urlscan.io logo urlscan.io
SecurityTrails logo

globalinvestigationsreview.com Open in urlscan Pro
2606:4700::6812:1a78  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Effective URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Submission: On July 13 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 6 domains to perform 25 HTTP transactions. The main IP is 2606:4700::6812:1a78, located in United States and belongs to CLOUDFLARENET, US. The main domain is globalinvestigationsreview.com. The Cisco Umbrella rank of the primary domain is 467170.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 22nd 2022. Valid for: a year.
This is the only time globalinvestigationsreview.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 130.211.29.114 15169 (GOOGLE)
3 35.241.15.240 15169 (GOOGLE)
25 7
10    2606:4700::6812:1a78 (United States)

ASN13335 (CLOUDFLARENET, US)
globalinvestigationsreview.com
6    2606:4700:4400::6812:26f3 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
1    2606:4700::6812:1dce (United States)

ASN13335 (CLOUDFLARENET, US)
files.lbr.cloud
2    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    130.211.29.114 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 114.29.211.130.bc.googleusercontent.com
cdn.perfdrive.com
3    35.241.15.240 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 240.15.241.35.bc.googleusercontent.com
cas.avalon.perfdrive.com
Apex Domain
Subdomains		 Transfer
10 globalinvestigationsreview.com
globalinvestigationsreview.com — Cisco Umbrella Rank: 467170
386 KB
6 cookiepro.com
cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 7511
109 KB
4 perfdrive.com
cdn.perfdrive.com — Cisco Umbrella Rank: 18957
cas.avalon.perfdrive.com — Cisco Umbrella Rank: 7501
14 KB
3 gstatic.com
fonts.gstatic.com
79 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
2 KB
1 lbr.cloud
files.lbr.cloud — Cisco Umbrella Rank: 791338
52 KB
25 6
Domain Requested by
10 globalinvestigationsreview.com 1 redirects globalinvestigationsreview.com
6 cookie-cdn.cookiepro.com globalinvestigationsreview.com
cookie-cdn.cookiepro.com
3 cas.avalon.perfdrive.com cdn.perfdrive.com
3 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com globalinvestigationsreview.com
1 cdn.perfdrive.com globalinvestigationsreview.com
1 files.lbr.cloud globalinvestigationsreview.com
25 7
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-22		 a year crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2022-04-19 -
2023-04-19		 a year crt.sh
lbr.cloud
Cloudflare Inc ECC CA-3		 2021-10-22 -
2022-10-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-31 -
2022-09-26		 a year crt.sh
cas.avalon.perfdrive.com
Go Daddy Secure Certificate Authority - G2		 2021-08-04 -
2022-08-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Frame ID: 883649B8B48A46D7151CAFA37E300C1A
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Guide to Sanctions - Global Investigations ReviewBack ButtonFilter Button

Page URL History Show full URLs

  1. http://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition HTTP 301
    https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • otSDKStub\.js

Page Statistics

25
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

7
IPs

2
Countries

641 kB
Transfer

2196 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition HTTP 301
    https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request third-edition
globalinvestigationsreview.com/guide/the-guide-sanctions/
Redirect Chain
  • http://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
  • https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
86 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4dfa76cf7140042a73ed88924b87efbb7338c8c862b06ae2b9326bf739db75f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
729f4db54e869229-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 13 Jul 2022 04:33:58 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
729f4db4f8e992b9-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Wed, 13 Jul 2022 04:33:58 GMT
Expires
Wed, 13 Jul 2022 05:33:58 GMT
Location
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
gir.css
globalinvestigationsreview.com/styles/ 		569 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://globalinvestigationsreview.com/styles/gir.css?id=60427232ec09263c91d1
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa330113444a92e3e361991e0007d0e07f62aaf10bd31859865c3289a4ad4492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Jul 2022 09:27:56 GMT
server
cloudflare
etag
W/"8e5cd-5e347d13a5f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
public, max-age=14400
cf-ray
729f4db6cfb79229-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 08:33:58 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:58 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
4m3LBpuQ5au3un+sbdTm6g==
age
7470
x-ms-lease-status
unlocked
last-modified
Wed, 06 Jul 2022 01:34:28 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
75191d53-401e-0095-3b32-95d0f8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4db6ffd4bb83-FRA
expires
Wed, 13 Jul 2022 08:33:58 GMT
api.js
globalinvestigationsreview.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://globalinvestigationsreview.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=604800, public
cf-ray
729f4db788559229-FRA
gir-logo.svg
globalinvestigationsreview.com/images/logos/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalinvestigationsreview.com/images/logos/gir-logo.svg
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35091b82c3d5d39d3bcbc1b221771501ac039fd4342221225cc18f87e5af7a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 25 Apr 2022 09:16:02 GMT
server
cloudflare
etag
W/"23fb-5dd770669d880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
729f4db818c99229-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 08:33:59 GMT
gir-mobile-logo.svg
globalinvestigationsreview.com/images/logos/ 		2 KB
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalinvestigationsreview.com/images/logos/gir-mobile-logo.svg
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63dd46fdb8fd2d5bd36adccda8ff15af51eb4422ed486ae89e8f5494d4ee6be9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Mon, 25 Apr 2022 09:16:02 GMT
server
cloudflare
etag
W/"687-5dd770669d880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
729f4db828d79229-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 08:33:59 GMT
gir-mobile-logo.png
globalinvestigationsreview.com/images/logos/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalinvestigationsreview.com/images/logos/gir-mobile-logo.png
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e85da5538d2a61750c95b57203e747a882822f624b44d3b2d82a8412bd24c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
content-length
23558
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 09:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"5c06-5dd770669d880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729f4db828da9229-FRA
expires
Wed, 13 Jul 2022 08:33:59 GMT
guide_to_sanctions_3rd_edition-GIR-ptomo_image_686x970.jpg
files.lbr.cloud/public/2022-06/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.lbr.cloud/public/2022-06/guide_to_sanctions_3rd_edition-GIR-ptomo_image_686x970.jpg?VersionId=0Ezm_0D0QvjLJY6YuTB1LYlv.3ktq1Qd
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1dce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faa3f39553ced6fdd192166d118036d44ea980d6c05cc1de1c3de4234c9a5672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
cf-cache-status
HIT
x-amz-request-id
WV0MP6H77VJ6FB9X
x-amz-server-side-encryption
AES256
cf-ray
729f4db85f5d9bef-FRA
last-modified
Wed, 22 Jun 2022 10:12:50 GMT
content-length
52836
x-amz-id-2
FroWaUv1xrpTFMO5lPaGlkEtFSynw/MkzuETvaFslE1NV+ZEOgo5jiXndp5S48Rg05CNt+SYu/w=
cf-bgj
h2pri
server
cloudflare
etag
"9efb1abe7ef81b9f4a86df381b673e1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
0Ezm_0D0QvjLJY6YuTB1LYlv.3ktq1Qd
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/jpeg
expires
Wed, 13 Jul 2022 08:33:59 GMT
device-icons.png
globalinvestigationsreview.com/images/misc/ 		645 B
732 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://globalinvestigationsreview.com/images/misc/device-icons.png
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79654373699b9efcf7746e6cd3410b442e0d31efd4a17c5cb70323d0a3fce6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
content-length
645
x-xss-protection
1; mode=block
last-modified
Mon, 25 Apr 2022 09:16:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
"285-5dd770669d880"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
729f4db828dc9229-FRA
expires
Wed, 13 Jul 2022 08:33:59 GMT
gir.js
globalinvestigationsreview.com/scripts/ 		803 KB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://globalinvestigationsreview.com/scripts/gir.js?id=e651b1d0cdf666df9af7
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1f6345e1a951017bc622154c9156014edb6734f2572c9fce61e0129e4da154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:33:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Fri, 08 Jul 2022 09:27:56 GMT
server
cloudflare
etag
W/"c8c92-5e347d13a5f00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
729f4db71fe59229-FRA
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Wed, 13 Jul 2022 08:33:58 GMT
css
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/styles/gir.css?id=60427232ec09263c91d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
66283f21993d835944b48a06e4a6345e64969dc42463faba348d2f30e200c082
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 04:31:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 04:33:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 04:33:59 GMT
css
fonts.googleapis.com/ 		5 KB
731 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700&display=swap
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/styles/gir.css?id=60427232ec09263c91d1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3a8c68fc98f7bef1d4024f08f9db74cc67848ae8849f65e107a21156bf8f66c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 13 Jul 2022 04:33:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 13 Jul 2022 04:33:59 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 13 Jul 2022 04:33:59 GMT
5314b52f-a450-4e79-8733-d0a742dcd648.json
cookie-cdn.cookiepro.com/consent/5314b52f-a450-4e79-8733-d0a742dcd648/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/5314b52f-a450-4e79-8733-d0a742dcd648/5314b52f-a450-4e79-8733-d0a742dcd648.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e303f3e76a51d83c33865cf332c3eb0c852d2c0760943707e5c9fdc08004706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
OynPW8D/1M8qhqF+v8sbdQ==
age
5166
x-ms-lease-status
unlocked
last-modified
Thu, 11 Feb 2021 12:23:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c67065e1-e01e-009c-309e-f2952b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4db83e0fbbd1-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalinvestigationsreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:09:19 GMT
x-content-type-options
nosniff
age
109480
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:09:19 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalinvestigationsreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 15:04:56 GMT
x-content-type-options
nosniff
age
134943
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17116
x-xss-protection
0
last-modified
Mon, 09 May 2022 18:31:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 15:04:56 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v25/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,600,600i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://globalinvestigationsreview.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 11 Jul 2022 22:24:12 GMT
x-content-type-options
nosniff
age
108587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31760
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:54:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 11 Jul 2023 22:24:12 GMT
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 		366 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
4299
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:32:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bd2d90ee-801e-007e-36c0-11a80a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4db86987bb83-FRA
expires
Wed, 13 Jul 2022 08:33:59 GMT
aperture.js
cdn.perfdrive.com/aperture/ 		44 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.perfdrive.com/aperture/aperture.js
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.29.114 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
114.29.211.130.bc.googleusercontent.com
Software
nginx/1.10.1 /
Resource Hash
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 04:19:51 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 12:20:28 GMT
server
nginx/1.10.1
age
848
etag
W/"62c8210c-ae3a"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13453
via
1.1 google
en.json
cookie-cdn.cookiepro.com/consent/5314b52f-a450-4e79-8733-d0a742dcd648/43de76d3-2947-46ea-be10-59e08ffffb30/ 		30 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/5314b52f-a450-4e79-8733-d0a742dcd648/43de76d3-2947-46ea-be10-59e08ffffb30/en.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88eed986f76fba814f5c7dd347596d65772819a409407d2d7eaed0107a3756b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
Qz3zgMlAr8tRXsTlUsocRA==
age
5165
x-ms-lease-status
unlocked
last-modified
Thu, 11 Feb 2021 12:23:47 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
445a18e4-801e-006e-0d9e-f26d62000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4db9af81bbd1-FRA
jsdata
cas.avalon.perfdrive.com/ 		211 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
9fb5106b10d87dbfb4e3a48f6c50f623c275ed24fa5de7b6c4172a326bf2b074

Request headers

Referer
https://globalinvestigationsreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
0ms
date
Wed, 13 Jul 2022 04:33:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
8aa11f7c17d21bbe3f51a3a9d4239baff10ef45493e54793de98c290685f60cb

Request headers

Referer
https://globalinvestigationsreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
1ms
date
Wed, 13 Jul 2022 04:33:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
jsdata
cas.avalon.perfdrive.com/ 		211 B
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cas.avalon.perfdrive.com/jsdata?
Requested by
Host: cdn.perfdrive.com
URL: https://cdn.perfdrive.com/aperture/aperture.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.15.240 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
240.15.241.35.bc.googleusercontent.com
Software
/
Resource Hash
c0a803371e8e41c5fc2f85d589aa3c96ad290b8ef325e95c9bcfd7dfebdc0d9f

Request headers

Referer
https://globalinvestigationsreview.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
x-response-time
10ms
date
Wed, 13 Jul 2022 04:33:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
content-type
text/plain; charset=UTF-8
result
globalinvestigationsreview.com/cdn-cgi/bm/cv/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://globalinvestigationsreview.com/cdn-cgi/bm/cv/result?req_id=729f4db54e869229
Requested by
Host: globalinvestigationsreview.com
URL: https://globalinvestigationsreview.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1a78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://globalinvestigationsreview.com/guide/the-guide-sanctions/third-edition
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jul 2022 04:33:59 GMT
server
cloudflare
cf-ray
729f4dba8ada9229-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
/ODZFpGAnQ0xgLGN+/xOCg==
age
5165
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
0269ca7f-901e-0062-7532-7afa6a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4dba984ebbd1-FRA
expires
Wed, 13 Jul 2022 08:33:59 GMT
otPcTab.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/ 		45 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/otPcTab.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://globalinvestigationsreview.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 13 Jul 2022 04:33:59 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
tOIVP7aQMx8KuQM3FUQnFw==
age
5165
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a3cbeae8-f01e-0064-2d08-7bc9d5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
729f4dba984fbbd1-FRA
expires
Wed, 13 Jul 2022 08:33:59 GMT

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| OneTrustStub function| OptanonWrapper object| a0_0x433e function| a0_0x3d7e string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| vueMixins string| baseUrl object| webpackChunk object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ function| vueRecaptchaApiLoaded function| _ function| Popper function| jQuery function| $ function| axios function| Vue object| SSJSConnectorObj object| __CF$cv$params object| ssTimeLogs object| BrowserStyle string| j function| ssJSActionTaker function| ssJSConnWriteCookies number| __sstemp object| ssEventCollectorFunctions string| eventName object| Optanon object| OneTrust

10 Cookies

Domain/Path Name / Value
globalinvestigationsreview.com/ Name: globalinvestigationsreviewcom_session
Value: eyJpdiI6Imx6QVNId0MyQ0NWMzRmdUFReTlRRVE9PSIsInZhbHVlIjoieFl4aFFidGpDLzMvZDhnUlBJbUxzd1JPNGJVTFp5UC9PM3hnS1pBK2RsdWF5TmxveVYzRGV3dmUxaW9MejBzUklsWVRFdGRxbXZDQnVjdG1BQWJVWXZJQjFSM3VDNFJKUCtMR1M5TXpNcjd1THFSNVluOFdpWnhlZVI1aVlNc1AiLCJtYWMiOiI0MmNiZGZhMzU3MzNiZDZkMjllZDA0NjE0NGM3YTlkNjEwOWU2YjY1ODIyNTMwMWRkYmI3ZjdhZjY0ZDE5YzExIiwidGFnIjoiIn0%3D
.lbr.cloud/ Name: __cf_bm
Value: B4ResPRPRkGjvWsFMPscxWoQAVa5ecrn.UxQtn16V9c-1657686839-0-AS4MeADb1xnQqSrTDuvG81V2RhsjeH6gsAO86QsHhEIYzuL4nC/IxtncRej7hgDoVP31PJjR1PlwGK2R9GkMbq8=
.globalinvestigationsreview.com/ Name: __ssds
Value: 2
.globalinvestigationsreview.com/ Name: __ssuzjsr2
Value: a9be0cd8e
.globalinvestigationsreview.com/ Name: __uzmaj2
Value: afb39643-abe1-4736-ba04-42407fbe5ff8
.globalinvestigationsreview.com/ Name: __uzmbj2
Value: 1657686839
.globalinvestigationsreview.com/ Name: __uzmcj2
Value: 319001032626
.globalinvestigationsreview.com/ Name: __uzmdj2
Value: 1657686839
.globalinvestigationsreview.com/ Name: __cf_bm
Value: Han76jNc4Cof2dqQJeCM8ilQNtX4UblOOlIR0MllW80-1657686839-0-AewwWfjsZLhNUZoQclQZEah6WtkMe6sPp5p0kN+1mmVvnrYEC+p8XzkBsZ3xTuRk2fYDC8WQTOgvy7c8pfnklBqy1sL80LxnBUn/nBZFZfibj6JhYy4F7LP+cZVr4vsgNfBAsokWFTg5LqKRmhE/jvzX+9h0z0EQEFrkUuPLJfcR
.globalinvestigationsreview.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Jul+13+2022+04%3A33%3A59+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=9a14c999-3e17-40bc-a6a9-9947ae5b6cd0&interactionCount=0&landingPath=https%3A%2F%2Fglobalinvestigationsreview.com%2Fguide%2Fthe-guide-sanctions%2Fthird-edition&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cas.avalon.perfdrive.com
cdn.perfdrive.com
cookie-cdn.cookiepro.com
files.lbr.cloud
fonts.googleapis.com
fonts.gstatic.com
globalinvestigationsreview.com
130.211.29.114
2606:4700:4400::6812:26f3
2606:4700::6812:1a78
2606:4700::6812:1dce
2a00:1450:4001:811::200a
2a00:1450:4001:812::2003
35.241.15.240
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
1ef89c6057c63e1fd2bda3054817b95cb244d353dc1dafd2736e0ad49ca97924
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
5e85da5538d2a61750c95b57203e747a882822f624b44d3b2d82a8412bd24c70
63dd46fdb8fd2d5bd36adccda8ff15af51eb4422ed486ae89e8f5494d4ee6be9
66283f21993d835944b48a06e4a6345e64969dc42463faba348d2f30e200c082
7aaad78d13ba343554d09043d46b9f563fb3c06d4789f7faf5e45a7247458894
7e303f3e76a51d83c33865cf332c3eb0c852d2c0760943707e5c9fdc08004706
88eed986f76fba814f5c7dd347596d65772819a409407d2d7eaed0107a3756b3
8aa11f7c17d21bbe3f51a3a9d4239baff10ef45493e54793de98c290685f60cb
9fb5106b10d87dbfb4e3a48f6c50f623c275ed24fa5de7b6c4172a326bf2b074
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
c0a803371e8e41c5fc2f85d589aa3c96ad290b8ef325e95c9bcfd7dfebdc0d9f
cc1f6345e1a951017bc622154c9156014edb6734f2572c9fce61e0129e4da154
d35091b82c3d5d39d3bcbc1b221771501ac039fd4342221225cc18f87e5af7a5
d4dfa76cf7140042a73ed88924b87efbb7338c8c862b06ae2b9326bf739db75f
d79654373699b9efcf7746e6cd3410b442e0d31efd4a17c5cb70323d0a3fce6a
e3a8c68fc98f7bef1d4024f08f9db74cc67848ae8849f65e107a21156bf8f66c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fa330113444a92e3e361991e0007d0e07f62aaf10bd31859865c3289a4ad4492
faa3f39553ced6fdd192166d118036d44ea980d6c05cc1de1c3de4234c9a5672