www.thebureauinvestigates.com Open in urlscan Pro
2606:4700:10::ac43:9c1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://thebureauinvestigates.com/
Effective URL:
https://www.thebureauinvestigates.com/
Submission: On April 30 via api (April 30th 2022, 6:28:30 am UTC) from GB — Scanned from GB

Summary HTTP 48 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 48 HTTP transactions. The main IP is 2606:4700:10::ac43:9c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thebureauinvestigates.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2021. Valid for: a year.

This is the only time www.thebureauinvestigates.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:4f56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:10:... 2606:4700:10::ac43:9c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2600:9000:224... 2600:9000:224a:e200:1d:2792:2640:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.64.103.122 18.64.103.122	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
48	7

1 2606:4700:10::6816:4f56 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

thebureauinvestigates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:10::ac43:9c1 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thebureauinvestigates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets2.thebureauinvestigates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:224a:e200:1d:2792:2640:21 (United States)

ASN16509 (AMAZON-02, US)

d3cocnzdt9u6c9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

a.opmnstr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.103.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-103-122.txl50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	thebureauinvestigates.com 1 redirects thebureauinvestigates.com www.thebureauinvestigates.com assets2.thebureauinvestigates.com	404 KB
12	cloudfront.net d3cocnzdt9u6c9.cloudfront.net	486 KB
3	omappapi.com a.omappapi.com — Cisco Umbrella Rank: 4478 api.omappapi.com — Cisco Umbrella Rank: 4545	13 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 131	27 KB
1	opmnstr.com a.opmnstr.com — Cisco Umbrella Rank: 16335	54 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	38 KB
48	7

	Domain	Requested by
21	www.thebureauinvestigates.com	www.thebureauinvestigates.com
12	d3cocnzdt9u6c9.cloudfront.net	www.thebureauinvestigates.com
8	assets2.thebureauinvestigates.com	www.thebureauinvestigates.com
2	a.omappapi.com	a.opmnstr.com
1	www.google-analytics.com	a.opmnstr.com
1	api.omappapi.com	a.opmnstr.com
1	connect.facebook.net	www.thebureauinvestigates.com
1	a.opmnstr.com	www.thebureauinvestigates.com
1	www.googletagmanager.com	www.thebureauinvestigates.com
1	thebureauinvestigates.com	1 redirects
48	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
a.opmnstr.com R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
a.omappapi.com R3	`2022-04-03` - `2022-07-02`	3 months	crt.sh
api.opmnstr.com Amazon	`2022-02-09` - `2023-03-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.thebureauinvestigates.com/
Frame ID: 44540C3B2834505A6847D9A06B8B0E01
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Bureau of Investigative Journalism (en-GB)

Page URL History Show full URLs

http://thebureauinvestigates.com/ HTTP 301
https://www.thebureauinvestigates.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

48
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

1040 kB
Transfer

1624 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/thebureauinvestigates
Title: The Bureau on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TBIJ
Title: The Bureau on Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://thebureauinvestigates.com/ HTTP 301
https://www.thebureauinvestigates.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

48 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thebureauinvestigates.com/
Redirect Chain

http://thebureauinvestigates.com/
https://www.thebureauinvestigates.com/

79 KB
11 KB

100ms
36ms

Document
text/html

2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Craft CMS

Resource Hash

3c4e22719df27f1b7026caf4c3e5a88b52017abac61204e4cd0c86a3728925e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1689
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 703e3794dd5373f3-LHR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 06:28:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sat, 30 Apr 2022 05:54:56 GMT
permissions-policy: interest-cohort=()
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Craft CMS
x-robots-tag: all

Redirect headers

CF-RAY: 703e37943d5488a7-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 30 Apr 2022 06:28:24 GMT
Expires: Sat, 30 Apr 2022 07:28:24 GMT
Location: https://www.thebureauinvestigates.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 main.1631957150.css
www.thebureauinvestigates.com/assets/css/ 125 KB
20 KB 33ms
32ms Stylesheet
text/css 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180f2195bdae3f048def74498667ae08206a1f7d08a3d2085cf019b463ed1804

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1788
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Sat, 18 Sep 2021 09:25:50 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qzmi722qj2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: max-age=14400
cf-ray: 703e37953d9073f3-LHR

GET
H2 200 cookieCutter.min.1617798521.js Show response
www.thebureauinvestigates.com/assets/js/ 15 KB
6 KB 34ms
34ms Script
application/javascript 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/js/cookieCutter.min.1617798521.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ef3392ac9ca52c6155d0b174afc69e3b26638715d3d76be1a7b9cc7bba3af14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1788
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btbtn"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 703e37953d9173f3-LHR

GET
H2 200 app.1629228031.js Show response
www.thebureauinvestigates.com/assets/js/dist/ 101 KB
36 KB 34ms
34ms Script
application/javascript 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/js/dist/app.1629228031.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f38ba920d1fc6f4f4a111b0dbfdb1919e14f5bf78c76fccf035c19da36ad3d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1788
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Tue, 17 Aug 2021 19:20:31 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qy00e727ml"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 703e37953d9273f3-LHR

GET
H3 200 tbij-logo.svg
www.thebureauinvestigates.com/assets/img/ 5 KB
2 KB 47ms
46ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/tbij-logo.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b6f595b46870d56769cd55c72f847ffdbac2d3789ca9de357ac01c55eb33deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1762
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt3v7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 703e37957c447726-LHR

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1pVTUEtUHJlc3MtSW5jLkFsYW15LUxpdmUtTmV3cy1tZW50aG9sLXByb3Rlc3QuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb...
d3cocnzdt9u6c9.cloudfront.net/ 308 KB
309 KB 131ms
50ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1pVTUEtUHJlc3MtSW5jLkFsYW15LUxpdmUtTmV3cy1tZW50aG9sLXByb3Rlc3QuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjoxNjAwLCJmaXQiOiJpbnNpZGUifSwic2hhcnBlbiI6dHJ1ZX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 28d854a85b41963698f7c5a84cee3b9a9ccf7c219479294b7c5e0ba72fecd1cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 12:25:26 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 410578
x-amzn-requestid: 285d37a5-0e33-48b8-a744-a27e9450fd57
x-cache: Hit from cloudfront
x-amz-apigw-id: RIvwdGeJoAMFwWQ=
content-length: 315868
last-modified: Tue, 05 Apr 2022 15:11:37 GMT
x-amzn-trace-id: Root=1-62669335-0f4ef9230efd61f23860902c;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: JOAN-LfARrJwSv5EVBu0CX7P9lj983-jiPD9lQsYrzicRKhbHr6tIQ==

GET
H3 200 tbij-logo-homepage.svg
www.thebureauinvestigates.com/assets/img/ 5 KB
2 KB 42ms
39ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/tbij-logo-homepage.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98f87b001a6dc885808330711a29636cd38f65ac99167f12ab807a0d3a5e32bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1285
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1856
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt434"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 703e37959c727726-LHR

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3NhbTIucG5nIiwiZWRpdHMiOnsicG5nIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlfSwicmVzaXplIjp7IndpZHRoIjozMDUsImhla...
d3cocnzdt9u6c9.cloudfront.net/ 9 KB
10 KB 293ms
212ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL3NhbTIucG5nIiwiZWRpdHMiOnsicG5nIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlfSwicmVzaXplIjp7IndpZHRoIjozMDUsImhlaWdodCI6MTgzLCJmaXQiOiJjb3ZlciIsInBvc2l0aW9uIjoicmlnaHQgdG9wIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8cadc5822cfed385a072baa600efd92455490c9c4a2883a6e3aa628c8265a877

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 16:33:20 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 222904
x-amzn-requestid: a1c8c571-92de-4ad6-b1ee-452bfc067866
x-cache: Hit from cloudfront
x-amz-apigw-id: RP58gGQloAMFuhQ=
content-length: 9624
last-modified: Thu, 21 Apr 2022 11:07:57 GMT
x-amzn-trace-id: Root=1-6269704f-58458e914b6134eb39c19a78;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: H8C79iu3t-FXcWg9a2opgmNXQZm-xScgGXmmKVpDpRpVs0uMfUAVLg==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9JVFYtbmV3cy5qcGVnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZ...
d3cocnzdt9u6c9.cloudfront.net/ 8 KB
8 KB 210ms
129ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9JVFYtbmV3cy5qcGVnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjozNDAsImhlaWdodCI6ODAsImZpdCI6Imluc2lkZSJ9fX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e6d0e160a27f680d744663e19e2426ca708729616d7814034e87739705f5470a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:12:58 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 137726
x-amzn-requestid: 8de18dd5-a6c8-4143-9391-9fbf8969bbd1
x-cache: Hit from cloudfront
x-amz-apigw-id: RTJ5oFhOIAMFSDQ=
content-length: 8072
last-modified: Thu, 21 Apr 2022 15:01:28 GMT
x-amzn-trace-id: Root=1-626abd0a-1569d899481ef0022afb0bfd;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: uX0P_4une_rsHieMJQi8M9uhNHA1O30XWqmmbijJR4zRzBNv3ATtJg==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1N0b2xsZS1SdXNzaWEtYnJpZ2h0LnBuZyIsImVkaXRzIjp7InBuZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZX0sInJlc2l6ZSI6e...
d3cocnzdt9u6c9.cloudfront.net/ 5 KB
6 KB 212ms
131ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1N0b2xsZS1SdXNzaWEtYnJpZ2h0LnBuZyIsImVkaXRzIjp7InBuZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZX0sInJlc2l6ZSI6eyJ3aWR0aCI6MzA1LCJoZWlnaHQiOjE4MywiZml0IjoiY292ZXIiLCJwb3NpdGlvbiI6InJpZ2h0In19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dacf6722704a56974cad59936f5770fdd89416a0eff44eea1e8bb6598aee0f6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 10:01:19 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 332825
x-amzn-requestid: 0da1d4a4-3d1b-49e3-b34f-91015f0d38a5
x-cache: Hit from cloudfront
x-amz-apigw-id: RLtlOEHFIAMFd6A=
content-length: 5292
last-modified: Wed, 30 Mar 2022 13:49:20 GMT
x-amzn-trace-id: Root=1-6267c2ee-07cf2d8b2cd78dcd7b60283f;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 9eltxP9OsEJZwjA5icL0WmPpwcl73Ta6LshudjKSz46bp8hb7V_aGQ==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9EYWlseS1NYWlsLnBuZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc...
d3cocnzdt9u6c9.cloudfront.net/ 8 KB
8 KB 290ms
209ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9EYWlseS1NYWlsLnBuZyIsImVkaXRzIjp7ImpwZWciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2UsInRyZWxsaXNRdWFudGlzYXRpb24iOnRydWUsIm92ZXJzaG9vdERlcmluZ2luZyI6dHJ1ZSwib3B0aW1pemVTY2FucyI6dHJ1ZX0sInJlc2l6ZSI6eyJ3aWR0aCI6MzQwLCJoZWlnaHQiOjgwLCJmaXQiOiJpbnNpZGUifSwic2hhcnBlbiI6dHJ1ZX19
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 219df14b751bfe92160bc77bbf37c825cd4ea34ba6921dddbbaea287a781d725

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 16:53:12 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 135312
x-amzn-requestid: 7ca4670e-db8c-4551-9cfb-f0cc2b0ad895
x-cache: Hit from cloudfront
x-amz-apigw-id: RTPy3E99IAMFuAg=
content-length: 8072
last-modified: Mon, 01 Nov 2021 17:19:39 GMT
x-amzn-trace-id: Root=1-626ac678-16036d5c26b3290e3baa2331;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: WOzhEG6C6d1aRuyY3kwBjyRZd6GCxJ7-c3rLEqkt9TOoJlUy5O-Enw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1lhbmRleC1saXN0aW5nLU5hc2RhcS1NaWtlLVNlZ2FyUmV1dGVycy5qcGciLCJlZGl0cyI6eyJwbmciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2Z...
d3cocnzdt9u6c9.cloudfront.net/ 14 KB
14 KB 214ms
133ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1lhbmRleC1saXN0aW5nLU5hc2RhcS1NaWtlLVNlZ2FyUmV1dGVycy5qcGciLCJlZGl0cyI6eyJwbmciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2V9LCJyZXNpemUiOnsid2lkdGgiOjMwNSwiaGVpZ2h0IjoxODMsImZpdCI6ImNvdmVyIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b5a798acf9a22214098b39aec1b433c6a392774dbb0029b0e8e2179d09f89474

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 26 Apr 2022 11:03:43 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 329081
x-amzn-requestid: 9371c795-3341-41ba-a11c-646660694c87
x-cache: Hit from cloudfront
x-amz-apigw-id: RL2uZG9bIAMFVcQ=
content-length: 14066
last-modified: Mon, 28 Mar 2022 13:35:48 GMT
x-amzn-trace-id: Root=1-6267d18f-2ad45fb5177bd411617f9bc4;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Ws266e-qcVyy_uxpuxWn_jVlCg2HaUzr73QuJtlrPd7z84p2z-TQAw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9idXJlYXUtZ3VhcmRpYW4ucG5nIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlI...
d3cocnzdt9u6c9.cloudfront.net/ 3 KB
4 KB 182ms
180ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy9idXJlYXUtZ3VhcmRpYW4ucG5nIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjozNDAsImhlaWdodCI6ODAsImZpdCI6Imluc2lkZSJ9fX0=
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0a7d6c10d95b176cfa38ec2d1f57c28f5e8efe5cddb7238a3f1fca058d7d5e44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 16:47:18 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 481266
x-amzn-requestid: fada3036-cc23-40b4-8405-1e8318de5663
x-cache: Hit from cloudfront
x-amz-apigw-id: RGDLcEYnoAMF05g=
content-length: 3128
last-modified: Thu, 04 Mar 2021 12:44:22 GMT
x-amzn-trace-id: Root=1-62657f15-6dc8f5e5789090b9020f32c4;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: _gWSStG0Cv31L7g4k8J8weAJ9Cp-1Ui-uV3ZUN8KA_NJiOyxPRWWhw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0NoYWNlLWxlYWQtaW1hZ2UtYnJpZ2h0ZW5lZC5wbmciLCJlZGl0cyI6eyJwbmciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2V9LCJyZ...
d3cocnzdt9u6c9.cloudfront.net/ 9 KB
10 KB 185ms
183ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0NoYWNlLWxlYWQtaW1hZ2UtYnJpZ2h0ZW5lZC5wbmciLCJlZGl0cyI6eyJwbmciOnsicXVhbGl0eSI6MTAwLCJwcm9ncmVzc2l2ZSI6ZmFsc2V9LCJyZXNpemUiOnsid2lkdGgiOjMwNSwiaGVpZ2h0IjoxODMsImZpdCI6ImNvdmVyIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f9b04741dcbd3d53da33109704ed6a79635b955906ecfa04ddc0c57551c929f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 15:43:03 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 225921
x-amzn-requestid: 3e9f606c-cc1f-462d-be6d-d8f6d4b25d26
x-cache: Hit from cloudfront
x-amz-apigw-id: RPylCHNYIAMFrxw=
content-length: 9416
last-modified: Thu, 03 Mar 2022 06:23:18 GMT
x-amzn-trace-id: Root=1-62696486-5e655c1a0d2cc3ca56ebe527;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: _BmuraD5QOAHi90JWRPDYcdL4cpQoKH2FljvKI88NFh48NrU2gx6Nw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy92aWNlLmpwZWciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0c...
d3cocnzdt9u6c9.cloudfront.net/ 2 KB
2 KB 185ms
184ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL2FydGljbGUtcGFydG5lci1sb2dvcy92aWNlLmpwZWciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhbnRpc2F0aW9uIjp0cnVlLCJvdmVyc2hvb3REZXJpbmdpbmciOnRydWUsIm9wdGltaXplU2NhbnMiOnRydWV9LCJyZXNpemUiOnsid2lkdGgiOjM0MCwiaGVpZ2h0Ijo4MCwiZml0IjoiaW5zaWRlIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2ec99b4bac4fdfa002a058e061ff959f049e2b40ae5f76bdd6792dfdf13dad61

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 09:31:57 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 593787
x-amzn-requestid: 1cfe61c1-ad4f-439f-8750-b35a358f4ee4
x-cache: Hit from cloudfront
x-amz-apigw-id: RBweLGfBIAMFtdg=
content-length: 1992
last-modified: Thu, 24 Feb 2022 13:06:51 GMT
x-amzn-trace-id: Root=1-6263c78d-53d97aa6278cb59857d5c732;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: GvFJhRQEqUmg6fu9irggIYbZI7Ze2w-7yzJT2PK6BN5tY_gbEKXOvw==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1RCSUotb2ZmaWNlLXNob3QtMS5qcGciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhb...
d3cocnzdt9u6c9.cloudfront.net/ 42 KB
42 KB 190ms
188ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL1RCSUotb2ZmaWNlLXNob3QtMS5qcGciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhbnRpc2F0aW9uIjp0cnVlLCJvdmVyc2hvb3REZXJpbmdpbmciOnRydWUsIm9wdGltaXplU2NhbnMiOnRydWV9LCJyZXNpemUiOnsid2lkdGgiOjYxMCwiaGVpZ2h0IjozNjYsImZpdCI6ImNvdmVyIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ff3aa06ffe760b1073dcb969a3a7a3b7b4644d1d8803977a0aea116d5acb95b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 22:54:04 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 113660
x-amzn-requestid: f811da87-d3a8-4796-8aa5-124d027ffcb4
x-cache: Hit from cloudfront
x-amz-apigw-id: RUEp5FWwoAMFzVg=
content-length: 42886
last-modified: Tue, 16 Feb 2021 17:28:22 GMT
x-amzn-trace-id: Root=1-626b1b0b-1668abc46324a6ee1cdca53d;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800, must-revalidate
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: cQ-EiOuI3ybZEOMFCQIg0_6J5sHZ_D0qEHU8qG5PS0HyUMvaHgO6Hg==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0hheUZlc3RpdmFsLTE4OTMuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50a...
d3cocnzdt9u6c9.cloudfront.net/ 21 KB
22 KB 209ms
208ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0hheUZlc3RpdmFsLTE4OTMuanBnIiwiZWRpdHMiOnsianBlZyI6eyJxdWFsaXR5IjoxMDAsInByb2dyZXNzaXZlIjpmYWxzZSwidHJlbGxpc1F1YW50aXNhdGlvbiI6dHJ1ZSwib3ZlcnNob290RGVyaW5naW5nIjp0cnVlLCJvcHRpbWl6ZVNjYW5zIjp0cnVlfSwicmVzaXplIjp7IndpZHRoIjo2MTAsImhlaWdodCI6MzY2LCJmaXQiOiJjb3ZlciIsInBvc2l0aW9uIjoidG9wIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 33143338c32790d7313f730349609f91316fda3d4a983dc7e7ae19cfd86f13fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 28 Apr 2022 11:47:57 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 153627
x-amzn-requestid: 179e3914-7544-44db-b7ee-fb42c54a8d02
x-cache: Hit from cloudfront
x-amz-apigw-id: RSjFEFtBIAMF1yg=
content-length: 21888
last-modified: Wed, 06 Apr 2022 15:59:49 GMT
x-amzn-trace-id: Root=1-626a7eed-3511b43506548cb72c41b84a;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 5bTSQ9xKqiC-LMVvfFncWHbye4nYUBNskzVMVnrwLnzi2sfgPw2RRA==

GET
H2 200 eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0EtZGlydC1yb2FkLWFuZC1zb3lhLWZpZWxkcy1jdXQtdGhyb3VnaC10aGUtcmFpbmZvcmVzdC1pbi1NYXRvLUdyb3Nzby5wbmciLCJlZGl0cyI6eyJqc...
d3cocnzdt9u6c9.cloudfront.net/ 49 KB
49 KB 215ms
214ms Image
image/webp 2600:9000:224a:e200:1d:2792:2640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3cocnzdt9u6c9.cloudfront.net/eyJidWNrZXQiOiJhc3NldHMyLnRoZWJ1cmVhdWludmVzdGlnYXRlcy5jb20iLCJrZXkiOiJ1cGxvYWRzL0EtZGlydC1yb2FkLWFuZC1zb3lhLWZpZWxkcy1jdXQtdGhyb3VnaC10aGUtcmFpbmZvcmVzdC1pbi1NYXRvLUdyb3Nzby5wbmciLCJlZGl0cyI6eyJqcGVnIjp7InF1YWxpdHkiOjEwMCwicHJvZ3Jlc3NpdmUiOmZhbHNlLCJ0cmVsbGlzUXVhbnRpc2F0aW9uIjp0cnVlLCJvdmVyc2hvb3REZXJpbmdpbmciOnRydWUsIm9wdGltaXplU2NhbnMiOnRydWV9LCJyZXNpemUiOnsid2lkdGgiOjYxMCwiaGVpZ2h0IjozNjYsImZpdCI6ImNvdmVyIn19fQ==
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:e200:1d:2792:2640:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: faa0e012ddf7916b4d1f853f8bc2c390997d742cab7c90883d699fd1ec742eb1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 11:35:15 GMT
via: 1.1 6fadd80db8a3a154b0b68f055a91920c.cloudfront.net (CloudFront)
age: 240789
x-amzn-requestid: 9a97cd92-fce8-460c-b00c-e73fb84c28de
x-cache: Hit from cloudfront
x-amz-apigw-id: RPOR3EkUIAMFntA=
content-length: 49948
last-modified: Fri, 11 Feb 2022 12:32:22 GMT
x-amzn-trace-id: Root=1-62692a72-7c0fe79d0b589a04519177dd;Sampled=0
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: https://thebureauinvestigates.com
cache-control: max-age=604800
access-control-allow-credentials: true
x-amz-cf-pop: DUS51-P1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: OpaKth0OfEMRDPXV6QhA4MsNvaxdmR58NM34PB8SdLVfTvwQX15p6g==

GET
H2 200 icon-topic-amr.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 1 KB
713 B 207ms
35ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-amr.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441f1443d286027c5db7bb36b0d780f2e8d2bb5ef96caeba07718e1d32d2f163

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:21 GMT
server: cloudflare
age: 325190
etag: W/"a797b7d14d4583e9ced06af322c102e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aea873f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDE6YSW65A6V1898
x-amz-id-2: wejrut95FQLt6kGmAvF79pkbOUu9uNaCP4ZhYdPmV9+Kr897DyCGSpHH5cC74YokI3Dy9jZ7YrY=

GET
H2 200 globalhealth-white.svg
assets2.thebureauinvestigates.com/uploads/ 3 KB
1 KB 210ms
37ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/globalhealth-white.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcb92f97612e42a7e6bcf348fb8b74a6bd6dc5ad99a7ec0e7a426570add899f1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 16 Apr 2020 14:02:14 GMT
server: cloudflare
age: 289286
etag: W/"33bc5fbc74329444ac5215bfe0726a30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aeb273f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDE1HTGEDZZ4QYKD
x-amz-id-2: o5ulferbKzujYIUmv8Puyex1GGVLFTMLY5EhBf3dJ8N9noZNoYxbVR0/TK3460YyyVGMTjfvhK4=

GET
H2 200 smokescreen-white.svg
assets2.thebureauinvestigates.com/uploads/ 2 KB
991 B 209ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/smokescreen-white.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d1347124810658c6b7975db805a324df476bca1ec374b96e782b38290972d96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 13 Apr 2021 11:31:32 GMT
server: cloudflare
age: 314731
etag: W/"58e488afb68c3c74c0acfda8482c10b7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aeb073f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 5J67NKSXX7GMFPY9
x-amz-id-2: qLe9mPSL01uZ0hOh/2QH4iiEoDTjr9JxdRfbzD8q1JHcpELa+Z/dvrSbmNFodxFmThE8QuzkIC8=

GET
H3 200 footer-logo.svg
www.thebureauinvestigates.com/assets/img/ 11 KB
4 KB 40ms
38ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/footer-logo.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a430d07aaf86f36cfd042ccdcd43afc9b8bc116362801125a04efee9110491f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt8eg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 703e37959c737726-LHR

GET
H2 200 icon-topic-corporations.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 4 KB
1019 B 206ms
34ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-corporations.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cdf00fa550a08c8b3ef33c9f7e29260a994baa9eeb90b6fbc20f1fa65a585d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:31 GMT
server: cloudflare
age: 328305
etag: W/"c7d730b2dae411e24b567be193109b99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aea973f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDE6J9SC58804WE3
x-amz-id-2: ubnwC6cq0QQF5DR6YT3Tsueg9GcuRRvNmdEIaIrgIcVnlfjhzus/dXSDwm4Ng2gGAjvrjFyYWk8=

GET
H2 200 icon-topic-justice.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 1 KB
714 B 175ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-justice.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c414fd6d170a08f6efd71afa0d5341259ea7168567b6aa09ae24dc7a2b71c08b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:01:03 GMT
server: cloudflare
age: 325190
etag: W/"14c51416cace762609f8c455d248ac4c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aea673f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDE7AHKN9BR1QBPN
x-amz-id-2: ubkB3ooR7x2BwfY8Avsjr2b5q06PySijbgGO1eCMWe0rwWQV/Av+2U9Tyau5/l98vrHgnKK/0W8=

GET
H2 200 icon-topic-human-rights.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 2 KB
862 B 163ms
37ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-human-rights.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cdbde6f2e7d6f364c7c1575e15683d007b30d58c0222b36d2405c20d260418f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:53 GMT
server: cloudflare
age: 328305
etag: W/"af593c600e47c6a1c3210ee2c76ee377"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aeae73f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: EDE2M8EX6CMKVYZZ
x-amz-id-2: m+kYDI5P5iXSwwktqKQMTTKjkmfq8f9NU0tw5T1vojoOEjWCPsMtXDTkE9oCSFqnUFk004jRTYA=

GET
H2 200 icon-topic-spin.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 981 B
651 B 170ms
43ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-spin.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 644d1ebc7fd6f2981023fc129d862e929b5668d2bc5031214728330fb7b00189

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:01:14 GMT
server: cloudflare
age: 328305
etag: W/"fb370de1b73a564123bb4524d91a01e3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aead73f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PAD260R96A38X9X6
x-amz-id-2: P3eGD4/k1o8msIY+HFhDg0/CDV+S7kj8Z4iGOKvt3UOM9hXWh+CvYd+lPt6dbS1ZXxKnsl/+Sb4=

GET
H2 200 icon-topic-government.svg
assets2.thebureauinvestigates.com/uploads/projects/icons/ 3 KB
963 B 160ms
34ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets2.thebureauinvestigates.com/uploads/projects/icons/icon-topic-government.svg
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e86e2a103f822069377f118acc7a633477ad4eef6d8f0aa1b6cbc43935dc6a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 15 Aug 2017 09:00:42 GMT
server: cloudflare
age: 329646
etag: W/"376b5815b0368ebd61161577bc447568"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800, must-revalidate
cf-ray: 703e3796aeaa73f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 8EPET9K45RE8D0VS
x-amz-id-2: Nc/uBDaj1PcfyYqnZLVC3N+T5sEXorZuNNMXzUdo7ztvBdSrOP14PLXFKmo3YlKRu8ROyScnya4=

GET
H3 200 members-icon-white.svg
www.thebureauinvestigates.com/assets/img/ 1 KB
817 B 38ms
36ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/members-icon-white.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a22ae34993b865a48ae93f4c17205f5a92c2bd48c90bc5eba767989b5008634

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 481
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btw0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 703e37959c747726-LHR

GET
H3 200 email-decode.min.js Show response
www.thebureauinvestigates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
937 B 26ms
26ms Script
application/javascript 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 29 Apr 2022 13:06:56 GMT
server: cloudflare
etag: W/"626be2f0-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 703e37957c3a7726-LHR
vary: Accept-Encoding
expires: Mon, 02 May 2022 06:28:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 122ms
46ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16037974-1

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58ed6ced50061522cd7b6f575233add95869e8a530a33614fd882411efb84067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38797
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 30 Apr 2022 06:28:24 GMT

GET
H2 200 api.min.js Show response
a.opmnstr.com/app/js/ 193 KB
54 KB 111ms
31ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.opmnstr.com/app/js/api.min.js
Requested by: Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: br
cdn-edgestorageid: 549
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 04/12/2022 15:55:52
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 15:54:22 GMT
cdn-proxyver: 1.02
cdn-fileserver: 305
etag: W/"6255a0ae-3027e"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 4e9769874bac985e3c86804bdf4afd77
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 106ms
35ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: QqXypQFDK7gJ6r3sqhEt7JakoS0HwOHhOq6HYJ1vQLfZDtrGKv+c2nL/0w/HVJbRovpurFdSZpdZHoO0+FpUEw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Sat, 30 Apr 2022 06:28:24 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 search-icon-grey.svg
www.thebureauinvestigates.com/assets/img/ 680 B
744 B 39ms
37ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/search-icon-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190922ae32efbd9ed02bb0164a93a1c6357cfc4e7246f1c6bb0a2b609f5fd6b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 129
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 408
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btiw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 703e37959c757726-LHR

GET
H3 200 facebook-icon-dark-grey.svg
www.thebureauinvestigates.com/assets/img/ 483 B
675 B 53ms
51ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/facebook-icon-dark-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f550fbdcc42afd808164719a4d095796a02301d2a178e546fa40d6accf181d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cf-ray: 703e37959c767726-LHR
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"qr71btdf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
x-robots-tag: all

GET
H3 200 twitter-icon-dark-grey.svg
www.thebureauinvestigates.com/assets/img/ 959 B
867 B 53ms
51ms Image
image/svg+xml 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/twitter-icon-dark-grey.svg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71560977ee94f83dadd0d9d979afddbb37071b68ae2463ab663ea8fe1ec880cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 535
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btqn"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 703e37959c777726-LHR

GET
H3 200 TiemposHeadlineWeb-Bold.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposHeadline/ 36 KB
37 KB 38ms
37ms Font
font/woff2 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposHeadline/TiemposHeadlineWeb-Bold.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05b1d94b5d498f9951ebdb170a9295c18b0e6bdb1d89a85c3f0ef6ab5fc2abdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 250
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btsp8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 703e37959c787726-LHR

GET
H3 200 TiemposTextWeb-Regular.woff2
www.thebureauinvestigates.com/assets/fonts/TiemposText/ 55 KB
55 KB 83ms
82ms Font
font/woff2 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/TiemposText/TiemposTextWeb-Regular.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f1e8b88778413dc103a0b2f23f9df5f206135c1819e563b278e114835a4435

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt17k8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 703e37959c797726-LHR

GET
H3 200 GT-America-Standard-Regular.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 49 KB
50 KB 108ms
107ms Font
font/woff 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Regular.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt12xo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 703e37959c7a7726-LHR

GET
H3 200 GT-America-Standard-Bold.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 53 KB
53 KB 128ms
127ms Font
font/woff 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Bold.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0086bc27856d9d109bc1ef98621e3b1025dc950546b46b84e66da0105e7f8e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 251
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt15po"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 703e37959c7b7726-LHR

GET
H3 200 promo-box-bg-support.jpg
www.thebureauinvestigates.com/assets/img/ 4 KB
4 KB 119ms
118ms Image
image/jpeg 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/promo-box-bg-support.jpg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c66f448a8c5857caf3aec7563811bc9090d1c8a72751e4c42ad6410196daaa98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1285
cf-polished: origSize=4998, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt3uu"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 703e3795ac8f7726-LHR
cf-bgj: imgq:100,h2pri

GET
H3 200 promo-box-bg-have-a-story.jpg
www.thebureauinvestigates.com/assets/img/ 5 KB
6 KB 35ms
35ms Image
image/jpeg 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thebureauinvestigates.com/assets/img/promo-box-bg-have-a-story.jpg

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5bfce704939a36d4ed1f28050a5a90d61f7ea63d115402683c3d15b7c86c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1285
cf-polished: origSize=6363, status=webp_bigger
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt4wr"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=14400
cf-ray: 703e3795ac907726-LHR
cf-bgj: imgq:100,h2pri

GET
H3 200 GT-America-Standard-Black.woff
www.thebureauinvestigates.com/assets/fonts/GT-America/ 52 KB
52 KB 37ms
37ms Font
font/woff 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America/GT-America-Standard-Black.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e47bbab99a448b2f6d405a77ed6436829d0b807001d9baad4110c4e55be3b29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 250
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71bt14zo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 703e3795bc9c7726-LHR

GET
H3 200 GT-America-Mono-Light.woff
www.thebureauinvestigates.com/assets/fonts/GT-America-Mono/ 40 KB
40 KB 129ms
128ms Font
font/woff 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/GT-America-Mono/GT-America-Mono-Light.woff

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9210265615064ba604ade4c307414039fe391a20986c4811f1c61670791c5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 250
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btvbo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
cache-control: max-age=14400
cf-ray: 703e3795bc9e7726-LHR

GET
H3 200 BebasNeue-Bold.woff2
www.thebureauinvestigates.com/assets/fonts/BebasNeue/ 15 KB
15 KB 131ms
130ms Font
font/woff2 2606:4700:10::ac43:9c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thebureauinvestigates.com/assets/fonts/BebasNeue/BebasNeue-Bold.woff2

Requested by

Host: www.thebureauinvestigates.com
URL: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:9c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97093c025bf247dbcbb0334533712b67fa36132e77680557a2e8578e8d53dbdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thebureauinvestigates.com/assets/css/main.1631957150.css
Origin: https://www.thebureauinvestigates.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 250
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
x-robots-tag: all
last-modified: Wed, 07 Apr 2021 12:28:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "qr71btbpw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=14400
cf-ray: 703e3795bc9f7726-LHR

GET
H2 200 api.min.css
a.omappapi.com/app/js/ 18 KB
3 KB 101ms
27ms Stylesheet
text/css 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.css
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:24 GMT
content-encoding: br
cdn-edgestorageid: 459
perma-cache: HIT
cdn-storageserver: DE-165
cdn-cachedat: 04/12/2022 15:55:52
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Tue, 12 Apr 2022 15:54:22 GMT
cdn-proxyver: 1.02
cdn-fileserver: 340
etag: W/"6255a0ae-464c"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: c2a33373b3bad18002d4bbf388429ad7
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 72240 Show response
api.omappapi.com/v2/embed/ 3 KB
2 KB 281ms
151ms XHR
application/json 18.64.103.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/72240?d=thebureauinvestigates.com
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.103.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-64-103-122.txl50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: f04d6e95e36a7e023546279684ecc2e4e8d2908a727d26ab936308ab27d0ef6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:25 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: TXL50-P3
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 81197
x-user-agent: standard--
last-modified: Thu, 11 Feb 2021 12:19:15 GMT
server: Pagely Gateway/1.5.1
etag: W/"f5a583a29f9b1c25089f3606165ae252"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 b66d2d4cfb46d641d455e6640c25f566.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: zDnsyzJuSVevm2VmNyPLX6GgvCb0NPyom7ongU_-BEyifSq8EM0FVw==
expires: Sat, 30 Apr 2022 06:26:45 GMT

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
8 KB 26ms
26ms Script
application/javascript 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-46-53.cdn77.com
Software: BunnyCDN-AMS1-879 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 06:28:25 GMT
content-encoding: br
cdn-edgestorageid: 879
perma-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 04/20/2022 21:49:27
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-request-id: PP7PYZ227VKG9DH6
x-amz-id-2: i0JY8RDb7YCRJ5JIsg3bUgIzXQPja4q+iQh5SWuNiTGzFHtTiaXYQsseWKIcwTQkSGCK9qMqJG4=
server: BunnyCDN-AMS1-879
access-control-allow-origin: *
last-modified: Wed, 12 Jan 2022 20:51:15 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
etag: W/"593e60ad549e46f8ca9a60755336c7df"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cache-control: public, max-age=31919000
cdn-requestid: 4652714a0d9ca4c7f09ec0a2fa36e4ac
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 109ms
33ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a.opmnstr.com
URL: https://a.opmnstr.com/app/js/api.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.thebureauinvestigates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 674
date: Sat, 30 Apr 2022 06:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 30 Apr 2022 08:17:11 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.thebureauinvestigates.com/	1970-01-24 02:40:13	Name: _omappvp Value: uKPMuxllHOtAkEU5vUdfWismAEkvT5tKgp8AogvU7687HTd1nItgnIvd2ZLKcMfL2qDAVD8zABOZJcXdPmXDMIgifwzpbYoX
			www.thebureauinvestigates.com/	1970-01-20 02:41:41	Name: _omappvs Value: 1651300104802

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.omappapi.com
a.opmnstr.com
api.omappapi.com
assets2.thebureauinvestigates.com
connect.facebook.net
d3cocnzdt9u6c9.cloudfront.net
thebureauinvestigates.com
www.google-analytics.com
www.googletagmanager.com
www.thebureauinvestigates.com
18.64.103.122
2600:9000:224a:e200:1d:2792:2640:21
2606:4700:10::6816:4f56
2606:4700:10::ac43:9c1
2a00:1450:4001:829::200e
2a00:1450:4001:831::2008
2a03:2880:f02d:100:face:b00c:0:3
84.17.46.53
0086bc27856d9d109bc1ef98621e3b1025dc950546b46b84e66da0105e7f8e2a
05b1d94b5d498f9951ebdb170a9295c18b0e6bdb1d89a85c3f0ef6ab5fc2abdd
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0a430d07aaf86f36cfd042ccdcd43afc9b8bc116362801125a04efee9110491f
0a7d6c10d95b176cfa38ec2d1f57c28f5e8efe5cddb7238a3f1fca058d7d5e44
0e86e2a103f822069377f118acc7a633477ad4eef6d8f0aa1b6cbc43935dc6a3
180f2195bdae3f048def74498667ae08206a1f7d08a3d2085cf019b463ed1804
190922ae32efbd9ed02bb0164a93a1c6357cfc4e7246f1c6bb0a2b609f5fd6b5
1ef3392ac9ca52c6155d0b174afc69e3b26638715d3d76be1a7b9cc7bba3af14
219df14b751bfe92160bc77bbf37c825cd4ea34ba6921dddbbaea287a781d725
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28d854a85b41963698f7c5a84cee3b9a9ccf7c219479294b7c5e0ba72fecd1cd
2ec99b4bac4fdfa002a058e061ff959f049e2b40ae5f76bdd6792dfdf13dad61
2f550fbdcc42afd808164719a4d095796a02301d2a178e546fa40d6accf181d0
33143338c32790d7313f730349609f91316fda3d4a983dc7e7ae19cfd86f13fc
3c4e22719df27f1b7026caf4c3e5a88b52017abac61204e4cd0c86a3728925e8
3cdbde6f2e7d6f364c7c1575e15683d007b30d58c0222b36d2405c20d260418f
3cdf00fa550a08c8b3ef33c9f7e29260a994baa9eeb90b6fbc20f1fa65a585d1
441f1443d286027c5db7bb36b0d780f2e8d2bb5ef96caeba07718e1d32d2f163
48f1e8b88778413dc103a0b2f23f9df5f206135c1819e563b278e114835a4435
4a22ae34993b865a48ae93f4c17205f5a92c2bd48c90bc5eba767989b5008634
4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250
4d1347124810658c6b7975db805a324df476bca1ec374b96e782b38290972d96
58ed6ced50061522cd7b6f575233add95869e8a530a33614fd882411efb84067
5b6f595b46870d56769cd55c72f847ffdbac2d3789ca9de357ac01c55eb33deb
644d1ebc7fd6f2981023fc129d862e929b5668d2bc5031214728330fb7b00189
71560977ee94f83dadd0d9d979afddbb37071b68ae2463ab663ea8fe1ec880cb
803405c8311d1dbca3fccd7c78320d28e45e516c0a813e9c439d15980839c56c
8cadc5822cfed385a072baa600efd92455490c9c4a2883a6e3aa628c8265a877
97093c025bf247dbcbb0334533712b67fa36132e77680557a2e8578e8d53dbdd
98f87b001a6dc885808330711a29636cd38f65ac99167f12ab807a0d3a5e32bf
9d5bfce704939a36d4ed1f28050a5a90d61f7ea63d115402683c3d15b7c86c79
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b5a798acf9a22214098b39aec1b433c6a392774dbb0029b0e8e2179d09f89474
b77f6fa10a82b4f583ce0ad71b79b0522b7bf784b63b7a6e6aa4256facc586ec
bcb92f97612e42a7e6bcf348fb8b74a6bd6dc5ad99a7ec0e7a426570add899f1
c414fd6d170a08f6efd71afa0d5341259ea7168567b6aa09ae24dc7a2b71c08b
c66f448a8c5857caf3aec7563811bc9090d1c8a72751e4c42ad6410196daaa98
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
dacf6722704a56974cad59936f5770fdd89416a0eff44eea1e8bb6598aee0f6f
e47bbab99a448b2f6d405a77ed6436829d0b807001d9baad4110c4e55be3b29e
e6d0e160a27f680d744663e19e2426ca708729616d7814034e87739705f5470a
f04d6e95e36a7e023546279684ecc2e4e8d2908a727d26ab936308ab27d0ef6d
f38ba920d1fc6f4f4a111b0dbfdb1919e14f5bf78c76fccf035c19da36ad3d56
f9210265615064ba604ade4c307414039fe391a20986c4811f1c61670791c5b2
f9b04741dcbd3d53da33109704ed6a79635b955906ecfa04ddc0c57551c929f6
faa0e012ddf7916b4d1f853f8bc2c390997d742cab7c90883d699fd1ec742eb1
ff3aa06ffe760b1073dcb969a3a7a3b7b4644d1d8803977a0aea116d5acb95b1

www.thebureauinvestigates.com Open in urlscan Pro 2606:4700:10::ac43:9c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

48 Requests

100 %HTTPS

75 %IPv6

7 Domains

10 Subdomains

7 IPs

3 Countries

1040 kBTransfer

1624 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

48 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thebureauinvestigates.com Open in urlscan Pro
2606:4700:10::ac43:9c1 Public Scan

Screenshot
Live screenshot

Full Image

48
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

10
Subdomains

7
IPs

3
Countries

1040 kB
Transfer

1624 kB
Size

2
Cookies

48 HTTP transactions
0 data transactions