urlscan.io logo urlscan.io
SecurityTrails logo

www.theinvestigative.com Open in urlscan Pro
2606:4700:3037::ac43:bc03  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.theinvestigative.com/
Effective URL: https://www.theinvestigative.com/
Submission Tags: falconsandbox
Submission: On February 07 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 16 domains to perform 77 HTTP transactions. The main IP is 2606:4700:3037::ac43:bc03, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.theinvestigative.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 9th 2020. Valid for: a year.
This is the only time www.theinvestigative.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

39    2606:4700:3037::ac43:bc03 (United States)

ASN13335 (CLOUDFLARENET, US)
www.theinvestigative.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
googleads.g.doubleclick.net
2    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    139.45.195.38 (Ascension Island)

ASN9002 (RETN-AS, GB)
tharbadir.com
1    143.204.95.142 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-142.fra50.r.cloudfront.net
z-na.amazon-adsystem.com
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
3    2a03:2880:f045:10:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
10    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f145:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
partner.googleadservices.com
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
1    52.46.145.164 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
1    52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
2    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
39 www.theinvestigative.com 1 redirects www.theinvestigative.com
10 fonts.gstatic.com fonts.googleapis.com
4 pagead2.googlesyndication.com www.theinvestigative.com
pagead2.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net www.theinvestigative.com
connect.facebook.net
3 www.googletagmanager.com www.theinvestigative.com
www.googletagmanager.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.facebook.com www.theinvestigative.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 fls-na.amazon-adsystem.com www.theinvestigative.com
1 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 cdn.onesignal.com www.theinvestigative.com
1 z-na.amazon-adsystem.com www.theinvestigative.com
1 tharbadir.com www.theinvestigative.com
1 fonts.googleapis.com www.theinvestigative.com
77 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-09 -
2021-08-09		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
tharbadir.com
R3		 2020-12-28 -
2021-03-28		 3 months crt.sh
z-na.amazon-adsystem.com
Amazon		 2020-12-12 -
2022-01-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.googleadservices.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
fls-na.amazon-adsystem.com
Amazon		 2020-12-11 -
2021-11-25		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-01-19 -
2021-04-13		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.theinvestigative.com/
Frame ID: 669738AD1AF7EEE64EA0FC90D276CDAC
Requests: 75 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Frame ID: 4EDA2C2D593007763BD3BE53A0EC2C0D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8724753500373215&output=html&adk=1812271804&adf=3025194257&lmt=1612661371&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theinvestigative.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612661370934&bpp=12&bdt=1237&idt=151&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5699801509540&frm=20&pv=2&ga_vid=1407100208.1612661371&ga_sid=1612661371&ga_hid=1594856275&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893&oid=3&pvsid=2997673143514364&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=167
Frame ID: 2E384921AC4D5C1F3E3CCD09C30D6F35
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 9D7577506F45CB9D374E5B72C29E65C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.theinvestigative.com/ HTTP 301
    https://www.theinvestigative.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

77
Requests

100 %
HTTPS

72 %
IPv6

16
Domains

19
Subdomains

19
IPs

4
Countries

1101 kB
Transfer

3339 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.theinvestigative.com/ HTTP 301
    https://www.theinvestigative.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.theinvestigative.com/
Redirect Chain
  • http://www.theinvestigative.com/
  • https://www.theinvestigative.com/
85 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2523a0aa1d159655c0f03a145a2a788d385225c3817605c482c232181fb21ba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.theinvestigative.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:29 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1d906507dfccef1ad98eaa9bf325accc1612661369; expires=Tue, 09-Mar-21 01:29:29 GMT; path=/; domain=.theinvestigative.com; HttpOnly; SameSite=Lax; Secure cookielawinfo-checkbox-necessary=yes; expires=Sun, 07-Feb-2021 02:29:29 GMT; Max-Age=3600; path=/
link
<https://www.theinvestigative.com/wp-json/>; rel="https://api.w.org/" <https://www.theinvestigative.com/>; rel=shortlink
vary
Accept-Encoding, Cookie
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-dns-prefetch-control
on
cf-cache-status
DYNAMIC
cf-request-id
081bb4c0df000097f0468fd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=28bVCauDY1MAr9ADOEAUFgzcuJxK9imSzFUnkiSVbAN6lGQ1DC8UCxWI8s6bkD1RQYQFq7fz9P4IdQ9HesNwaoteAXcc6JXCwVFRtE0tb%2FjLe%2FtLPkmwYIYmNNsEkmqGQkbmE1I%3D"}],"group":"cf-nel","max_age":604800}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
61d957149cff97f0-FRA
content-encoding
br

Redirect headers

Date
Sun, 07 Feb 2021 01:29:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Sun, 07 Feb 2021 02:29:29 GMT
Location
https://www.theinvestigative.com/
cf-request-id
081bb4c0bc000063cb9aa38000000001
Report-To
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zX8gLLzwmWahL%2B9fc16lyN%2B7OzrotibTfGtfIf6Yumz5yoq84DaB51diA253A8fWZFjLRFxAiuq4Kp0Z01tGrEVI6M6ngE6HiGfHtxSmPl%2F8Us5zKEaOQRU9gRRO3JNGfwTRpxE%3D"}]}
NEL
{"max_age":604800,"report_to":"cf-nel"}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
61d957146c6d63cb-FRA
style.min.css
www.theinvestigative.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c369000097f05b149000000001
pragma
public
last-modified
Thu, 11 Jun 2020 04:03:59 GMT
server
cloudflare
etag
W/"5ee1ad2f-a055"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LXvKZDie7DXKOQmoKok3dg6a5UXkbEhnEnnaJxkinTIa4VpE2XpaY9r%2FL55bkcrwM10IMwgpGYP6lYqwm9H6SiD9s5G8CzbaebM08MxIkP9pW55Ua81Jwptg711LnOSDLI15XPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad8c97f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
styles.css
www.theinvestigative.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
861 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c369000097f048018000000001
pragma
public
last-modified
Sun, 01 Dec 2019 13:10:16 GMT
server
cloudflare
etag
W/"5de3bbb8-66d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VZFxROTjF50lw3d0YMKyNwVXqVvyT27qXHFK4Q7lHu6%2B3PnUGW%2BphltwnAV0HvLFKvWZCUSbQDoLbLlyMeowh3xfnPEnDfxYgIMlb8j8Y1rkn7QIK8fOaIolgwGczfsByOYA4GM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad8d97f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
cookie-law-info-public.css
www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=1.8.3
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81e82457fb12ef9a7b3981eceba4363763a703fd04bbe4da183903fd74e2cbcd

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36a000097f0852ee000000001
pragma
public
last-modified
Sat, 15 Feb 2020 05:51:49 GMT
server
cloudflare
etag
W/"5e4786f5-b26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j%2BTYWCRuG22oQHQKo16NsbQ95IMyuH2eBfxUvSc9T1anv3DgFjo1Pp6lp17cqcl8SSsdsMUtaBQxSa7gOsPlW%2Fn68h5hjRdxzAQSgmkoXW4yOTydfG1QGoPbcc8tOUEFDmGlzHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad8e97f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
cookie-law-info-gdpr.css
www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=1.8.3
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1423f118a35dc9c99fff8faa25d7dc1872bf55c5e4d3298b28ee0fc361a4ca5d

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36a000097f052b23000000001
pragma
public
last-modified
Sat, 15 Feb 2020 05:51:49 GMT
server
cloudflare
etag
W/"5e4786f5-5c8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UJS6PxpTlAfwpf%2FaIBOVQiyRUvJa86pbQi8K%2FaVUca955MeCUvwjXfgJq4n6BwKDsD3GfSSuFY3JJqX%2B20EEr2Kywk%2BwnXLvRZMdN7HoGUil7m7RJL%2BwjayYE9YhhIXW7lNldJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad8f97f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
style.css
www.theinvestigative.com/wp-content/plugins/td-composer/td-multi-purpose/ 		68 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=3593e6198288cd1f8b28dc83dd3b8ada
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a401dd1f8f3b5bff72001acbea5a05514a850f6fa18cd569dc53efdc5fc70194

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36a000097f07d0cf000000001
pragma
public
last-modified
Wed, 27 Jun 2018 14:16:48 GMT
server
cloudflare
etag
W/"5b339c50-10ff5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Rx0bEJsRnU%2Bqr%2BNsUIOjSySHijTv6FVXGp2R0uuWhvCVvUlN1Jexz8SUEzp7JGwx3THLX9Bl1%2BhNPypHClxBIV0IALq4wwwM44dhubBuluqsTC7xUv8dpmYmv1pmDOL263u5ygE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad9097f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
css
fonts.googleapis.com/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cf4d3b7b6736d9b3b8dfa99fe837c6275125e26fa1b5ba8054ade550478ede15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 01:23:18 GMT
server
ESF
date
Sun, 07 Feb 2021 01:29:29 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 07 Feb 2021 01:29:29 GMT
style.css
www.theinvestigative.com/wp-content/themes/Newspaper/ 		1 MB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/themes/Newspaper/style.css?ver=8.8.2
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d027a4473a652d92475214ba103121514c288e76ccb01e122a6c2989d67f76e9

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36a000097f06336f000000001
pragma
public
last-modified
Wed, 27 Jun 2018 14:19:24 GMT
server
cloudflare
etag
W/"5b339cec-119d94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CfToWXQLOrUUQpf9sMiUF2Zxa0ku9DRFtCgKVTkHq%2BUxvkntuvGzlqp2gMHmGgec1Ezu3O0uixye1iPD3RIOQ6kePwDey%2F8wUTapMbgBjiE9i4LkdYKKUh6df7Lz7eDxD0xSKZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
61d95718ad9297f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
jquery.js
www.theinvestigative.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36b000097f07a868000000001
pragma
public
last-modified
Fri, 28 Jun 2019 04:37:39 GMT
server
cloudflare
etag
W/"5d159993-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=khwt33Jy9nc7WGAD%2FaCv6oJK6FCDVODIFMBnfJ3hlo9ZuUcCWCBw63t6nlC9W2h5aE3BYjMhbUwB0wviRFXtpfzIY5bqRkD2jgx7JOGkr3opkk4cOH7q43aRBYNY6pQhMiyNJ9M%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d95718ad9397f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
jquery-migrate.min.js
www.theinvestigative.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36b000097f046905000000001
pragma
public
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
cloudflare
etag
W/"573eaa90-2748"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dHZiGCwu0l%2BaoyKP9uOfXdvOnCIdsHAaahQLx8t4R4YnvmHXUN0HN9LPl7Oa1G4ssdft51DbETuaox1STg9lHXIc12Hv%2Fyq2S1WAfHe3smWqkSPL0mfLJlUZa8mXBp46r1Zj67g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d95718ad9497f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
cookie-law-info-public.js
www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=1.8.3
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0dc5a104ad07a87dec3f36b5ff8eb24b974cf484e1d378fdf7d4578ea9f4b9d

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c36c000097f0852f0000000001
pragma
public
last-modified
Sat, 15 Feb 2020 05:51:49 GMT
server
cloudflare
etag
W/"5e4786f5-553f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jI%2BhdS53Dq5lnPOrbs88WxehodvYDfkcvACAK%2Bw%2B4hOWb2C07%2F9ZIUpxorejZznbooliPtwQCPovJkE8iLUl6IRlgJojKJjILxjUpkfLWFyQI6Kg%2FUU%2B5covhB8JsRMYqTbC2uM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d95718ad9597f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
47969
x-xss-protection
0
server
cafe
etag
13757351720466141251
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 07 Feb 2021 01:29:30 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-127528293-1
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
61725806f176bed2b6627e892a6d9f9679c408d1a1e64fae401ceea025cdf579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38964
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Feb 2021 01:29:30 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123015522-1
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
042e224b94e8cdd355edf74463b037665006271f6b054f09b75ea2c87bcd6824
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38962
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Feb 2021 01:29:30 GMT
2
tharbadir.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tharbadir.com/2?z=1972525
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
139.45.195.38 , Ascension Island, ASN9002 (RETN-AS, GB),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 01:29:30 GMT
X-Sc
4KdnrdofxFOHMlcU
Server
nginx
Access-Control-Allow-Methods
POST, GET, OPTIONS, PUT, DELETE
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Expose-Headers
X-Sc
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Content-Length
7
onejs
z-na.amazon-adsystem.com/widgets/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=040c33ee-7967-481b-9fb5-6f166564de54
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.142 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-142.fra50.r.cloudfront.net
Software
Server /
Resource Hash
841dc4c07cabba1bf0c80aeb2ec6dcec44eec44ae761f5e126f0da93d5483ba3

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
Public
date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
8078
via
1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
x-amz-cf-id
3b-XukHWZiQVDXQ0f-tNfaLfcOiLdkfUtqA4M_XnH5AlwY6-sk4lkg==
expires
Sun, 07 Feb 2021 01:34:31 GMT
whatmakescan-741x486.jpg
www.theinvestigative.com/wp-content/uploads/2020/04/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/04/whatmakescan-741x486.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc0b0b8149a3489c1a11caaf9b8e524d07a99135ab9bd4434b5db08e079451c1

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
68098
cf-request-id
081bb4c76f000097f04d8f5000000001
pragma
public
last-modified
Mon, 27 Apr 2020 07:17:24 GMT
server
cloudflare
etag
"5ea68704-10a02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1myW3bj4mN7cUpC17GtKMtDUB%2BfZck001JCDSc6yXUWKOmGW8To9nMGyxiCJiAvje1v7xhVZ%2FJNFWrjlHlqQRmAwoqliIXoKHVxtATJgmwK4u8MoaMrzj5gJI5SDQJgPSfgxyJ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e8b97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
OIPDDRMZLSO-324x160.jpg
www.theinvestigative.com/wp-content/uploads/2020/04/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/04/OIPDDRMZLSO-324x160.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33b8bad90f933a0a7fcc2774ada20175a6c04e84204dc6951d1bb54c5df77fac

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
16875
cf-request-id
081bb4c770000097f06b076000000001
pragma
public
last-modified
Thu, 23 Apr 2020 12:35:40 GMT
server
cloudflare
etag
"5ea18b9c-41eb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BANb47%2F3%2BRWdXeZS%2BxvoxaABPrRjbxIrS238yJF%2BYJJFOsWUZ%2Fr%2BEPs8oGGIpxDLAmFOaR4yplBdBR%2Bh7H8I0CNmU2q5mQGvxpSSqALNXZ26TSKwcIPXlrFHkPkuatv%2BYSKe3Co%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e8c97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
1_3RSC6rVlpzER2Ipb3fHrTg-324x160.jpg
www.theinvestigative.com/wp-content/uploads/2020/04/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/04/1_3RSC6rVlpzER2Ipb3fHrTg-324x160.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3400447d1d4c1f997acc11096ea0717028c71088e6fe80039b1f9a39293d00c1

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
14281
cf-request-id
081bb4c770000097f047164000000001
pragma
public
last-modified
Wed, 22 Apr 2020 00:56:03 GMT
server
cloudflare
etag
"5e9f9623-37c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8NmeNyx0YFK3JxM%2FqZ6wwmZYjO7DSHjTqa9Pl5T17nURDrk4uUnBBnC0L3tz6TNI6cZm5OIdN3gKuGk1kH%2FKcObiIyiwcD0yDylmdxD2ZON3tTx42MYb9E%2BQspr0882zf8e9%2FkI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e8d97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
coronavirus-academia-hollywood-dona-mdd_0_10_958_596-324x160.jpg
www.theinvestigative.com/wp-content/uploads/2020/04/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/04/coronavirus-academia-hollywood-dona-mdd_0_10_958_596-324x160.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
736857ac5fb539d901d79d08586483828f3196d2bc7bc03ac9f7b3eba33a9c76

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
17028
cf-request-id
081bb4c770000097f059316000000001
pragma
public
last-modified
Sat, 25 Apr 2020 13:26:03 GMT
server
cloudflare
etag
"5ea43a6b-4284"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MnTLjXnrBbtWUBgVsKXtJc2mhR8ve4TEZa3egIyb3toJWnSLac5TTJNXjxrirPfQf92ltpoRGoMMTty%2BiCujMjUc%2FdC1F2iWc0F3nyBD9AFgOecB6Q4%2FpUX6e8vqozMEPClEdkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e8e97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
1584093619670_Covid_19-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/04/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/04/1584093619670_Covid_19-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
018215207daa143abba52ba03992e97c1bcb811ffa930c4362215374f29f3f1c

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
8551
cf-request-id
081bb4c771000097f0652b1000000001
pragma
public
last-modified
Tue, 28 Apr 2020 05:20:33 GMT
server
cloudflare
etag
"5ea7bd21-2167"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hv4MIMhCno%2B3Q3XaSYmPdkL9R28OaZPdFegSXzYENNdNMWgaPY66Xm3Jg2zdMiCWM79lpxxCbIvlv1vOcrVaKFhweLRKVfOnG1YFFIdDGLKCz%2BndPUTRw0bE5KL9tRFu1kWCcHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e8f97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
chinese-army-restructured-modernised-world-class-military-president-xi-jinping-793725-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/03/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/chinese-army-restructured-modernised-world-class-military-president-xi-jinping-793725-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aba1a1f6ae24a3f2d5d8b40f4b62cc03728e3d714258176e0b66efe787b6585

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
13305
cf-request-id
081bb4c771000097f04a264000000001
pragma
public
last-modified
Sun, 22 Mar 2020 03:57:40 GMT
server
cloudflare
etag
"5e76e234-33f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YeRGk1bXKXVrpOde4j9FM8%2BCrf%2FIM0inb%2F7yPTaB2Vs1ircYu2WbnGObJkhMnm64QaRyyusxhfh0c%2BsMwxOLpV5T3V%2F%2BvP2DjN2NWwpuYfH7LmEa4cKPdbnckwKBC1p8mTQYdbU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9097f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
untitled-218x150.png
www.theinvestigative.com/wp-content/uploads/2020/03/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/untitled-218x150.png
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13cd4647fbff90bac4060471c13479ee97bfc9bad5ed2c99fdf1762a85abc8f

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
58510
cf-request-id
081bb4c771000097f06a91d000000001
pragma
public
last-modified
Fri, 20 Mar 2020 23:58:20 GMT
server
cloudflare
etag
"5e75589c-e48e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V85kTgpmWDxDrTyA0CgNRetr1b2ATG%2B1V4KQZ6xwoubQrGDW3SmV1AtDcLuCRKeUuM59FSilKRR9i8BxIO2RFqiKfvIQlLvc1q163Ks%2FwM4SRJVHaTlGIF6YDXbyz9zooXyYahU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9197f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
26026980-8116799-In_the_clip_the_influence_can_be_seen_licking_a_toilet_seat_in_a-m-58_1584365419871-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/03/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/26026980-8116799-In_the_clip_the_influence_can_be_seen_licking_a_toilet_seat_in_a-m-58_1584365419871-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d13598b90426ce27e2eeaa8f28351ace0755bc86e4f5741a3522b70a607ffab

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
7017
cf-request-id
081bb4c771000097f051865000000001
pragma
public
last-modified
Fri, 20 Mar 2020 01:35:25 GMT
server
cloudflare
etag
"5e741ddd-1b69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=okzYAaQVA3GeZ5xx46sF6284U4zA5jau37XzE51xrYf7v7dbxaIpm4TsgxFbGPFMOTqAacCIGyamSN5o9TjWvZbS97Yz164xk5hD3mlKiMbfAMivj99bEaoAwo4quPvnXUZLPGY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9297f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
p08121k8-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/03/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/p08121k8-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3d978e7e8c6da6bdee58df5ca9202057bd0469e4166630af40575a775520f9c

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
6528
cf-request-id
081bb4c772000097f073a97000000001
pragma
public
last-modified
Thu, 19 Mar 2020 06:54:47 GMT
server
cloudflare
etag
"5e731737-1980"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5CjCKqo%2FC4DGo1EB9CDdyZvuqUW8u%2BJdpGcQW4SCPeOcRZ6eKpczhfSpxTsVHnKjaLRDiIr02DBV0wBujNE8qdDjO%2BOaonL0vXxmuHeK6fyQ45p1B4K5eYhPgGnnAbgZMVFwfcw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9397f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
http___cdn.cnn_.com_cnnnext_dam_assets_200316111238-venice-italy-0315-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/03/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/http___cdn.cnn_.com_cnnnext_dam_assets_200316111238-venice-italy-0315-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3ffe4c04d07c3fff7d3c4b5f3788cbcb84c8463d8279ccf126dcba171b08cc5

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
8133
cf-request-id
081bb4c772000097f0743cd000000001
pragma
public
last-modified
Wed, 18 Mar 2020 04:42:04 GMT
server
cloudflare
etag
"5e71a69c-1fc5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fkBbs7T1HC4D%2FkzYLsqmaNqXL9oWVvYfPgxquj7lE7RZ%2F8hyGIruR3oU6XWHWuc9u8uN3cy7bCrnCQgYu%2BdyU%2FmU09fD4B683FtYQXndnAUDMfJn%2BrlxQcBa78ujQxmtLaacJ%2Bk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9497f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
Screenshot-185-218x150.png
www.theinvestigative.com/wp-content/uploads/2020/03/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/03/Screenshot-185-218x150.png
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc0ee11e54991d76c56748f9f25e59ba548253552f75e41a9701e9e522a23d67

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
43870
cf-request-id
081bb4c772000097f072804000000001
pragma
public
last-modified
Wed, 18 Mar 2020 01:42:46 GMT
server
cloudflare
etag
"5e717c96-ab5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ikbNVLR7ThFVYmyf9NVzgvJ4xuKmrv9%2BEpzu40Ttovqnx7iOoCzvvndBG20qZzdJIWJYKdEJSMXj0maFLXMXrUkvV5pWIDJOju%2Bo9%2FUQgsGeJTBP5f3lRJpuUw2z9Bxb2VDdSLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9597f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
skynews-coronavirus-china-virus_4898807-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/02/skynews-coronavirus-china-virus_4898807-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb895d1189b2e356655d8128f9ace01e55591576e72b1db2abcc7d0eb1e0f713

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
11002
cf-request-id
081bb4c773000097f05d096000000001
pragma
public
last-modified
Thu, 27 Feb 2020 11:36:14 GMT
server
cloudflare
etag
"5e57a9ae-2afa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rJd6qG3WzZA4gzYrIInH5TYwxOoEz4NYLVEmPg1OhFzpwrY0nRV6SdPs6dO2Cy%2FoBQvTddUhj67xM04PaqiyAm8Y2loPg5w1MPx6GvdVEdpgTSTqoD3w4%2FBQD4KQmJ1nRq33D2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9697f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
2020-02-22_9-52-56-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/02/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/02/2020-02-22_9-52-56-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5359c0424d062de2fae0f0066768f69e274791151d4861dd07c08556020635

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
10934
cf-request-id
081bb4c773000097f05b158000000001
pragma
public
last-modified
Thu, 27 Feb 2020 02:45:23 GMT
server
cloudflare
etag
"5e572d43-2ab6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i1emEaJ%2BCU%2F1Eef%2Bk94rHTN9rTV9T5%2BpBzHlup%2BxgicJnPJ9Vzjz3ugUVNe9T%2FoGHC74IWdQoNYZG9PU6uP8fYsHL4XoEUpLHsnkKrDWX%2BD06ejiycK%2BMm%2BcjFXiL%2FWZoJXagbQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9797f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
181925-coronavirus-218x150.jpg
www.theinvestigative.com/wp-content/uploads/2020/02/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/02/181925-coronavirus-218x150.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
828e839e7e345c73a2ed98c4ccb30b8a0b0834ce95007fddcba554023144339c

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
8597
cf-request-id
081bb4c773000097f048027000000001
pragma
public
last-modified
Sat, 22 Feb 2020 05:07:08 GMT
server
cloudflare
etag
"5e50b6fc-2195"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=isLuobxLn%2FLUHh6qz9Nipe%2BwuRHEjg42kEUL6dc5PhtyP79Gk%2BylxTMNEytB6N%2BI1OK8%2Bq1XVEeZykEGY29fQGQboPv13lX7QbjM3a7MmOHSOhdpllb8kkZcJxXVeA3sd8Xe9qI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9897f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
anon-hack-1-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2018/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2018/12/anon-hack-1-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd548fe9ad416fc632e380a320611e38a3351a333abd576790bb7d8e1c11eaf

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
2056
cf-request-id
081bb4c774000097f0852ff000000001
pragma
public
last-modified
Mon, 24 Dec 2018 02:59:30 GMT
server
cloudflare
etag
"5c204b92-808"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rh9SM%2BcEQ%2B7P0TjJZFEGk%2FSxwGuN%2BmELH1EMKYtdiECRcHWm57fSgtBw7%2Bvpmz4eVvCxeolRmGfw1TNEgsPTvuPhvnMuLyI5xUzFgdKkkc9iXWpAslqjX4PRgC%2FoBJaIDgZ2Z2A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9997f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
1517828646_life-after-death-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/12/1517828646_life-after-death-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a00369891e555a6e5a7528bd39ff902c77ebd511c0c366c0e220325028dfd8d5

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
2885
cf-request-id
081bb4c774000097f07d0dd000000001
pragma
public
last-modified
Mon, 16 Dec 2019 23:52:02 GMT
server
cloudflare
etag
"5df818a2-b45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mv4U6mTNbvIikRfL7vQyxZwIJ89r%2By4FKzdx5Vta8zF6nW3HHgab0L4JMiR5sW0FfWFTG3GlTsvHAquX3%2Fsk9bQ9vmMeGZQ1EGkanVrWcdWcyNZF%2B08ppMVgAjeh8Sska%2F5M3%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9a97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
dermal-abyss-mit-screenshot-vimeo_1024-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/12/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/12/dermal-abyss-mit-screenshot-vimeo_1024-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbe567beb4c157df8e3843354803b9f08fa79f8046b2d69a8209699a2c7711ab

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
1609
cf-request-id
081bb4c774000097f07eb88000000001
pragma
public
last-modified
Sun, 08 Dec 2019 10:54:26 GMT
server
cloudflare
etag
"5decd662-649"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F%2Bgt9nimU9jRnM1NzKzcyPhcFAA7oMCdkv%2BlF7SNPBuVTsIMjRw6kUZA%2FCNEqeTgXmAGZAoC3QVpCfjwhOkH9H2n6LGokoMa3Xfcj%2F6Kg8ZAcJ%2FSjkpRwALGweNnW9LNHqr5SSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9b97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
wp-emoji-release.min.js
www.theinvestigative.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/js/wp-emoji-release.min.js?ver=5.3.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c774000097f06337e000000001
pragma
public
last-modified
Sun, 01 Dec 2019 13:10:42 GMT
server
cloudflare
etag
W/"5de3bbd2-362a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gt93v%2F3iZ6BBtnLS0fp4l0auKGOSCe0S6IxubfxvQih9ShDzprrk169kmvKFkU43HWbLj6MOHtWXarSnBB%2BFhboMdwCAvaPIKgabhUOju2BLJy7hI4Cphwh11PpqCCA%2Bd%2FQFQy4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d9571f1e9c97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
cf15ca08b57b8012d87ae8dbaa54e72b-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2020/02/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2020/02/cf15ca08b57b8012d87ae8dbaa54e72b-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ab77950f68fa2923027220b1c1678b4bd7351b79ff1261ddc054237c65085d

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
3642
cf-request-id
081bb4c775000097f0552a3000000001
pragma
public
last-modified
Fri, 14 Feb 2020 01:36:58 GMT
server
cloudflare
etag
"5e45f9ba-e3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FLb2NTAZFo6LM%2BiWje2KiFlLD32PP7hyIFq5qVIlZDhyZU68imEi4xyQz5b78tZuyvd15iFLBsKh9Hs5e6DgMEkHH1EyvayOD67zDFLYqDqCXLhHE%2BOOrNbMZ8zOLux0Hr%2FqiKw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9d97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
gf-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/11/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/11/gf-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e9581c9f5afa7c64348777e7093f388e3e0548c8640cd67f8ae1c6de2f33aa

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
3781
cf-request-id
081bb4c775000097f07a876000000001
pragma
public
last-modified
Thu, 07 Nov 2019 01:44:16 GMT
server
cloudflare
etag
"5dc376f0-ec5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JbEIMFCX7olxmx1Ry8%2FEYFl7r7xwUeWAAnDpGRLbhtrrmalEGIr3gRK%2BWSjQCuwjPbpJyNV3d0yNXJRRQm6QV8qNSmfCSz%2BXxtvDczV7%2FQPAjZmh%2F6Mz1SrKOt%2Fr%2FJG1E1XmiVg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9e97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
whatmakescan-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/11/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/11/whatmakescan-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
714c1e7c060aeba1d81a61f072f0134358ecc7f33a7b1939c1a2feb8f76bb282

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
3513
cf-request-id
081bb4c775000097f0808f8000000001
pragma
public
last-modified
Sun, 10 Nov 2019 00:59:41 GMT
server
cloudflare
etag
"5dc760fd-db9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=24AgEpYIDLofxmmjBoX5q03o2ziF9NzQ7yEHy7Nhm5w9hT%2BkF4TSCbOdkHJ%2BWLLFH7dB7Ojt79%2BnAUYC0hQHGBn6U95D%2FXiM5c9MvWfOl%2Bqa1DdFBzDizh2D14teP829fBbpJr0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1e9f97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
gettyimages-593305618-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/12/gettyimages-593305618-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9f9b6994d9d2db73c31c7456f6ba9774619c0fb93f330982e1548cc323b5a3

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
3111
cf-request-id
081bb4c775000097f046913000000001
pragma
public
last-modified
Tue, 03 Dec 2019 10:50:22 GMT
server
cloudflare
etag
"5de63dee-c27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dhI8V66M2Z38U13n4fRt78ZZPWB1daP1dLYUhruLoXFQrTLyR1EPihxt7Za1UZBzU7BHNZUJu5INbHs%2FYwfeQBsQWJ11HhK0058NqK4CuWy%2FnZIbGtU5%2F5XBZv%2FwiR%2FCFh7TFug%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1ea097f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
australia_fireball-100x70.jpg
www.theinvestigative.com/wp-content/uploads/2019/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.theinvestigative.com/wp-content/uploads/2019/11/australia_fireball-100x70.jpg
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd03cdc26fd1b120a2cae65f38835cf87f12c385b3f00fd35b9648d3f42ec2fa

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
content-length
1963
cf-request-id
081bb4c776000097f0619cd000000001
pragma
public
last-modified
Thu, 14 Nov 2019 11:46:59 GMT
server
cloudflare
etag
"5dcd3eb3-7ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nhkfZEwCUP%2FvXziQecXeGQN%2FX%2FlKyzhYpP8MUNcbadsygMqEgCZg2uYFKM25rZ5REU8fe6RHkggqglt5uPEcpT6%2F0x2N1FGgLkWYV57LQOVw%2FaUYMZl79H5Z%2Fd3apEWXTotO9Gg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
61d9571f1ea197f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
scripts.js
www.theinvestigative.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c5c5000097f06a918000000001
pragma
public
last-modified
Sun, 01 Dec 2019 13:10:16 GMT
server
cloudflare
etag
W/"5de3bbb8-3868"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xuI7ENO4Uqlw7vw9%2FdLLP0FPyF4KeQ9YY1pRGInzb9XwTqtW0FKtNddWBnFcyaO1of%2Bbsy5fcRpAXDvOu7CCypJ7BIhqw2NODivbmAHiAy8dQW3%2B%2Bg7xJ1BFvMT6xXhjDchAefU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d9571c6e3897f0-FRA
expires
Tue, 09 Mar 2021 01:29:30 GMT
tagdiv_theme.min.js
www.theinvestigative.com/wp-content/themes/Newspaper/js/ 		204 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/themes/Newspaper/js/tagdiv_theme.min.js?ver=8.8.2
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74da6d1fd517c41c5588ddb9fe8eafe78eceff1d961f8fb22092062b335fbb92

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c74b000097f05b157000000001
pragma
public
last-modified
Wed, 27 Jun 2018 14:19:06 GMT
server
cloudflare
etag
W/"5b339cda-32f84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVOEjihLg2smaMdNotVKbdOeVQijnAvL%2Fv4XCXqPj7dgslk5NdWwz%2B5aZ1R8CJhK%2FdKbHtFSeZ73NhHyVX%2FDvDrEDBkVzXKeYTuT4xlVtmJQnOJxZCKUbWplDZnWPOsBF8tBVqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d9571ede8197f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
comment-reply.min.js
www.theinvestigative.com/wp-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/js/comment-reply.min.js?ver=5.3.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c76f000097f046912000000001
pragma
public
last-modified
Sun, 01 Dec 2019 13:10:42 GMT
server
cloudflare
etag
W/"5de3bbd2-951"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=joKOfyyiW59LGjB51Cu6KnUTj5bxnf13DwFdBZrvhMc4plt4%2FeByIZpQMWr8rPxj8uW3mtyVlre9gAUpxHAlnFlFJUklRzR4s1JwtG%2BKXIVEXOeo2ZN8QoRKjHpWALnUePDvwp4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d9571f1e8997f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
wp-embed.min.js
www.theinvestigative.com/wp-includes/js/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-includes/js/wp-embed.min.js?ver=5.3.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c76f000097f0619cc000000001
pragma
public
last-modified
Sun, 01 Dec 2019 13:10:42 GMT
server
cloudflare
etag
W/"5de3bbd2-577"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9z93e69aM1WaSmGoyyASe3CN7fKYD34lwKNw1ol7SCjeT3SrHFQ1A%2Fb9SvNKA5AktyQIFi5hKGb12q5r47MgnKG%2FRQ7bOmUsaBGWZzREs4w9MdNoZuzXf6rfLWlhr%2F51IigX4ng%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
61d9571f1e8a97f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.6
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
1049
etag
W/"f35a2111ffcc2dc2fded1fe3c98a7bee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
61d9571f29981f51-FRA
cf-request-id
081bb4c77e00001f51cfb08000000001
expires
Wed, 10 Feb 2021 01:29:30 GMT
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
nLyMdMIIyVhh6dhbUFWKRuWkiOP2z3TBWOWzmp9va+G7Ld2eKmz2WLth+9J4AdqbDRVxSsTRf+zyooaGJ+eOMg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Sun, 07 Feb 2021 01:29:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
newspaper.woff
www.theinvestigative.com/wp-content/themes/Newspaper/images/icons/ 		22 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.theinvestigative.com/wp-content/themes/Newspaper/images/icons/newspaper.woff?15
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/wp-content/themes/Newspaper/style.css?ver=8.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:bc03 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1

Request headers

Origin
https://www.theinvestigative.com
Referer
https://www.theinvestigative.com/wp-content/themes/Newspaper/style.css?ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-request-id
081bb4c776000097f06b077000000001
pragma
public
last-modified
Wed, 27 Jun 2018 14:18:54 GMT
server
cloudflare
etag
W/"5b339cce-5630"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=p8Uf%2FyXQoxuSzmhEyHmWmMxrSA92uUpz%2BQexb6pZXKMyKc6CVEqigMVIO8kYYaIXSUfuVMtg5PGFaz0NYxknmpu6WEJbn7oqRlYr1cbXQqoO296t3XW%2F%2Fz9Wtnt9aC2nrrNJj1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
public, max-age=2592000
cf-ray
61d9571f2ea297f0-FRA
expires
Tue, 09 Mar 2021 01:29:31 GMT
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 04:25:35 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:27 GMT
server
sffe
age
162235
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9080
x-xss-protection
0
expires
Sat, 05 Feb 2022 04:25:35 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 22:00:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
271731
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 03 Feb 2022 22:00:39 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
162231
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 05 Feb 2022 04:25:39 GMT
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 18:32:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:34 GMT
server
sffe
age
370614
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9728
x-xss-protection
0
expires
Wed, 02 Feb 2022 18:32:36 GMT
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
fonts.gstatic.com/s/roboto/v20/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 16:18:32 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
292258
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12680
x-xss-protection
0
expires
Thu, 03 Feb 2022 16:18:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 09:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
231078
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Fri, 04 Feb 2022 09:18:12 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
fonts.gstatic.com/s/roboto/v20/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Feb 2021 09:04:27 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:53 GMT
server
sffe
age
318303
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12668
x-xss-protection
0
expires
Thu, 03 Feb 2022 09:04:27 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 02 Feb 2021 08:12:06 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:48 GMT
server
sffe
age
407844
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11056
x-xss-protection
0
expires
Wed, 02 Feb 2022 08:12:06 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.33
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-fb-rlafr
0
pragma
public
x-fb-debug
oSIFC7yen/5GbkEibzY399wtcEx6+TpXu9+KUtawOyDml2p9FhCvcdgy97WDqr6qglW9scOsRh1eOcvWtNX3NQ==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Feb 2021 01:29:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
223284065218335
connect.facebook.net/signals/config/ 		240 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/223284065218335?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8747ba5e76faf21cc20b078abdae8e6ae3405debf62764ece21a453bdd323cfb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
rvyDmg9Enq3aZHb27+JNbVn2BQORM9pBsfTv8ABkeoowdK4mHGJAzSiKNLmJp9bVJmiuSUrbRjr9zkHvBGIGag==
x-fb-trip-id
664085054
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 07 Feb 2021 01:29:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
246762353
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/ 		225 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
86331
x-xss-protection
0
server
cafe
etag
657319051054643926
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 07 Feb 2021 01:29:30 GMT
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 12:56:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:49 GMT
server
sffe
age
217965
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9180
x-xss-protection
0
expires
Fri, 04 Feb 2022 12:56:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/ Frame 4EDA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210202/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210202/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.theinvestigative.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.theinvestigative.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sat, 06 Feb 2021 22:31:03 GMT
expires
Sat, 20 Feb 2021 22:31:03 GMT
content-type
text/html; charset=UTF-8
etag
6440208225989294717
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4777
x-xss-protection
0
age
10707
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127528293-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
263
date
Sun, 07 Feb 2021 01:25:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 07 Feb 2021 03:25:07 GMT
js
www.googletagmanager.com/gtag/ 		97 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-123015522-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-127528293-1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
629fde4c9b822ad37c46a2f6fc4c65bdb12635e209847aa1b3efb49aa9a90d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38969
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 07 Feb 2021 01:29:31 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=223284065218335&ev=PageView&dl=https%3A%2F%2Fwww.theinvestigative.com%2F&rl=&if=false&ts=1612661371030&sw=1600&sh=1200&v=2.9.33&r=stable&a=wordpress-5.3.6-1.8.0&ec=0&o=30&fbp=fb.1.1612661371028.2107328278&it=1612661370921&coo=false&rqm=GET
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Feb 2021 01:29:31 GMT
collect
www.google-analytics.com/j/ 		1 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1594856275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theinvestigative.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20The%20Investigative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1555950502&gjid=555705764&cid=1407100208.1612661371&tid=UA-127528293-1&_gid=628894356.1612661371&_r=1&gtm=2ou1r0&z=270841808
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 01:29:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theinvestigative.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1594856275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.theinvestigative.com%2F&ul=en-us&de=UTF-8&dt=Home%20-%20The%20Investigative&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAUABAAAAAC~&jid=546420355&gjid=697057487&cid=1407100208.1612661371&tid=UA-123015522-1&_gid=628894356.1612661371&_r=1&gtm=2ou1r0&z=1634302642
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 01:29:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.theinvestigative.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		210 B
648 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.theinvestigative.com&callback=_gfp_s_&client=ca-pub-8724753500373215
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
262f2748bd0a2c1f29db6829acd49ece4a826c47c6189f46e465d33872990dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
199
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.theinvestigative.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.theinvestigative.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2E38 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8724753500373215&output=html&adk=1812271804&adf=3025194257&lmt=1612661371&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theinvestigative.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612661370934&bpp=12&bdt=1237&idt=151&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5699801509540&frm=20&pv=2&ga_vid=1407100208.1612661371&ga_sid=1612661371&ga_hid=1594856275&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893&oid=3&pvsid=2997673143514364&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=167
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8724753500373215&output=html&adk=1812271804&adf=3025194257&lmt=1612661371&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.theinvestigative.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1612661370934&bpp=12&bdt=1237&idt=151&shv=r20210202&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5699801509540&frm=20&pv=2&ga_vid=1407100208.1612661371&ga_sid=1612661371&ga_hid=1594856275&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068769%2C21068893&oid=3&pvsid=2997673143514364&pem=88&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=167
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.theinvestigative.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.theinvestigative.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 07 Feb 2021 01:29:31 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 07-Feb-2021 01:44:31 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1612389176576780"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
28346
x-xss-protection
0
expires
Sun, 07 Feb 2021 01:29:31 GMT
getad
aax-us-east.amazon-adsystem.com/x/ 		51 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=308&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22placement%22%3A%22adunit0%22%2C%22enable_interest_ads%22%3A%22true%22%2C%22div_name%22%3A%22amzn-assoc-ad-040c33ee-7967-481b-9fb5-6f166564de54%22%2C%22tracking_id%22%3A%22gifts0cc-20%22%2C%22fallback_mode%22%3A%7B%22type%22%3A%22search%22%2C%22value%22%3A%22cellphone%20accessories%22%7D%2C%22ad_mode%22%3A%22auto%22%2C%22ad_type%22%3A%22smart%22%2C%22emphasize_categories%22%3A%222335752011%22%2C%22marketplace%22%3A%22amazon%22%2C%22region%22%3A%22US%22%2C%22linkid%22%3A%222c525c145ee2708b60a6256dd3243ffb%22%2C%22default_category%22%3A%22All%22%2C%22viewerCountry%22%3A%22NL%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22gifts0cc-20%22%2C%22acap_categoryConstraints%22%3A%5B%7B%22category%22%3A%222335752011%22%2C%22emphasis%22%3A%22Strong%22%2C%22type%22%3A%22AmazonBrowse%22%7D%5D%2C%22slotNum%22%3A0%2C%22ead%22%3A8%7D&u=https%3A%2F%2Fwww.theinvestigative.com%2F&jscb=amzn_assoc_jsonp_callback_adunit0_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=040c33ee-7967-481b-9fb5-6f166564de54
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.145.164 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2dc1afd314d89a7fa6ce4f0c3854d536032cdb15c6aca34efeacc1181b8f10d0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 01:29:31 GMT
Server
Server
Connection
keep-alive
Content-Length
51
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKXGUdhrIqOxjaPX.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.theinvestigative.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.8.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 09:18:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:46 GMT
server
sffe
age
231088
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9684
x-xss-protection
0
expires
Fri, 04 Feb 2022 09:18:03 GMT
cm_:onejs_load_evt@v=2191,onejs_exec_time@v=2,aax_load_time@v=310,aax_load_time_smart@v=310,aax_punt@v=1,aax_punt_smart@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=2191,onejs_exec_time@v=2,aax_load_time@v=310,aax_load_time_smart@v=310,aax_punt@v=1,aax_punt_smart@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=dec9f562-5416-48e9-b37e-0fc2d9b7b653&session=0a1df97f-db4c-4ed6-96f8-42d37fba1d90
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_CBC
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 07 Feb 2021 01:29:30 GMT
x-amzn-RequestId
e63eeb00-68d4-4a15-84dc-7f3c7a8fd899
Content-Type
text/plain
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=223284065218335&ev=Microdata&dl=https%3A%2F%2Fwww.theinvestigative.com%2F&rl=&if=false&ts=1612661371533&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20-%20The%20Investigative%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Home%20-%20The%20Investigative%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%22%2C%22og%3Asite_name%22%3A%22The%20Investigative%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A2861%2C%22w%22%3A1600%7D%2C%22properties%22%3A%7B%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FWebPage%22%7D%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40graph%22%3A%5B%7B%22%40type%22%3A%22WebSite%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%23website%22%2C%22url%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%22%2C%22name%22%3A%22The%20Investigative%22%2C%22description%22%3A%22Independent%20%26amp%3B%20Incorruptible%22%2C%22potentialAction%22%3A%7B%22%40type%22%3A%22SearchAction%22%2C%22target%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%3Fs%3D%7Bsearch_term_string%7D%22%2C%22query-input%22%3A%22required%20name%3Dsearch_term_string%22%7D%7D%2C%7B%22%40type%22%3A%22WebPage%22%2C%22%40id%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%23webpage%22%2C%22url%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%22%2C%22inLanguage%22%3A%22en-US%22%2C%22name%22%3A%22Home%20-%20The%20Investigative%22%2C%22isPartOf%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.theinvestigative.com%2F%23website%22%7D%2C%22datePublished%22%3A%222018-07-28T00%3A57%3A35%2B00%3A00%22%2C%22dateModified%22%3A%222018-08-27T23%3A30%3A54%2B00%3A00%22%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.33&r=stable&a=wordpress-5.3.6-1.8.0&ec=1&o=30&fbp=fb.1.1612661371028.2107328278&it=1612661370921&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: www.theinvestigative.com
URL: https://www.theinvestigative.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f145:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 07 Feb 2021 01:29:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210202&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ae9578ce2ef6f0611db3862426c13a4a82e878017010e267ac04e67dc9bc60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6794
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210202/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 07 Feb 2021 01:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Sun, 07 Feb 2021 01:29:31 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 9D75 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.theinvestigative.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.theinvestigative.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Sat, 06 Feb 2021 20:52:02 GMT
expires
Sun, 06 Feb 2022 20:52:02 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16650
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210202&jk=2997673143514364&bg=!fX6lfj3NAAWnsTPUpzsAKQB2-DxaSvwZRiwsu-DKHclNRCsJqpkdBUYH9BOOsym4fKU-KTARacY5AgAAAElSAAAADWgBBwoBRdkah0AyylDwE2PdfjasaQS8z9J92i7T1YHFaSAhJva2Q1MRxlFZvIt1J7aUcXxqkWTnsrCvuGPYEvSQxUhHhFKtc80NITephruqqm7kAtX5L0T-PSmtqpauR334ORU9PL8hvL5zMa_cZCTlhfUAhnh9cVnpbRFw6d7ONZ9NzAF0oRAy66uXpRJSTT6_ZtlYY9ZG2KZdS8BpvXC58rbmhIsivcpuhDijL4UOGn3vxGuopCt0szNDy_fiJuzL9iAyDj9TtHFYicES9c5AMbe8UhzU7WPknMvY7JTguEWFPSQMyjYB_dt_0b00iOtjAxwuVtsbn9Oe5VWZw_1jEvwDpRDj0wxLDgobmAZjhHfzrAjPQE7GSNXeqh5US-VgdLjQXxcFqh1oSB_PauQoMimkfRvPG9V2riezyj-U7HbTJ8Qajtzmus2ZAdaSJz61tNHfV824NC969UL9o5leLjmHUbwgZd9N0CgLiX2umqyOb5E9MJZhuUa-0KgCrqRxhVi5VC_6i4htefZiCy6u8TFYlAKdXxZZCj0WjXgemFZE0omXeGnXBXMwKO44fQ9zw2J1QQRvI3yzdHVIAF44VWeSmf4cdagt-nxlbCx-s70KCEnFdCoe9HFhaj5rV9eszjqE-6yr54MY8Ri6Dy4wYJiUzzMc8-cmIbvjHms5gJVV6KopyyJQpis43mz5XJVlKb3e4zoVDl23hIpOyGsxw_MEqk9lkcuqEhnEtJKoCUjpVntyeYFpsFAdcYCZnHnWBoGih6ucDlJSerDVEf4n5ptEJJOiRT810iNFJvCjwzFHVUtyQoi19A2ZtS_1MvcIB0559wb-qISWHejUITYiNRG1lfx4kYRMYb6JNKfqq7uFmAq5rIYxhPP7Ayg10K3IdI-S-bS4-494eBH50d_SEoQZG7Gur6p3e0wGUxnkyaMS6MwyofQgDvlcdeZa7JjSCfhQeK9Q4Kt3Q8nC-RlgJJaDDWbMwAVZ7qA4yaGTERO3L-62GEYiI3Uul3b4FGlMKb_F7xYV6JP2p6BDGyreF2GoAMdJZVp6zW9cA-4fH_D9bA
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.theinvestigative.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Feb 2021 01:29:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| Cli_Data object| log_object object| CLI_Cookie object| CLI string| CLI_ACCEPT_COOKIE_NAME number| CLI_ACCEPT_COOKIE_EXPIRE boolean| CLI_COOKIEBAR_AS_POPUP object| tdwGlobal function| fbq function| _fbq number| cli_flush_cache function| documentInitOneSignal object| OneSignal object| adsbygoogle function| gtag object| dataLayer object| tdBlocksArray function| tdBlock object| tdLocalCache object| td_viewport_interval_list string| td_animation_stack_effect boolean| tds_animation_stack string| td_animation_stack_specific_selectors string| td_animation_stack_general_selectors string| td_ajax_url string| td_get_template_directory_uri string| tds_snap_menu string| tds_logo_on_sticky string| tds_header_style string| td_please_wait string| td_email_user_pass_incorrect string| td_email_user_incorrect string| td_email_incorrect string| tds_more_articles_on_post_enable string| tds_more_articles_on_post_time_to_wait number| tds_more_articles_on_post_pages_distance_from_top string| tds_theme_color_site_wide string| tds_smart_sidebar string| tdThemeName string| td_magnific_popup_translation_tPrev string| td_magnific_popup_translation_tNext string| td_magnific_popup_translation_tCounter string| td_magnific_popup_translation_ajax_tError string| td_magnific_popup_translation_image_tError object| tdDateNamesI18n string| td_ad_background_click_link string| td_ad_background_click_target object| block_td_uid_7_601f4279785bf object| block_td_uid_10_601f42797d62e object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_trust_token_operation_status object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd object| google_sv_map string| cli_cookiebar_settings object| wpcf7 object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| twemoji object| wp function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| nativeAdLayoutComputer object| amzn_assoc_ad function| amzn_assoc_jsonp_callback_adunit0_0 function| amzn_assoc_client_cb_0 object| tdDetect object| tdViewport object| tdMenu object| tdUtil object| tdAffix function| td_smart_list_dropdown object| td_more_articles_box undefined| td_resize_timer_id function| td_done_resizing function| td_resize_videos function| td_mobile_menu function| td_mobile_menu_toogle function| td_retina function| td_read_site_cookie function| td_set_cookies_life boolean| tdIsScrollingAnimation boolean| td_mouse_wheel_or_touch_moved boolean| td_scroll_to_top_is_visible function| td_events_scroll_scroll_to_top function| td_post_template_6_title function| td_smart_lists_magnific_popup function| td_get_document_width function| td_get_document_height function| setMenuMinHeight function| td_comments_form_validation function| td_scroll_to_class object| tdLoadingBox object| tdAjaxSearch string| tdModalImageLastEl function| tdModalImage object| tdBlocks object| tdLogin object| tdLoginMob object| tdDemoMenu object| tdTrendingNow object| td_history object| tdSmartSidebar object| tdInfiniteLoader function| Froogaloop object| tdCustomEvents object| tdEvents object| tdAjaxCount object| tdYoutubePlayers object| tdVimeoPlayers function| td_resize_smartlist_slides function| td_resize_smartlist_sliders_and_update function| td_resize_normal_slide function| td_resize_normal_slide_and_update object| tdPullDown object| td_fps object| tdAnimationScroll object| tdHomepageFull object| tdBackstr object| tdAnimationStack object| td_backstretch_items function| td_compute_parallax_background function| td_compute_backstretch_item object| tdAjaxLoop object| tdWeather object| tdAnimationSprite function| td_date_i18n object| tdSocialSharing object| jQuery1124043422878170304235 function| $f object| addComment object| _oneSignalInitOptions object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.theinvestigative.com/ Name: __gads
Value: ID=fb3303e9ddcadc92-22d43d285fba00e7:T=1612661371:RT=1612661371:S=ALNI_MZYTuxMXMNK6qorMbSz1qGWoD4lsQ
.theinvestigative.com/ Name: _gat_gtag_UA_127528293_1
Value: 1
www.theinvestigative.com/ Name: cookielawinfo-checkbox-necessary
Value: yes
.theinvestigative.com/ Name: _gid
Value: GA1.2.628894356.1612661371
.theinvestigative.com/ Name: _ga
Value: GA1.2.1407100208.1612661371
.theinvestigative.com/ Name: _gat_gtag_UA_123015522_1
Value: 1
.theinvestigative.com/ Name: _fbp
Value: fb.1.1612661371028.2107328278
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.theinvestigative.com/ Name: __cfduid
Value: d1d906507dfccef1ad98eaa9bf325accc1612661369

3 Console Messages

Source Level URL
Text
console-api log URL: https://www.theinvestigative.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Call to "fbq('init', '223284065218335', []);" with parameter "user_data" has an invalid value of "[]"
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.3.6(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-us-east.amazon-adsystem.com
adservice.google.com
adservice.google.de
cdn.onesignal.com
connect.facebook.net
fls-na.amazon-adsystem.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tharbadir.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.theinvestigative.com
z-na.amazon-adsystem.com
139.45.195.38
143.204.95.142
172.217.16.130
2606:4700:3037::ac43:bc03
2606:4700::6812:e134
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
52.46.145.164
52.94.225.95
018215207daa143abba52ba03992e97c1bcb811ffa930c4362215374f29f3f1c
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
042e224b94e8cdd355edf74463b037665006271f6b054f09b75ea2c87bcd6824
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1423f118a35dc9c99fff8faa25d7dc1872bf55c5e4d3298b28ee0fc361a4ca5d
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2523a0aa1d159655c0f03a145a2a788d385225c3817605c482c232181fb21ba0
262f2748bd0a2c1f29db6829acd49ece4a826c47c6189f46e465d33872990dd2
2aba1a1f6ae24a3f2d5d8b40f4b62cc03728e3d714258176e0b66efe787b6585
2dc1afd314d89a7fa6ce4f0c3854d536032cdb15c6aca34efeacc1181b8f10d0
33b8bad90f933a0a7fcc2774ada20175a6c04e84204dc6951d1bb54c5df77fac
3400447d1d4c1f997acc11096ea0717028c71088e6fe80039b1f9a39293d00c1
3be0a916496d7936bb83ce60a4de9f10ef400f16c38e7dd7c65449c795e7739b
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
4179c91e113b124b59e6526d4919a15be02dd45145d8deea3f92deab787f7dfd
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ae9578ce2ef6f0611db3862426c13a4a82e878017010e267ac04e67dc9bc60e
4d13598b90426ce27e2eeaa8f28351ace0755bc86e4f5741a3522b70a607ffab
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5b56f14bb63fc412aec1562ff5b4807919a486491f2e9a86054ef08922c634d1
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
61725806f176bed2b6627e892a6d9f9679c408d1a1e64fae401ceea025cdf579
629fde4c9b822ad37c46a2f6fc4c65bdb12635e209847aa1b3efb49aa9a90d02
64e9581c9f5afa7c64348777e7093f388e3e0548c8640cd67f8ae1c6de2f33aa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
714c1e7c060aeba1d81a61f072f0134358ecc7f33a7b1939c1a2feb8f76bb282
72ab77950f68fa2923027220b1c1678b4bd7351b79ff1261ddc054237c65085d
72e395213d052d79eb852149c9cbe3124903a7f34168c935d7fadabbafbd2ddb
736857ac5fb539d901d79d08586483828f3196d2bc7bc03ac9f7b3eba33a9c76
73eb139b1371aed55b1dce74b7258f2d90991c5294d69fce852c3eed1af40068
74da6d1fd517c41c5588ddb9fe8eafe78eceff1d961f8fb22092062b335fbb92
7745c31d889bee13c0417bc929a1ccc247651891f86dbac0ca823855495d16a4
7a4cbe29c8a1c6c2e29b887fd58d9a02b64e7bd113acc77d370b547b9f51545d
7e5359c0424d062de2fae0f0066768f69e274791151d4861dd07c08556020635
81e82457fb12ef9a7b3981eceba4363763a703fd04bbe4da183903fd74e2cbcd
828e839e7e345c73a2ed98c4ccb30b8a0b0834ce95007fddcba554023144339c
82cdf580655d3697dadd6f72fa9fbd5d06adbcde5f2a2e048a9e3e7cc6636b46
8304827477215b517f051f116d5581a5e030e7f29df69061cb9cf108aa9cbc90
841dc4c07cabba1bf0c80aeb2ec6dcec44eec44ae761f5e126f0da93d5483ba3
8747ba5e76faf21cc20b078abdae8e6ae3405debf62764ece21a453bdd323cfb
8d9f9b6994d9d2db73c31c7456f6ba9774619c0fb93f330982e1548cc323b5a3
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a00369891e555a6e5a7528bd39ff902c77ebd511c0c366c0e220325028dfd8d5
a401dd1f8f3b5bff72001acbea5a05514a850f6fa18cd569dc53efdc5fc70194
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a4b423bd3e84385d2bb624a55cddfaafe863235df9791628cb4fc0a9472d3f76
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
bd03cdc26fd1b120a2cae65f38835cf87f12c385b3f00fd35b9648d3f42ec2fa
cbe567beb4c157df8e3843354803b9f08fa79f8046b2d69a8209699a2c7711ab
cc0ee11e54991d76c56748f9f25e59ba548253552f75e41a9701e9e522a23d67
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4d3b7b6736d9b3b8dfa99fe837c6275125e26fa1b5ba8054ade550478ede15
d027a4473a652d92475214ba103121514c288e76ccb01e122a6c2989d67f76e9
d13cd4647fbff90bac4060471c13479ee97bfc9bad5ed2c99fdf1762a85abc8f
d3ffe4c04d07c3fff7d3c4b5f3788cbcb84c8463d8279ccf126dcba171b08cc5
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dc0b0b8149a3489c1a11caaf9b8e524d07a99135ab9bd4434b5db08e079451c1
dfd548fe9ad416fc632e380a320611e38a3351a333abd576790bb7d8e1c11eaf
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
f0dc5a104ad07a87dec3f36b5ff8eb24b974cf484e1d378fdf7d4578ea9f4b9d
f3d978e7e8c6da6bdee58df5ca9202057bd0469e4166630af40575a775520f9c
f774ddac3ffce309e5ff2659a59e8e7291da314d213f24c1aa04b9ea2bc46586
fb895d1189b2e356655d8128f9ace01e55591576e72b1db2abcc7d0eb1e0f713
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305