urlscan.io logo urlscan.io
SecurityTrails logo

www.investigations.com Open in urlscan Pro
2606:4700:3030::681c:845  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.investigations.com/
Effective URL: https://www.investigations.com/
Submission: On September 14 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3030::681c:845, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.investigations.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time www.investigations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

31    2606:4700:3030::681c:845 (United States)

ASN13335 (CLOUDFLARENET, US)
www.investigations.com
1    2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
2    2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.gstatic.com
6    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ee
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
Domain Requested by
31 www.investigations.com 1 redirects www.investigations.com
7 fonts.gstatic.com www.investigations.com
fonts.googleapis.com
4 maps.googleapis.com www.investigations.com
maps.googleapis.com
3 www.gstatic.com www.google.com
www.googletagmanager.com
www.gstatic.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.com www.investigations.com
www.gstatic.com
1 www.google.ee
1 www.googleadservices.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.investigations.com
1 fonts.googleapis.com www.investigations.com
52 11

This site contains links to these domains. Also see Links.

Domain
www.google.com
www.facebook.com
www.linkedin.com
mymediapal.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-30 -
2021-07-30		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.ee
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.investigations.com/
Frame ID: 125C53199AB78D142F9642599D312393
Requests: 57 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdUDbMUAAAAAMjn75FSLmAyZbYsqVrZ7WX9jGCJ&co=aHR0cHM6Ly93d3cuaW52ZXN0aWdhdGlvbnMuY29tOjQ0Mw..&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=mwf4bkfs2lu8
Frame ID: 9F7C66068FDBD5AEA73C5401DC6D8418
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.investigations.com/ HTTP 301
    https://www.investigations.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

52
Requests

100 %
HTTPS

93 %
IPv6

9
Domains

11
Subdomains

14
IPs

3
Countries

5105 kB
Transfer

8271 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.investigations.com/ HTTP 301
    https://www.investigations.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51
  • https://www.googleadservices.com/pagead/conversion/1027026603/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD&ct_eid=2 HTTP 302
  • https://www.google.ee/pagead/attribution/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.investigations.com/
Redirect Chain
  • http://www.investigations.com/
  • https://www.investigations.com/
139 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b419ab1922a641e820da580fa508aad6ecde2aff7cc751805c3476a3760c9bfe
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

:method
GET
:authority
www.investigations.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d7c784baf608d3849c9909ed7f42a960f1600113083
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 14 Sep 2020 19:51:23 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=etr1b38peetffr5mq75sc75vpl; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://www.investigations.com/wp-json/>; rel="https://api.w.org/" <https://www.investigations.com/wp-json/wp/v2/pages/3075>; rel="alternate"; type="application/json" <https://www.investigations.com/>; rel=shortlink
strict-transport-security
max-age=15768000
x-rocket-nginx-bypass
No
cf-cache-status
DYNAMIC
cf-request-id
052fc51c63000005bbd33eb200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5d2ca473df7205bb-FRA
content-encoding
br

Redirect headers

Date
Mon, 14 Sep 2020 19:51:23 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7c784baf608d3849c9909ed7f42a960f1600113083; expires=Wed, 14-Oct-20 19:51:23 GMT; path=/; domain=.investigations.com; HttpOnly; SameSite=Lax
Location
https://www.investigations.com/
CF-Cache-Status
DYNAMIC
cf-request-id
052fc51bd800002bdd6a801200000001
Server
cloudflare
CF-RAY
5d2ca472feab2bdd-FRA
autoptimize_single_bc8065833b096d4c49607616984e09bd.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		25 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_bc8065833b096d4c49607616984e09bd.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3842f3a5fe816816b6f790366b5bcfa223ab68c2cd9b43b9d237bcc4ddf937c1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6d000005bbd302f200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-63a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477196a05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_7f1d3cdee6e67c584ec3df2772391f2b.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		49 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_7f1d3cdee6e67c584ec3df2772391f2b.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fad2d86ce311062f75f0267c18e3527b6e0d62a11a6656acb0b5a8b0fdca58ec
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6d000005bbd3030200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-c4d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477196c05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_3bc2f546340fb700ab9a155ff6bf45ab.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		2 KB
768 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_3bc2f546340fb700ab9a155ff6bf45ab.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db5548e8b688d720be784e0416dc46f7de937704794befb16db112e61e65ff58
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6d000005bbd3031200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-6e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477196e05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_3f05a51a1e5260f4179db8ca65307a6a.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		24 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_3f05a51a1e5260f4179db8ca65307a6a.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1159de4372736257a92245e932b09ddde59323c538787d1792daf450cfd072e2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6d000005bbd3032200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-5e18"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197105bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_79e62b6344243834a9cf175cc2bf3768.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		1 KB
640 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_79e62b6344243834a9cf175cc2bf3768.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8085e58c8150242a6320d54ff0e2d729b8e439a25463321cec85742a3ed2f6c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6d000005bbd3033200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-5bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197305bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_fe883aeb6eaadb9fe4b22c290f698c69.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		2 KB
399 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_fe883aeb6eaadb9fe4b22c290f698c69.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a03e9ac5a37418240650de1367f930c46099cb468a5631095f67aafab72d0202
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3034200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-747"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197605bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
google-maps-builder.min.css
www.investigations.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b89d0c0bd2198e615e772a5ec226fd2bfb717e5db4bb523e8483635f8807c4e1
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3035200000001
last-modified
Mon, 20 Nov 2017 02:11:56 GMT
server
cloudflare
etag
W/"5a1239ec-1bba"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197805bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_4eecb004d3b43f5016cacc6071707675.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		13 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_4eecb004d3b43f5016cacc6071707675.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49c5d1cc45f843165e973eb4fe3cff321416d937310efea6f6a9ed630c15381d
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3036200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-3212"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197905bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
autoptimize_single_73989cbfca737220b50bc4a4a95b12c3.css
www.investigations.com/wp-content/cache/autoptimize/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_73989cbfca737220b50bc4a4a95b12c3.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e429f11ff6b9bc42448bc76afda4a87ca40324ba622ab1f92e89e85db4ddcb92
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3037200000001
last-modified
Thu, 13 Aug 2020 01:39:59 GMT
server
cloudflare
etag
W/"5f3499ef-108d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197c05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
style.min.css
www.investigations.com/wp-content/themes/Avada/assets/css/ 		104 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/themes/Avada/assets/css/style.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6644bdbe0fd494de3b0b5c78447b08f9e5bc2df0c3075d8a390b2f78bb4e82e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3038200000001
last-modified
Wed, 12 Aug 2020 20:27:58 GMT
server
cloudflare
etag
W/"5f3450ce-1a1aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197d05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
jquery.fancybox.min.css
www.investigations.com/wp-content/plugins/easy-fancybox/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd3039200000001
last-modified
Wed, 08 Apr 2020 14:56:20 GMT
server
cloudflare
etag
W/"5e8de614-fda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477197f05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
2645131cb612b040bc48612e38ff0ff2.min.css
www.investigations.com/wp-content/uploads/fusion-styles/ 		1 MB
110 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b39ac33bb4fa581de5df3b0b4ee6a0a57ac346aa32e415d560e5e2ba8c08d91f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd303a200000001
last-modified
Sun, 13 Sep 2020 03:40:20 GMT
server
cloudflare
etag
W/"5f5d94a4-106c75"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477198205bb-FRA
expires
Tue, 13 Oct 2020 03:41:43 GMT
css
fonts.googleapis.com/ 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C700%7COswald%7CEB+Garamond%7CRoboto+Slab%7CKaushan+Script&subset=latin&ver=712a6a9f3ab41eb100127330a5ff7a00
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17d07660fc96ef962d585c2b291bdab3818718b69c285c651dce2dc607f8aee9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Sep 2020 19:51:24 GMT
server
ESF
date
Mon, 14 Sep 2020 19:51:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Sep 2020 19:51:24 GMT
jquery.js
www.investigations.com/wp-includes/js/jquery/ 		95 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-includes/js/jquery/jquery.js
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6e000005bbd303b200000001
last-modified
Sat, 08 Jun 2019 21:56:06 GMT
server
cloudflare
etag
W/"5cfc2ef6-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
5d2ca477198405bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
js
maps.googleapis.com/maps/api/ 		128 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=712a6a9f3ab41eb100127330a5ff7a00
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
5257b48e4e1354b2fd9e93c0eeb3d8b10474ccba390b77c378025ca07df276ae
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=10
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42787
x-xss-protection
0
expires
Mon, 14 Sep 2020 20:21:24 GMT
style.min.css
www.investigations.com/wp-includes/css/dist/block-library/ 		53 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e6f000005bbd303c200000001
last-modified
Tue, 01 Sep 2020 19:33:09 GMT
server
cloudflare
etag
W/"5f4ea1f5-d293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477198605bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
theme.min.css
www.investigations.com/wp-includes/css/dist/block-library/ 		2 KB
758 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-includes/css/dist/block-library/theme.min.css
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e72000005bbd303d200000001
last-modified
Thu, 13 Aug 2020 01:40:09 GMT
server
cloudflare
etag
W/"5f3499f9-8aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
text/css
cache-control
max-age=2592000
cf-ray
5d2ca477198d05bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
api.js
www.google.com/recaptcha/ 		770 B
590 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdUDbMUAAAAAMjn75FSLmAyZbYsqVrZ7WX9jGCJ&ver=3.0
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d9397f343a31f52de98ba110aad381e85f751254740bb46f9bbadd5b0914090
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
498
x-xss-protection
1; mode=block
expires
Mon, 14 Sep 2020 19:51:24 GMT
autoptimize_2dd18f6b01143a91eb1f1ae1a652b104.js
www.investigations.com/wp-content/cache/autoptimize/js/ 		2 MB
426 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/cache/autoptimize/js/autoptimize_2dd18f6b01143a91eb1f1ae1a652b104.js
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a6d5d5f0021083127fb31e965a1c81dc2fa1f3e7fd795add103b81eb4d0d1f2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51e8f000005bbd303e200000001
last-modified
Tue, 25 Aug 2020 22:21:34 GMT
server
cloudflare
etag
W/"5f458eee-1a053c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
5d2ca4774a1205bb-FRA
expires
Fri, 09 Oct 2020 00:42:10 GMT
gtm.js
www.googletagmanager.com/ 		107 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5JQ988L
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14ef523d96071e40eeaca2598892b9e5843bb91c0c7f3fee48b872460f4454e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40279
x-xss-protection
0
last-modified
Mon, 14 Sep 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 14 Sep 2020 19:51:24 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
052768161d31c4dd28dee8dc17a86fab58b71b2e93032b1f43e1724e9028a5ef

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		65 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98f0f140300f09634fdc9efa7dbe31ffcde706d47742ac141193eb5d1ec591bb

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c2b22bb91948df45d0f5a59b09a69320793d860feb3deec76c25407a24a9445

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e4dbe7d48e38eebd63f5eaaf447a779de4d93bb6ec7aba0ebe5d25fff6643a0

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a51879be378d0d8f3ff086ac95f65de8386a168ddb4de157028715ba0865020b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71ded7a3a9f5ee30b19a0f42acffe2da0f39c56fe58cebf8c8483f9c18e137ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkZVO.woff
fonts.gstatic.com/s/rubik/v10/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v10/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkZVO.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d3640f490078e3ce659231e2e701a6f8b9c2294d84533ba340d7613e8347fad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 18:14:11 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Aug 2020 17:52:11 GMT
server
sffe
age
351433
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23012
x-xss-protection
0
expires
Fri, 10 Sep 2021 18:14:11 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFV0UzdYPFkZVO.woff
fonts.gstatic.com/s/rubik/v10/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v10/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFV0UzdYPFkZVO.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c913c4d2316f220d9889130ac5df78102074bd676d582db4e4b6f720d6cfb52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 20:03:56 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Aug 2020 17:52:03 GMT
server
sffe
age
344848
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22140
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:03:56 GMT
icomoon.woff
www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 		20 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20ddc09bec5b4dd0c3f2cd36ca043449033ef331aa9fe97d3d0369d233923a40
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
cf-int-pingora-origin-digest
{"ext_ip":"162.158.62.106","ext_port":12824,"upstream_rtt":1}
cf-request-id
052fc51ee0000005bbd3041200000001
last-modified
Wed, 12 Aug 2020 20:27:57 GMT
server
cloudflare
etag
W/"5f3450cd-5164"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/font-woff
cache-control
max-age=2592000
cf-ray
5d2ca477cb6605bb-FRA
expires
Sat, 10 Oct 2020 21:57:27 GMT
JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
fonts.gstatic.com/s/montserrat/v14/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD-Px3rCs.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 11:11:11 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:50 GMT
server
sffe
age
31213
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16888
x-xss-protection
0
expires
Tue, 14 Sep 2021 11:11:11 GMT
Americana-Std-Bold_3388.ttf
www.investigations.com/wp-content/uploads/2017/11/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/uploads/2017/11/Americana-Std-Bold_3388.ttf
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fbedbda94f7e1fa1e3d79ee741fccebf890dd880f97f609c40ea8411dc95cf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
33920
cf-request-id
052fc51ee3000005bbd3042200000001
last-modified
Wed, 29 Nov 2017 02:50:19 GMT
server
cloudflare
etag
"5a1e206b-8480"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca477db7005bb-FRA
expires
Thu, 24 Sep 2020 13:41:41 GMT
JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
fonts.gstatic.com/s/montserrat/v14/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhzSTh89Y.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31c2c15435770ff162b185bbc6bead3a72af4af9da3a5801b0c5f5512eb44c5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 11:05:16 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
31568
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17180
x-xss-protection
0
expires
Tue, 14 Sep 2021 11:05:16 GMT
fa-solid-900.woff2
www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		78 KB
78 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0478350058bfa93f94f373c6cde4fe9a4d72edd799e555996a2f6bfa63724b39
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
80148
cf-request-id
052fc51ee4000005bbd3044200000001
last-modified
Wed, 12 Aug 2020 20:27:57 GMT
server
cloudflare
etag
"5f3450cd-13914"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca477db7905bb-FRA
expires
Thu, 24 Sep 2020 14:32:22 GMT
fa-regular-400.woff2
www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a0bfd94d11fa4c4d3e4d2e831e3a73e3b44eb3b897d1e954e64a793d1bb43b6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
13588
cf-request-id
052fc51ee5000005bbd3045200000001
last-modified
Wed, 12 Aug 2020 20:27:57 GMT
server
cloudflare
etag
"5f3450cd-3514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/octet-stream
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca477db7a05bb-FRA
expires
Thu, 08 Oct 2020 04:33:26 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0UzdYPFkZVO.woff
fonts.gstatic.com/s/rubik/v10/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v10/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-4I-FV0UzdYPFkZVO.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b3455841ffc46d55835fb18927c16b014651704a449e585a232fcffb67e8445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 10 Sep 2020 20:00:03 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Aug 2020 17:50:41 GMT
server
sffe
age
345081
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23200
x-xss-protection
0
expires
Fri, 10 Sep 2021 20:00:03 GMT
iJWbBXyIfDnIV7nEt3KSJbVDV49rz8tdE3U3f4TnlY1PK6w.woff
fonts.gstatic.com/s/rubik/v10/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v10/iJWbBXyIfDnIV7nEt3KSJbVDV49rz8tdE3U3f4TnlY1PK6w.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3970a7b089784534cdd992f430b41b07ba84902d38a483c18451539e384ce41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/uploads/fusion-styles/2645131cb612b040bc48612e38ff0ff2.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 13:08:07 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Aug 2020 17:53:42 GMT
server
sffe
age
24197
status
200
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21704
x-xss-protection
0
expires
Tue, 14 Sep 2021 13:08:07 GMT
spufont.woff
www.investigations.com/wp-content/plugins/popups/public/assets/fonts/ 		4 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/plugins/popups/public/assets/fonts/spufont.woff?sze5my
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_73989cbfca737220b50bc4a4a95b12c3.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f977bbfe60485a85dd1622f29685463298de1e22044826895f1b631c1ac3de16
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_73989cbfca737220b50bc4a4a95b12c3.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc51f2f000005bbd304b200000001
last-modified
Mon, 04 May 2020 17:10:16 GMT
server
cloudflare
etag
W/"5eb04c78-1090"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/font-woff
cache-control
max-age=2592000
cf-ray
5d2ca4784caa05bb-FRA
expires
Thu, 01 Oct 2020 17:59:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/ 		336 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdUDbMUAAAAAMjn75FSLmAyZbYsqVrZ7WX9jGCJ&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2178
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134800
x-xss-protection
0
last-modified
Mon, 07 Sep 2020 04:06:55 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 14 Sep 2021 19:15:06 GMT
Manhattan-NYC.png
www.investigations.com/wp-content/uploads/2017/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/11/Manhattan-NYC.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10dc7f110a7b5b8cd0ae6ecf38ba0e5c5af300ab607e3b902917947f67195300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
1481028
cf-request-id
052fc52048000005bbd306a200000001
last-modified
Wed, 29 Nov 2017 07:35:02 GMT
server
cloudflare
etag
"5a1e6326-169944"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a098805bb-FRA
expires
Fri, 09 Oct 2020 00:42:13 GMT
NYC-Bottom-1.png
www.investigations.com/wp-content/uploads/2017/12/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/12/NYC-Bottom-1.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3202a307bb49ed6894e35d6d5682b1a15a079422f97c3d517c5913ffc284ca94
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
1114583
cf-request-id
052fc52048000005bbd306b200000001
last-modified
Wed, 06 Dec 2017 09:51:44 GMT
server
cloudflare
etag
"5a27bdb0-1101d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a098905bb-FRA
expires
Fri, 09 Oct 2020 00:42:13 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQ988L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 19 Aug 2020 20:46:40 GMT
server
Golfe2
age
2144
date
Mon, 14 Sep 2020 19:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18323
expires
Mon, 14 Sep 2020 21:15:40 GMT
loader.js
www.gstatic.com/wcm/ 		539 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5JQ988L
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:05:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 00:15:00 GMT
server
sffe
age
2760
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
expires
Mon, 14 Sep 2020 20:05:24 GMT
WebLogo100Blue.png
www.investigations.com/wp-content/uploads/2017/12/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/12/WebLogo100Blue.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9aeaad3af5e028d929a144e1d5b4c27401baf13b3d484f0376b5a0057c1066e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
14746
cf-request-id
052fc5208c000005bbd3078200000001
last-modified
Mon, 11 Mar 2019 14:21:06 GMT
server
cloudflare
etag
"5c866ed2-399a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a7a7b05bb-FRA
expires
Fri, 09 Oct 2020 13:20:06 GMT
Security-Services.png
www.investigations.com/wp-content/uploads/2017/12/ 		647 KB
648 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/12/Security-Services.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a979f43ec34d0fcb4f2841d1d3aea7245cb7c1c25761bdfa75f562156fb516
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
663031
cf-request-id
052fc5208c000005bbd3079200000001
last-modified
Tue, 19 Dec 2017 19:35:49 GMT
server
cloudflare
etag
"5a396a15-a1df7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a7a7d05bb-FRA
expires
Sat, 03 Oct 2020 19:11:07 GMT
divide.png
www.investigations.com/wp-content/uploads/2016/07/ 		159 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2016/07/divide.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16259a55e7baaa874a2fd1c64c26b8909f658f2bdc1c19ef48a7a234f0aa9ba6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
159
cf-request-id
052fc5208c000005bbd307a200000001
last-modified
Tue, 28 Nov 2017 08:23:21 GMT
server
cloudflare
etag
"5a1d1cf9-9f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a7a7f05bb-FRA
expires
Sat, 03 Oct 2020 19:11:07 GMT
Top-Secret-600x400.png
www.investigations.com/wp-content/uploads/2017/11/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/11/Top-Secret-600x400.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c1d5a8cf600f0a6d3a77a0720806673fe1aafa5438d15456d656c3431ef66d0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
362021
cf-request-id
052fc5208c000005bbd307b200000001
last-modified
Wed, 29 Nov 2017 07:55:02 GMT
server
cloudflare
etag
"5a1e67d6-58625"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a7a8005bb-FRA
expires
Fri, 25 Sep 2020 18:42:19 GMT
Security-600x400.png
www.investigations.com/wp-content/uploads/2017/11/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.investigations.com/wp-content/uploads/2017/11/Security-600x400.png
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72a8911401e5c37be1da4a2c0827b9adcd88da0d81a9e653141dae2cc7fb4fc3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
325
status
200
x-rocket-nginx-bypass
No
content-length
303174
cf-request-id
052fc5208c000005bbd307c200000001
last-modified
Wed, 29 Nov 2017 07:54:37 GMT
server
cloudflare
etag
"5a1e67bd-4a046"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
5d2ca47a7a8205bb-FRA
expires
Fri, 25 Sep 2020 18:42:19 GMT
anchor
www.google.com/recaptcha/api2/ Frame 9F7C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdUDbMUAAAAAMjn75FSLmAyZbYsqVrZ7WX9jGCJ&co=aHR0cHM6Ly93d3cuaW52ZXN0aWdhdGlvbnMuY29tOjQ0Mw..&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=mwf4bkfs2lu8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/iSHzt4kCrNgSxGUYDFqaZAL9/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6rFo1pbn07aF1n2eeOtWng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6LdUDbMUAAAAAMjn75FSLmAyZbYsqVrZ7WX9jGCJ&co=aHR0cHM6Ly93d3cuaW52ZXN0aWdhdGlvbnMuY29tOjQ0Mw..&hl=en&v=iSHzt4kCrNgSxGUYDFqaZAL9&size=invisible&cb=mwf4bkfs2lu8
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.investigations.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.investigations.com/

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 14 Sep 2020 19:51:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-6rFo1pbn07aF1n2eeOtWng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9927
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j85&a=788269820&t=pageview&_s=1&dl=https%3A%2F%2Fwww.investigations.com%2F&ul=en-us&de=UTF-8&dt=Private%20Investigator%20NYC%20-%20Beau%20Dietl%20Investigations%20%26%20Security&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1389342572&gjid=1567749442&cid=458874008.1600113085&tid=UA-11569398-1&_gid=1213633875.1600113085&_r=1&gtm=2wg9205JQ988L&z=2042293543
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 19:51:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://www.investigations.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_6.js
www.gstatic.com/call-tracking/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/call-tracking/call-tracking_6.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bca632084029daf4de9183dadba991fa7c10b9db19a20d763c25f122207faea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 12:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 00:15:00 GMT
server
sffe
age
25502
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20194
x-xss-protection
0
expires
Tue, 14 Sep 2021 12:46:22 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-11569398-1&cid=458874008.1600113085&jid=1389342572&gjid=1567749442&_gid=1213633875.1600113085&_u=YEBAAEAAAAAAAC~&z=32596765
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Sep 2020 19:51:24 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://www.investigations.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcm
www.google.ee/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1027026603/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD&ct_eid=2
  • https://www.google.ee/pagead/attribution/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD
80 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.ee/pagead/attribution/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 19:51:24 GMT
x-content-type-options
nosniff
server
cafe
status
302
location
https://www.google.ee/pagead/attribution/wcm?cc=ZZ&dn=8007779366&cl=WO--CMjF4pQBEKvd3OkD
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://www.investigations.com
access-control-allow-credentials
true
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
announcement.woff
www.investigations.com/wp-content/plugins/announcement-bar/css/fonts/ 		1 KB
1 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.investigations.com/wp-content/plugins/announcement-bar/css/fonts/announcement.woff
Requested by
Host: www.investigations.com
URL: https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_bc8065833b096d4c49607616984e09bd.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::681c:845 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603625644d066b3462ed269163c2bbf32a49f0b7b41b66f4ec1fc84fc172ce0b
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Origin
https://www.investigations.com
Referer
https://www.investigations.com/wp-content/cache/autoptimize/css/autoptimize_single_bc8065833b096d4c49607616984e09bd.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 19:51:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
324
status
200
x-rocket-nginx-bypass
No
cf-request-id
052fc521cf000005bbd30ab200000001
last-modified
Fri, 22 Feb 2019 02:50:52 GMT
server
cloudflare
etag
W/"5c6f638c-508"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15768000
content-type
application/font-woff
cache-control
max-age=2592000
cf-ray
5d2ca47c792d05bb-FRA
expires
Fri, 09 Oct 2020 15:52:31 GMT
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C700%7COswald%7CEB+Garamond%7CRoboto+Slab%7CKaushan+Script&subset=latin&ver=712a6a9f3ab41eb100127330a5ff7a00
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.investigations.com
Referer
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C700%7COswald%7CEB+Garamond%7CRoboto+Slab%7CKaushan+Script&subset=latin&ver=712a6a9f3ab41eb100127330a5ff7a00
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 11:04:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 19:30:37 GMT
server
sffe
age
31641
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9016
x-xss-protection
0
expires
Tue, 14 Sep 2021 11:04:03 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/42/4/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/42/4/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=712a6a9f3ab41eb100127330a5ff7a00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24f3ed689d03bf3b56c597f5f529ba17e876def6b3e7e39f204c070a505c64cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Sep 2020 05:14:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Sep 2020 19:06:25 GMT
server
sffe
age
139041
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29309
x-xss-protection
0
expires
Mon, 13 Sep 2021 05:14:08 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/42/4/ 		146 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/42/4/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=712a6a9f3ab41eb100127330a5ff7a00
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fbee096f09e3ac882c3b46b2ef15ad5cbfaa49522b6df7fb07eb52a6355cc98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Sep 2020 17:11:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 08 Sep 2020 19:06:25 GMT
server
sffe
age
441624
vary
Accept-Encoding, Origin
content-type
text/javascript
status
200
cache-control
public, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55083
x-xss-protection
0
expires
Thu, 09 Sep 2021 17:11:05 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		60 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.investigations.com%2F&5shttps%3A%2F%2Fwww.investigations.com%2F&callback=_xdc_._13uha&token=8350
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/42/4/common.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
af556464fb1b5913a1b486d4c367bcb32f221edb02f27f266cf7e68004f3e74d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.investigations.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 19:51:29 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=7
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

275 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes undefined| $ function| jQuery object| google object| module$contents$MapsEvent_MapsEvent object| module$contents$mapsapi$overlay$OverlayView_OverlayView string| ajaxurl function| setREVStartSize object| doc object| dataLayer function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| wpcf7 object| wpcf7_redirect_forms object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| spuvar object| spuvar_social undefined| fb_timeout object| fb_opts function| easy_fancybox_handler function| easy_fancybox_auto object| fusionVideoGeneralVars object| fusionLightboxVideoVars object| fusionLightboxVars object| avadaPortfolioVars object| fusionBgImageVars object| fusionAnimationsVars object| fusionEqualHeightVars object| fusionVideoBgVars object| fusionContainerVars object| fusionCountersBox object| fusionMapsVars object| fusionMenuVars object| fusionRecentPostsVars object| fusionTabVars object| fusionTestimonialVars object| fusionVideoVars object| fusionJSVars object| fusionCarouselVars object| fusionFlexSliderVars object| fusionBlogVars object| avadaHeaderVars object| avadaMenuVars object| fusionScrollToAnchorVars object| fusionTypographyVars object| avadaCommentVars object| avadaSidebarsVars object| avadaToTopVars object| avadaSelectVars object| avadaLiveSearchVars object| avadaFusionSliderVars object| gmb_data object| announcementBar object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| google_tag_manager function| wpcf7_redirect_mailsent_handler function| htmlspecialchars_decode object| fusionTimeout undefined| prevCallback function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| fusionYouTubeTimeout function| avadaLightBoxInitializeLightbox object| cssua function| getAdminbarHeight function| getWaypointOffset function| fusionSetMobileAnimationData function| fusionSetAnimationData function| fusionCalcColumnEqualHeights function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| vimeoReady function| fusionInitVimeoPlayers function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues function| fusionInitGallery function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMegamenuPosition function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition function| getScrollBarWidth object| fusion function| generateCarousel function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionInitTooltips function| checkHoverTouchState function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| getWaypointTopOffset function| resizeOverlaySearch function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| fusionGetScrollOffset function| calcSelectArrowDimensions function| fusionReSettStickySidebarStatus function| setStickySidebarStatus function| calcStickySidebarOffset function| avadaUpdateToTopPostion function| addAvadaSelectStyles function| removeAvadaSelectStyles function| wrapGravitySelects function| calcGravitySelectArrowPosition function| recursiveGFormSubmissionHandler function| avadaLiveSearch function| updateVideoTag function| avadaFusionSlider function| GMB_InfoBubble string| MAP_PIN string| SQUARE_PIN string| SHEILD string| ROUTE string| ROUNDED function| inherits function| Marker function| MarkerLabel object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID object| html5 object| Modernizr function| yepnope object| classie function| EventEmitter object| eventie function| imagesLoaded function| _abort function| _error function| _start function| _process_inline function| _process_image function| _show function| _format_title function| _process_title function| _set_navigation function| _finish function| _preload_next function| _preload_prev function| _preload_image function| _draw function| _get_viewport function| _get_zoom_to function| _get_obj_pos function| _get_zoom_from function| _animate_loading function| YTReady function| onYouTubePlayerAPIReady object| browserPrefixes object| avadaLightBox object| $ilInstances object| jQuery1124032742723197629986 function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Packery function| Color function| Chart function| Waypoint object| fusionEqualHeightsCids object| _fusionImageParallaxImages object| lottie object| bodymovin object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| lazySizesConfig object| lazySizes object| MapsBuilder function| google_maps_builder_load object| wp function| LazyLoad number| lastYPosition boolean| scrollDisabled string| fusionBaseFontSize object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy string| responsiveTypeElements object| google_tag_data string| GoogleAnalyticsObject function| ga function| _googWcmImpl string| _googWcmAk number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| SPU object| recaptcha object| closure_lm_69892 object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl boolean| fusionAccordianClick object| fusionVimeoPlayers object| currentPackeryElement number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| mobileMenuSepAdded string| ns3 number| dur2 number| perc string| waypointContextKey string| google_wcc_status object| _xdc_

6 Cookies

Domain/Path Name / Value
.investigations.com/ Name: _gat_UA-11569398-1
Value: 1
.investigations.com/ Name: _ga
Value: GA1.2.458874008.1600113085
www.investigations.com/ Name: PHPSESSID
Value: etr1b38peetffr5mq75sc75vpl
.investigations.com/ Name: _gid
Value: GA1.2.1213633875.1600113085
.investigations.com/ Name: _gcl_au
Value: 1.1.885246951.1600113085
.investigations.com/ Name: __cfduid
Value: d7c784baf608d3849c9909ed7f42a960f1600113083

1 Console Messages

Source Level URL
Text
console-api warning URL: https://maps.googleapis.com/maps-api-v3/api/js/42/4/util.js(Line 231)
Message:
Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
maps.googleapis.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.ee
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.investigations.com
172.217.16.130
2606:4700:3030::681c:845
2a00:1450:4001:801::2003
2a00:1450:4001:802::2003
2a00:1450:4001:808::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:816::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:81f::2004
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9c
0478350058bfa93f94f373c6cde4fe9a4d72edd799e555996a2f6bfa63724b39
052768161d31c4dd28dee8dc17a86fab58b71b2e93032b1f43e1724e9028a5ef
0bca632084029daf4de9183dadba991fa7c10b9db19a20d763c25f122207faea
10dc7f110a7b5b8cd0ae6ecf38ba0e5c5af300ab607e3b902917947f67195300
1159de4372736257a92245e932b09ddde59323c538787d1792daf450cfd072e2
14ef523d96071e40eeaca2598892b9e5843bb91c0c7f3fee48b872460f4454e0
16259a55e7baaa874a2fd1c64c26b8909f658f2bdc1c19ef48a7a234f0aa9ba6
17d07660fc96ef962d585c2b291bdab3818718b69c285c651dce2dc607f8aee9
1b3455841ffc46d55835fb18927c16b014651704a449e585a232fcffb67e8445
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
20ddc09bec5b4dd0c3f2cd36ca043449033ef331aa9fe97d3d0369d233923a40
24f3ed689d03bf3b56c597f5f529ba17e876def6b3e7e39f204c070a505c64cf
2a0bfd94d11fa4c4d3e4d2e831e3a73e3b44eb3b897d1e954e64a793d1bb43b6
2d3640f490078e3ce659231e2e701a6f8b9c2294d84533ba340d7613e8347fad
31c2c15435770ff162b185bbc6bead3a72af4af9da3a5801b0c5f5512eb44c5a
3202a307bb49ed6894e35d6d5682b1a15a079422f97c3d517c5913ffc284ca94
3842f3a5fe816816b6f790366b5bcfa223ab68c2cd9b43b9d237bcc4ddf937c1
3970a7b089784534cdd992f430b41b07ba84902d38a483c18451539e384ce41c
3d9397f343a31f52de98ba110aad381e85f751254740bb46f9bbadd5b0914090
49c5d1cc45f843165e973eb4fe3cff321416d937310efea6f6a9ed630c15381d
4e4dbe7d48e38eebd63f5eaaf447a779de4d93bb6ec7aba0ebe5d25fff6643a0
5257b48e4e1354b2fd9e93c0eeb3d8b10474ccba390b77c378025ca07df276ae
578b2a81d78b7a78f9d4584c6e21373daa7d297e12dcbfe16c7ac70460c87f72
5c1d5a8cf600f0a6d3a77a0720806673fe1aafa5438d15456d656c3431ef66d0
5c2b22bb91948df45d0f5a59b09a69320793d860feb3deec76c25407a24a9445
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
603625644d066b3462ed269163c2bbf32a49f0b7b41b66f4ec1fc84fc172ce0b
65fbedbda94f7e1fa1e3d79ee741fccebf890dd880f97f609c40ea8411dc95cf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71ded7a3a9f5ee30b19a0f42acffe2da0f39c56fe58cebf8c8483f9c18e137ba
72a8911401e5c37be1da4a2c0827b9adcd88da0d81a9e653141dae2cc7fb4fc3
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
7fbee096f09e3ac882c3b46b2ef15ad5cbfaa49522b6df7fb07eb52a6355cc98
854f7a7915f240546d3950dd2b067466da13c013d04a3f8c790880c58ec61151
8a6d5d5f0021083127fb31e965a1c81dc2fa1f3e7fd795add103b81eb4d0d1f2
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
98f0f140300f09634fdc9efa7dbe31ffcde706d47742ac141193eb5d1ec591bb
a03e9ac5a37418240650de1367f930c46099cb468a5631095f67aafab72d0202
a51879be378d0d8f3ff086ac95f65de8386a168ddb4de157028715ba0865020b
af556464fb1b5913a1b486d4c367bcb32f221edb02f27f266cf7e68004f3e74d
b39ac33bb4fa581de5df3b0b4ee6a0a57ac346aa32e415d560e5e2ba8c08d91f
b419ab1922a641e820da580fa508aad6ecde2aff7cc751805c3476a3760c9bfe
b89d0c0bd2198e615e772a5ec226fd2bfb717e5db4bb523e8483635f8807c4e1
c3a979f43ec34d0fcb4f2841d1d3aea7245cb7c1c25761bdfa75f562156fb516
c913c4d2316f220d9889130ac5df78102074bd676d582db4e4b6f720d6cfb52b
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db5548e8b688d720be784e0416dc46f7de937704794befb16db112e61e65ff58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e429f11ff6b9bc42448bc76afda4a87ca40324ba622ab1f92e89e85db4ddcb92
e6644bdbe0fd494de3b0b5c78447b08f9e5bc2df0c3075d8a390b2f78bb4e82e
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f8085e58c8150242a6320d54ff0e2d729b8e439a25463321cec85742a3ed2f6c
f977bbfe60485a85dd1622f29685463298de1e22044826895f1b631c1ac3de16
f9aeaad3af5e028d929a144e1d5b4c27401baf13b3d484f0376b5a0057c1066e
fad2d86ce311062f75f0267c18e3527b6e0d62a11a6656acb0b5a8b0fdca58ec