a768b1559fc5
c28c108165c475d3a977f8388497f6e9537996641a317e675283da615a569300
c32b9b3743a0dcc56e86c80965dca65a2634522d5099ef088720ca86b9823999
c97d9a1a0788c5ffe700f7966123fcc7d5ba815390789029ceb16bd33316f461
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4dcf8c9c678f916a74a96fda187ade1cea68f2914c8bda833405ca78a593f7
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
dcaa7c697daec963c86b1a168025c5269e15852ae7d4b5d76b167514fddfa270
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
decc88c9ebc2ca06b17d67f7c0b2c564bdf6678cc1dea9f0483a7ba5de0a850f
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94d720449fd37c54620434749e46867be54d0ad27998a57dfe7e028c6dfd0aa
eceeb65b6540ae42f64fe27cf9f7579437b761b25919643553003640f1c06efe
f37d0869a0f0387f19325b1107f3bc6a72455250b29b13415acba8280639c9e9
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869