pastinvestigators.com Open in urlscan Pro
34.206.191.114  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response pastinvestigators.com/	54 KB 5 KB	631ms 216ms	Document text/html	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash c44768675b9856b54c6e56adba071d6082b71feb308fa1e2b3489fbdc63fff3e Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 5326 content-type text/html date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:17 GMT server LiteSpeed vary Accept-Encoding
GET H2	200	DSC04438-444x231.jpg pastinvestigators.com/sitebuilder/images/	9 KB 9 KB	130ms 129ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/DSC04438-444x231.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 1e34ff985e4bfb0a5ca03e4531ebbfcae7736684fcf35567cf7027fa0c5bbc37 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 9538 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	DSC04460-445x203.jpg pastinvestigators.com/sitebuilder/images/	12 KB 12 KB	246ms 246ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/DSC04460-445x203.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 0cebfa7abad52f0b2cd624c3f880e1c84afe38a9da91b900a2818382df5ec98c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:02 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 12607 expires Tue, 09 Jul 2024 00:29:21 GMT
GET		72429.jpg ghost.gotop100.com/lists/ghost/custombanners/	0 0
GET H2	200	s254098139036_949_1_.jpg pastinvestigators.com/images/	4 KB 4 KB	213ms 205ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/images/s254098139036_949_1_.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 5e6c4c69ee01e42d0c715b345e0fb4a5a2994aa12f15de54a904d3be1b0e56af Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:26:56 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 4071 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Kevin_and_Sue_waverly-451x231.png pastinvestigators.com/sitebuilder/images/	119 KB 119 KB	331ms 324ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Kevin_and_Sue_waverly-451x231.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash cd3d13449f058559db67a024ba11c9a425709ab30059cd6e43db337bd1d16ebf Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 122112 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	moon_yellow_2-586x130.jpg pastinvestigators.com/sitebuilder/images/	10 KB 11 KB	338ms 331ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/moon_yellow_2-586x130.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 3c826128f54a37b961e46962595707ee352531dda44f4b2abe1017768bd0ecc7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:11 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 10729 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Moon_Point_Cropped-223x278.jpg pastinvestigators.com/sitebuilder/images/	10 KB 10 KB	337ms 330ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Moon_Point_Cropped-223x278.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash f21c68ee0287085c6245d65f6a0d52cc6a170ec29eaed6f9aadf486d5d005b0b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 10510 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Figure_behind_stone_no_names3-918x450.jpg pastinvestigators.com/sitebuilder/images/	79 KB 79 KB	212ms 206ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Figure_behind_stone_no_names3-918x450.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 9656896363ff0bc68c4cfee60279c6bde1c71f546b4bc9ce9381128379e8e1c9 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:11 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 81006 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Bachelors_grove_figure_large_mark-204x277.jpg pastinvestigators.com/sitebuilder/images/	11 KB 11 KB	335ms 329ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Bachelors_grove_figure_large_mark-204x277.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 138cf4dda2d38e7c055aa1f8c7040e44f3a163a0faee7a15baf6230f558fcb21 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 11379 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	IPI_IEA_-_PAST_investigation_excelllence-252x291.jpg pastinvestigators.com/sitebuilder/images/	13 KB 13 KB	332ms 326ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/IPI_IEA_-_PAST_investigation_excelllence-252x291.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 6db2e399ce95cff21ef6dea5677c96ccdf3dc3252567288e367272a50ac205fd Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 13040 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	IPI_OPEA_-_PAST_paranormal_evidence_j_eg-246x285.jpg pastinvestigators.com/sitebuilder/images/	13 KB 13 KB	339ms 333ms	Image image/jpeg	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/IPI_OPEA_-_PAST_paranormal_evidence_j_eg-246x285.jpg Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash b39ef8f248ee8c20a6850d6e93fc80d26dac3ab8725ac908ac47f9508b036223 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:12 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 13166 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	capture-20130820-125302-566x129.png pastinvestigators.com/sitebuilder/images/	13 KB 13 KB	570ms 565ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/capture-20130820-125302-566x129.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash cd75d324c3061406df124577c73cf71f3a71294414bb7261dd3d50ed69fd7bde Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:15 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13467 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-0-active-77021.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	569ms 564ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-0-active-77021.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 00f59afedb61ecf44f5515557fd045151e3d6ab172df6a59fcff650b42660cd5 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2267 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-1-inactive-77204.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	448ms 443ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-1-inactive-77204.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash a63adf12adcaed3ca238896b1e2b453dda5a91836fc4d18f80e8c752240b09e0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2374 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-2-inactive-77453.png pastinvestigators.com/sitebuilder/images/	3 KB 3 KB	449ms 445ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-2-inactive-77453.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 17f8060a4e906e05459ca226a18dbff406442815901924fed8480a99fbbda2b3 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2898 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-3-inactive-77727.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	450ms 445ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-3-inactive-77727.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 3e415cbac71ca3795b593e2dda71281cf2eb7be25a06123067f1ff31c89bc331 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2272 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-4-inactive-77957.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	448ms 444ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-4-inactive-77957.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash d57ec7feb0c879ed1340c143699b95570dc12ccbabff62596cb0d9ba4b762ee7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2360 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-5-inactive-78306.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	448ms 444ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-5-inactive-78306.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 0a06c63633c67555a499c8cc57146e26d336838fb4236a911b72f942689257cb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2225 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-6-inactive-78552.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	447ms 443ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-6-inactive-78552.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash cd2e5603981e3a2d05112935baa5b63310e06d53f7b346c8d9af9945a1eb4a43 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2469 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-7-inactive-78851.png pastinvestigators.com/sitebuilder/images/	3 KB 3 KB	448ms 445ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-7-inactive-78851.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 80454afa714f1dddd78e9928143b213aacddf4fdf4adb101c80edf83c0f505dc Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2644 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-8-inactive-79113.png pastinvestigators.com/sitebuilder/images/	3 KB 3 KB	449ms 446ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-8-inactive-79113.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 3ab5ec028ba19f3aca507d8722b29e65a1c164fa20a5e3b2b9b586e2885c453b Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2571 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-9-inactive-79365.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	447ms 444ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-9-inactive-79365.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash f42f432c63f3541a28063e55c7d5f5539352117e71c4df566aea8b1a2d007df8 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2496 expires Tue, 09 Jul 2024 00:29:21 GMT
GET H2	200	Master-10-inactive-79622.png pastinvestigators.com/sitebuilder/images/	2 KB 2 KB	448ms 445ms	Image image/png	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://pastinvestigators.com/sitebuilder/images/Master-10-inactive-79622.png Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 9a3f3c56dfe3f7501bbed5308e5d982d47ef9eae4f5e13777794e4ecf1b72276 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT last-modified Mon, 27 Feb 2023 10:27:14 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 2170 expires Tue, 09 Jul 2024 00:29:21 GMT
GET		counter_xhtml.js www.statcounter.com/counter/	0 0
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 4 KB	143ms 40ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b70f238163e1d50f1e161bab810f8a366ae91d54efceca19a27e84fdba8a62ce Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 02 Jul 2024 00:29:21 GMT content-md5 AyNHcAA9iMic4cjYR9h8pA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug SXvmZRAi8WsNWejUiaC6bEcAqlMHhL/w08NooxFUqdxbasDbj3ydaWG4W0GX+i1hIY5WkzxhXp0uK+iTMdRHWw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 f151e09c3da5a51ff095d0a75eac56d1 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "8b3ba59e8abe3f4122a8d963343ce011" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Tue, 02 Jul 2024 00:48:19 GMT
GET H2	200	counter.js Show response secure.statcounter.com/counter/	35 KB 13 KB	171ms 61ms	Script application/javascript	104.20.94.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://secure.statcounter.com/counter/counter.js Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 01 Jul 2024 09:48:11 GMT server cloudflare age 36749 etag W/"66827b5b-8c17" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 cf-ray 89ca856109e33630-FRA expires Tue, 02 Jul 2024 02:16:52 GMT
GET H3	200	all.js Show response connect.facebook.net/en_US/	301 KB 85 KB	82ms 40ms	Script application/x-javascript	157.240.0.6 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=48094286ed09ed3df87892e2f9c94ad3 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-02-fra3.fbcdn.net Software / Resource Hash 8950f5c9b16f60d7b691cca6043663f1abace3229c40a2ab996f1e3a0f24674d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Origin https://pastinvestigators.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 02 Jul 2024 00:29:21 GMT content-md5 fsg/LYFT/Myj6cL2CVF2lQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87064 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4287, tp=9, tpl=0, uplat=1, ullat=-1 x-fb-debug 5u3lusXtgnICWqBQP+NCTNBVzARRAp0gbzEHdQV3ITYiLqW/zuE4zvmQTHqDmqcyC5ejixJpG1KnGjlhhXHSRw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 a28761b333f08284a25150b969b41bb5 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "e86c767a380f4b682f148d45f2f9798a" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Tue, 01 Jul 2025 23:23:19 GMT
GET H/1.1	429 Too Many Requests	93267515 player.vimeo.com/video/ Frame 165E	0 0	781ms 699ms	Document text/html	162.159.138.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/93267515?title=0&byline=0&portrait=0&autoplay=1&loop=1 Requested by Host: pastinvestigators.com URL: https://pastinvestigators.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://pastinvestigators.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers CF-RAY 89ca85620aab2685-TXL Connection keep-alive Content-Length 5164 Content-Type text/html;charset=UTF-8 Date Tue, 02 Jul 2024 00:29:21 GMT Server cloudflare Vary Accept-Encoding
GET H2	200	t.php Show response c.statcounter.com/	380 B 627 B	202ms 191ms	XHR application/json	104.20.94.138 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=8439682&u1=1F255F69D9064FDC85A92978DEE882B8&java=1&security=8c8197f4&sc_snum=1&sess=99b877&sc_rum_e_s=861&sc_rum_e_e=883&sc_rum_f_s=0&sc_rum_f_e=641&p=0&pv=10&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//pastinvestigators.com/&t=Paranormal%20Anomaly%20Search%20Team&get_config=true Requested by Host: secure.statcounter.com URL: https://secure.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39c15e2c3c6dc174e876b9f159dc5728667134498267897c8c6344186a1fc89d Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:21 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin https://pastinvestigators.com p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-credentials true cf-ray 89ca8561aa4a3630-FRA expires Mon, 26 Jul 1997 05:00:00 GMT
GET DATA	200 OK	truncated /	193 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8af56faea75a86abb4d276f6cabfdf3932894239e3f9663b763d144a16591a4d Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	like.php www.facebook.com/plugins/ Frame EA4B	0 0	172ms 73ms	Document text/html	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfd30a14654329a440%26domain%3Dpastinvestigators.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fpastinvestigators.com%252Ffcf65891b1f87b1a4%26relation%3Dparent.parent&container_width=624&font=segoe%20ui&href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FParanormal-Anomaly-Search-Team%2F181117765295723&layout=button_count&locale=en_US&sdk=joey&send=true&show_faces=false&width=100 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=48094286ed09ed3df87892e2f9c94ad3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://pastinvestigators.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html;charset=utf-8 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" date Tue, 02 Jul 2024 00:29:23 GMT expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7386829054120448369"}]} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7386829054120448369" x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2763, tp=-1, tpl=-1, uplat=31, ullat=0 x-fb-debug mSLaybeHMXC0UWfauDt9Q8p5lujjfYPQfCYtLI7C+rIBJHggJmjx3YQ7Dha1nSx+eOpr7wSMWBH4yyTDZjfGQA== x-xss-protection 0
GET H2	404	favicon.ico pastinvestigators.com/	1 KB 692 B	121ms 120ms	Other text/html	34.206.191.114 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://pastinvestigators.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.206.191.114 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS cpanel288.turbify.biz Software LiteSpeed / Resource Hash 4af4506b768b2591c2928ee5fc8d3e37498dc3c6d2c36c646e8d7346e000a985 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://pastinvestigators.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 02 Jul 2024 00:29:23 GMT content-encoding gzip server LiteSpeed content-length 627 vary Accept-Encoding content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

ghost.gotop100.com

URL

https://ghost.gotop100.com/lists/ghost/custombanners/72429.jpg

Domain

www.statcounter.com

URL

http://www.statcounter.com/counter/counter_xhtml.js

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage number| sc_project number| sc_invisible number| sc_partition string| sc_security string| scJsHost object| FB function| _statcounter object| __buffer

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.pastinvestigators.com/	1970-01-21 07:20:40	Name: sc_is_visitor_unique Value: rx8439682.1719880162.1F255F69D9064FDC85A92978DEE882B8.1.1.1.1.1.1.1.1.1
			.statcounter.com/	1970-01-21 07:20:40	Name: is_unique Value: sc8439682.1719880161.0
			.vimeo.com/	1970-01-20 21:44:41	Name: __cf_bm Value: cVNRduPvU6GZtIP2vA7P3JY0.voOAh45WJoE3TmF2ds-1719880161-1.0.1.1-_wf9tOoT.y97qGkNwtQNnVARmct8LIu4vjFtzWmy0D9OV9mGEt2G9QkObuHCH2nhfz9plqVHbo5YidjNmcEX9g
			.vimeo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: GVp9F8S9dinggC7.B6T4KtKrc5vhQ6mJovYk6_Gn6X4-1719880161945-0.0.1.1-604800000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://pastinvestigators.com/ Message: Mixed Content: The page at 'https://pastinvestigators.com/' was loaded over HTTPS, but requested an insecure element 'http://ghost.gotop100.com/lists/ghost/custombanners/72429.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://pastinvestigators.com/ Message: Mixed Content: The page at 'https://pastinvestigators.com/' was loaded over HTTPS, but requested an insecure script 'http://www.statcounter.com/counter/counter_xhtml.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://pastinvestigators.com/(Line 104) Message: Mixed Content: The page at 'https://pastinvestigators.com/' was loaded over HTTPS, but requested an insecure element 'http://ghost.gotop100.com/lists/ghost/custombanners/72429.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://pastinvestigators.com/(Line 113) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://pastinvestigators.com/(Line 113) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://secure.statcounter.com/counter/counter.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://pastinvestigators.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.statcounter.com
connect.facebook.net
ghost.gotop100.com
pastinvestigators.com
player.vimeo.com
secure.statcounter.com
www.facebook.com
www.statcounter.com
ghost.gotop100.com
www.statcounter.com
104.20.94.138
157.240.0.6
162.159.138.60
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
34.206.191.114
00f59afedb61ecf44f5515557fd045151e3d6ab172df6a59fcff650b42660cd5
0a06c63633c67555a499c8cc57146e26d336838fb4236a911b72f942689257cb
0cebfa7abad52f0b2cd624c3f880e1c84afe38a9da91b900a2818382df5ec98c
138cf4dda2d38e7c055aa1f8c7040e44f3a163a0faee7a15baf6230f558fcb21
17f8060a4e906e05459ca226a18dbff406442815901924fed8480a99fbbda2b3
1e34ff985e4bfb0a5ca03e4531ebbfcae7736684fcf35567cf7027fa0c5bbc37
39c15e2c3c6dc174e876b9f159dc5728667134498267897c8c6344186a1fc89d
3ab5ec028ba19f3aca507d8722b29e65a1c164fa20a5e3b2b9b586e2885c453b
3c826128f54a37b961e46962595707ee352531dda44f4b2abe1017768bd0ecc7
3e415cbac71ca3795b593e2dda71281cf2eb7be25a06123067f1ff31c89bc331
4af4506b768b2591c2928ee5fc8d3e37498dc3c6d2c36c646e8d7346e000a985
5e6c4c69ee01e42d0c715b345e0fb4a5a2994aa12f15de54a904d3be1b0e56af
6db2e399ce95cff21ef6dea5677c96ccdf3dc3252567288e367272a50ac205fd
80454afa714f1dddd78e9928143b213aacddf4fdf4adb101c80edf83c0f505dc
8950f5c9b16f60d7b691cca6043663f1abace3229c40a2ab996f1e3a0f24674d
8af56faea75a86abb4d276f6cabfdf3932894239e3f9663b763d144a16591a4d
9656896363ff0bc68c4cfee60279c6bde1c71f546b4bc9ce9381128379e8e1c9
9a3f3c56dfe3f7501bbed5308e5d982d47ef9eae4f5e13777794e4ecf1b72276
a63adf12adcaed3ca238896b1e2b453dda5a91836fc4d18f80e8c752240b09e0
a6b293451a19dfb0f68649e5ceabac93b2d4155e64fe7f3e3af21a19984e2368
b39ef8f248ee8c20a6850d6e93fc80d26dac3ab8725ac908ac47f9508b036223
b70f238163e1d50f1e161bab810f8a366ae91d54efceca19a27e84fdba8a62ce
c44768675b9856b54c6e56adba071d6082b71feb308fa1e2b3489fbdc63fff3e
cd2e5603981e3a2d05112935baa5b63310e06d53f7b346c8d9af9945a1eb4a43
cd3d13449f058559db67a024ba11c9a425709ab30059cd6e43db337bd1d16ebf
cd75d324c3061406df124577c73cf71f3a71294414bb7261dd3d50ed69fd7bde
d57ec7feb0c879ed1340c143699b95570dc12ccbabff62596cb0d9ba4b762ee7
f21c68ee0287085c6245d65f6a0d52cc6a170ec29eaed6f9aadf486d5d005b0b
f42f432c63f3541a28063e55c7d5f5539352117e71c4df566aea8b1a2d007df8