salazarinvestigations.com Open in urlscan Pro
209.87.159.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://salazarinvestigations.com/workers-compensation/
Submission: On April 19 via manual (April 19th 2023, 3:40:55 pm UTC) from US — Scanned from US

Summary HTTP 84 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 14 IPs in 1 countries across 11 domains to perform 84 HTTP transactions. The main IP is 209.87.159.232, located in United States and belongs to NEXCESS-NET, US. The main domain is salazarinvestigations.com.
TLS certificate: Issued by R3 on March 14th 2023. Valid for: 3 months.

This is the only time salazarinvestigations.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	209.87.159.232 209.87.159.232	36444 (NEXCESS-NET) (NEXCESS-NET)
6	2607:f8b0:400... 2607:f8b0:4006:80d::2008	15169 (GOOGLE) (GOOGLE)
1	108.138.106.123 108.138.106.123	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:820::200e	15169 (GOOGLE) (GOOGLE)
8	184.51.148.209 184.51.148.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	76.223.116.242 76.223.116.242	16509 (AMAZON-02) (AMAZON-02)
14	2606:4700:310... 2606:4700:3108::ac42:2883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	184.51.148.211 184.51.148.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
13	2607:f8b0:400... 2607:f8b0:4006:81f::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
84	14

23 209.87.159.232 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-1920807.us-midwest-1.nxcli.net

salazarinvestigations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80d::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-123.jfk50.r.cloudfront.net

scripts.iconnode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:820::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.51.148.209 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-209.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.116.242 (United States)

ASN16509 (AMAZON-02, US)
PTR: a171616d2c13795e3.awsglobalaccelerator.com

process.iconnode.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3108::ac42:2883 (United States)

ASN13335 (CLOUDFLARENET, US)

batchgeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.batchgeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticnode.batchgeo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.51.148.211 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-51-148-211.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:81f::200a (New York, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81f::2003 (New York, United States)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	salazarinvestigations.com salazarinvestigations.com	1 MB
14	batchgeo.com batchgeo.com — Cisco Umbrella Rank: 757462 static.batchgeo.com staticnode.batchgeo.com	301 KB
13	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 613 fonts.googleapis.com — Cisco Umbrella Rank: 119	301 KB
13	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5414 api.livechatinc.com — Cisco Umbrella Rank: 4996 secure.livechatinc.com — Cisco Umbrella Rank: 6406 accounts.livechatinc.com — Cisco Umbrella Rank: 7230	373 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	41 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	384 KB
3	iconnode.com scripts.iconnode.com — Cisco Umbrella Rank: 52589 process.iconnode.com — Cisco Umbrella Rank: 55553	9 KB
2	google.com www.google.com — Cisco Umbrella Rank: 16	563 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 67	3 KB
1	gstatic.com maps.gstatic.com	848 B
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 5119	28 KB
84	11

	Domain	Requested by
23	salazarinvestigations.com	salazarinvestigations.com
12	maps.googleapis.com	batchgeo.com browser.sentry-cdn.com maps.googleapis.com
9	batchgeo.com	salazarinvestigations.com batchgeo.com browser.sentry-cdn.com
8	cdn.livechatinc.com	salazarinvestigations.com secure.livechatinc.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
6	www.googletagmanager.com	salazarinvestigations.com www.googletagmanager.com batchgeo.com
4	staticnode.batchgeo.com	batchgeo.com
3	api.livechatinc.com	cdn.livechatinc.com
2	www.google.com	batchgeo.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	process.iconnode.com	scripts.iconnode.com
1	maps.gstatic.com	batchgeo.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	static.batchgeo.com	batchgeo.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	fonts.googleapis.com	batchgeo.com
1	browser.sentry-cdn.com	batchgeo.com
1	scripts.iconnode.com	salazarinvestigations.com
84	18

This site contains links to these domains. Also see Links.

Domain
salazar.crosstrax.co
amp.investigatormarketing.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.linkedin.com
batchgeo.com
www.dropbox.com
investigatormarketing.com

Subject Issuer	Validity	Valid
bdcd3312bb.nxcli.io R3	`2023-03-14` - `2023-06-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.iconnode.com Amazon RSA 2048 M02	`2023-02-27` - `2023-08-22`	6 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://salazarinvestigations.com/workers-compensation/
Frame ID: FE5B2385DB770AE661D2A0F86F359C80
Requests: 40 HTTP requests in this frame

Frame: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
Frame ID: 7AD7FA582BF57830EF2AB13B121BB8F1
Requests: 37 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: DF11F1A94C8A0EDBE2040D8A59FF86E8
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Worker’s Compensation - Salazar Investigations

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

18
Subdomains

14
IPs

1
Countries

2815 kB
Transfer

7550 kB
Size

16
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://salazar.crosstrax.co/public/caseadd
Title: Submit a Case

Search URL Search Domain Scan URL

URL: https://salazar.crosstrax.co/secure/login
Title: Client Login

Search URL Search Domain Scan URL

URL: https://amp.investigatormarketing.com/site/h00erfvdndxe0pna/make-payment
Title: Make a Payment

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SalazarInvestigations/

Search URL Search Domain Scan URL

URL: https://twitter.com/PvtEyeSalazar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/salazar_investigations/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC6ecdOIULtPOkqF2ofWH5hA

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/salazarinvestigations/

Search URL Search Domain Scan URL

URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
Title: Salazar Investigations - North America

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/7w9wh2tadb2x521/SALAZAR%20INVESTIGATIONS%20BUSINESS%20LICENSE.pdf?dl=0
Title: AK Agency Lic: 2148426

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/1a81lagcfeg8rpv/MT%20BUSINESS%20DOCUMENTS.pdf?dl=0
Title: MT Agency Lic: A1280253

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/gdvkph45tfrd8yn/Business%20Cert.pdf?dl=0
Title: AL Agency Lic: 124-749

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/21xamgsn9ae8zwq/OH%20Agency%20License.pdf?dl=0
Title: OH Agency Lic: 20222100436719

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/0aitzr0okn9n5t2/CA%20License%20-%20PI189435%20-%2011.30.2024.pdf?dl=0
Title: CA Agency Lic: PI189435

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/myrbgs4a15jh2vn/OR%20Business%20Cert%20of%20Existence.pdf?dl=0
Title: OR Agency Lic: 195129896

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/7s84tj1c9jxpk6t/CERTIFICATE%20SOS.jpeg?dl=0
Title: CO Agency Lic: 20221056408

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/ep781rc0uifit4z/PA%20Cert%20Salazar%20Investigations.pdf?dl=0
Title: PA Agency Lic: 7459567

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/evbpmya62vvx0k0/FL%20-%20License%2010.28.2025.pdf?dl=0
Title: FL Agency Lic: A1900170

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/f51i9xvyruh9rvy/South%20Carolina%20PI%20-%20Agency%20License%20-%2010.26.2023.pdf?dl=0
Title: SC Agency Lic: 3983

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/ia643326w9nlt6k/ID%20BUSINESS%20CERT.pdf?dl=0
Title: ID Agency Lic: 4580407

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/p05nsmewaa74h6g/SD%20BUSINESS%20LICENSE.pdf?dl=0
Title: SD Agency Lic: UB219952

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/x0fcddrdxn0afzl/Indiana%20Agency%20Lic.pdf?dl=0
Title: IN Agency Lic: PI22200009

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/dsv3dgv6rar88cb/TX%20Agency%20Lic.pdf?dl=0
Title: TX Agency Lic: A15803901

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/6nmfumq8db47dim/Private%20Detective%20PI-Agency%20License.pdf?dl=0
Title: KS Agency Lic: D-6226

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/sw0zgafkl3ce209/VA%20Agency%201119655%20.pdf?dl=0
Title: VA Agency Lic: 11-19655

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/q7g2e8uxvx1grpv/MI%20Agency%20License.pdf?dl=0
Title: MI Agency Lic: 3701300035

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/4zss08hcachdqhk/WA%20Bussiness%20LIC%20CERT%20RENEWED%21.pdf?dl=0
Title: WA Agency Lic: DOR00025642

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/mww9xzmp5yhg5jf/MS%20CERT.pdf?dl=0
Title: MS Agency Lic: 1321368

Search URL Search Domain Scan URL

URL: https://www.dropbox.com/s/xr1571u938fl872/WY%20Cert%20.pdf?dl=0
Title: WY Agency Lic: OL-23-44968

Search URL Search Domain Scan URL

URL: https://investigatormarketing.com/
Title: Investigator Marketing

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
salazarinvestigations.com/workers-compensation/ 136 KB
24 KB 1169ms
55ms Document
text/html 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 9df3e11ee6d986523f964af671877d9a83ff47df58fcbdbc259011792bbea5ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 15:40:47 GMT
server: nginx
vary: Accept-Encoding
x-cache-handler: cache-enabler-engine
x-cache-nxaccel: BYPASS

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 115ms
52ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-123578514-26

Requested by

Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc2da83f5d7e36000609f0fe322f4daf3890f7ab34a73bb108b7fbac807efec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44545
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 15:40:47 GMT

GET
H2 200 sbi-styles.min.css
salazarinvestigations.com/wp-content/plugins/instagram-feed-pro/css/ 63 KB
11 KB 36ms
30ms Stylesheet
text/css 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/instagram-feed-pro/css/sbi-styles.min.css?ver=6.2.3
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: bef93e2e8d7aa13c05a55bac632650b0c3ba58397a9da64c02fa138fe7439343

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Fri, 17 Mar 2023 04:25:17 GMT
server: nginx
etag: W/"fcbf-5f710f6e3126c"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: text/css

GET
H2 200 519e89ab851cbd9058605fd496574c5a.min.css
salazarinvestigations.com/wp-content/uploads/fusion-styles/ 1006 KB
123 KB 43ms
38ms Stylesheet
text/css 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-styles/519e89ab851cbd9058605fd496574c5a.min.css?ver=3.9.2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: df89d18e6182b3e3d38f545ec52a530842146e0c8ea50e2875c1f5722f2c26df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 19 Apr 2023 12:15:27 GMT
server: nginx
etag: W/"fb851-5f9af6119457e"
vary: Accept-Encoding
x-cache-nxaccel: MISS
content-type: text/css

GET
H2 200 frontend-gtag.min.js Show response
salazarinvestigations.com/wp-content/plugins/google-analytics-premium/assets/js/ 12 KB
3 KB 36ms
31ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=8.14.1
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Tue, 11 Apr 2023 21:35:29 GMT
server: nginx
etag: W/"2e7a-5f916453b4726"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 jquery.min.js Show response
salazarinvestigations.com/wp-includes/js/jquery/ 88 KB
30 KB 101ms
96ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Thu, 30 Mar 2023 03:49:46 GMT
server: nginx
etag: W/"15ed7-5f815fbda04c8"
vary: Accept-Encoding
content-type: application/javascript
x-nocache: 1

GET
H2 200 107959.js Show response
scripts.iconnode.com/ 49 KB
8 KB 129ms
33ms Script
application/javascript 108.138.106.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.iconnode.com/107959.js
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-123.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2361252b492101d308ddebf07444fa9f516adc1d3a04e4c2f2b10d0cbc1d9c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:18 GMT
content-encoding: gzip
via: 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
x-amz-version-id: null
x-amz-cf-pop: JFK50-P3
age: 75690
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8103
last-modified: Mon, 13 Mar 2023 15:27:52 GMT
server: AmazonS3
etag: "155293e223201c3f8beef7dbde73ab6e"
content-type: application/javascript
cache-control: max-age=0
accept-ranges: bytes
x-amz-cf-id: 8e416sSOVm1VA0eAWKjKW1lrzYIBw0w_JM6O_9ujsy7daeuzgrVXlw==

GET
H2 200 awb-icons.woff
salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/ 21 KB
21 KB 41ms
36ms Font
application/font-woff 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/awb-icons.woff
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Thu, 16 Feb 2023 18:23:14 GMT
server: nginx
etag: "5224-5f4d54a38c880"
x-cache-nxaccel: STALE
content-type: application/font-woff
accept-ranges: bytes
content-length: 21028

GET
H2 200 fa-brands-400.woff2
salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 75 KB
75 KB 41ms
36ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-brands-400.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Thu, 16 Feb 2023 18:23:14 GMT
server: nginx
accept-ranges: bytes
etag: "12bc0-5f4d54a38c880"
content-length: 76736
x-cache-nxaccel: STALE

GET
H2 200 fa-regular-400.woff2
salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 13 KB
13 KB 41ms
37ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-regular-400.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Thu, 16 Feb 2023 18:23:14 GMT
server: nginx
accept-ranges: bytes
etag: "33d0-5f4d54a38c880"
content-length: 13264
x-cache-nxaccel: STALE

GET
H2 200 fa-solid-900.woff2
salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/ 76 KB
77 KB 41ms
37ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Thu, 16 Feb 2023 18:23:14 GMT
server: nginx
accept-ranges: bytes
etag: "13184-5f4d54a38c880"
content-length: 78212
x-cache-nxaccel: STALE

GET
H2 200 petsupplies.ttf
salazarinvestigations.com/wp-content/uploads/fusion-icons/petsupplies-icon-set/fonts/ 5 KB
5 KB 41ms
37ms Font
application/font-sfnt 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-icons/petsupplies-icon-set/fonts/petsupplies.ttf?gcsdh
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: f0c67add34665df2d785635d0c8d11b236e38b9f97cde7b4859d6330f46d51ed

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Tue, 04 May 2021 12:57:22 GMT
server: nginx
etag: "1318-5c1809e751080"
x-cache-nxaccel: STALE
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 4888

GET
H2 200 psychology.ttf
salazarinvestigations.com/wp-content/uploads/fusion-icons/psychology-v1.1/fonts/ 3 KB
3 KB 100ms
96ms Font
application/font-sfnt 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-icons/psychology-v1.1/fonts/psychology.ttf?d63fci
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: a0bbd3f43c120216b50ece24901362637c93989d42ea41622a432b9174b5f9ef

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Wed, 21 Apr 2021 11:30:44 GMT
server: nginx
etag: "b18-5c079e4b20100"
x-cache-nxaccel: STALE
content-type: application/font-sfnt
accept-ranges: bytes
content-length: 2840

GET
H2 200 co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
salazarinvestigations.com/wp-content/uploads/fusion-gfonts/ 21 KB
21 KB 101ms
97ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-gfonts/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQdl9fvg-I.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Wed, 19 Apr 2023 08:05:51 GMT
server: nginx
accept-ranges: bytes
etag: "5214-5f9abe477fc89"
content-length: 21012
x-cache-nxaccel: STALE

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
salazarinvestigations.com/wp-content/uploads/fusion-gfonts/ 37 KB
37 KB 102ms
99ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-gfonts/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Wed, 19 Apr 2023 08:05:51 GMT
server: nginx
accept-ranges: bytes
etag: "9424-5f9abe47ee616"
content-length: 37924
x-cache-nxaccel: STALE

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
salazarinvestigations.com/wp-content/uploads/fusion-gfonts/ 13 KB
13 KB 103ms
100ms Font
application/octet-stream 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-gfonts/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Request headers

Referer: https://salazarinvestigations.com/workers-compensation/
Origin: https://salazarinvestigations.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Wed, 19 Apr 2023 08:05:53 GMT
server: nginx
accept-ranges: bytes
etag: "323c-5f9abe4957397"
content-length: 12860
x-cache-nxaccel: STALE

GET
H2 200 Logo.png
salazarinvestigations.com/wp-content/uploads/2020/01/ 8 KB
8 KB 35ms
32ms Image
image/png 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://salazarinvestigations.com/wp-content/uploads/2020/01/Logo.png
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: cd9ae908178ec0aae2567f7621ea05cf9c86a6a50b01feee05fb5f549847c0fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
last-modified: Mon, 27 Jun 2022 03:12:58 GMT
server: nginx
etag: "2022-5e2654bfd0280"
x-cache-nxaccel: STALE
content-type: image/png
accept-ranges: bytes
content-length: 8226

GET
H2 200 rs6.css
salazarinvestigations.com/wp-content/plugins/revslider/public/assets/css/ 58 KB
12 KB 34ms
34ms Stylesheet
text/css 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.6.12
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: d5b6e53c9833f0ab023135c4e3631a86d714c4b580b26c2ea979973ebb521a2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 19 Apr 2023 04:04:37 GMT
server: nginx
etag: W/"e926-5f9a885bc3e17"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: text/css

GET
H2 200 rbtools.min.js Show response
salazarinvestigations.com/wp-content/plugins/revslider/public/assets/js/ 162 KB
58 KB 35ms
32ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.6.12
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 19 Apr 2023 04:04:37 GMT
server: nginx
etag: W/"28681-5f9a885bc41ff"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 rs6.min.js Show response
salazarinvestigations.com/wp-content/plugins/revslider/public/assets/js/ 405 KB
97 KB 35ms
33ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.6.12
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 33052d73f2f15dc9ddcf10aaf4e397921e587329d6cb27b86c733f7341229ebb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 19 Apr 2023 04:04:37 GMT
server: nginx
etag: W/"6538e-5f9a885bc49cf"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 user-journey.js Show response
salazarinvestigations.com/wp-content/plugins/monsterinsights-user-journey/assets/js/frontend/ 3 KB
1 KB 34ms
34ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/monsterinsights-user-journey/assets/js/frontend/user-journey.js?ver=1.0.7
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 26633f2fe4b480d2bab88805212716453c5c5462f6df5ea8ef65d73fad794d45

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Mon, 13 Mar 2023 21:35:30 GMT
server: nginx
etag: W/"d77-5f6cee3dfd167"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 wpforms-user-journey.min.js Show response
salazarinvestigations.com/wp-content/plugins/wpforms-user-journey/assets/js/ 2 KB
797 B 34ms
31ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/plugins/wpforms-user-journey/assets/js/wpforms-user-journey.min.js?ver=1.0.6
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 59658ed53ed3ce045d55485c4d3eeb16b87ee13bb9f5e21466b556efebbffb69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 01 Mar 2023 21:33:36 GMT
server: nginx
etag: W/"61e-5f5dd7702daa8"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 da9c4eb51b404e8826dc8cb880c698e8.min.js Show response
salazarinvestigations.com/wp-content/uploads/fusion-scripts/ 328 KB
84 KB 35ms
31ms Script
application/javascript 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://salazarinvestigations.com/wp-content/uploads/fusion-scripts/da9c4eb51b404e8826dc8cb880c698e8.min.js?ver=3.9.2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: e6c2291b733d2fa23e49c2884df95154681b09cf7c6b10e3cd03f51770aca76e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
last-modified: Wed, 19 Apr 2023 10:15:46 GMT
server: nginx
etag: W/"51ec6-5f9adb510f9f7"
vary: Accept-Encoding
x-cache-nxaccel: STALE
content-type: application/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 255 KB
84 KB 63ms
61ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-GGPD408JFC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123578514-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f149bd987e141afa945eeadec4a3303aa1999e4b96561cf1747f82971869265a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Apr 2023 15:40:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 764ms
39ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-123578514-26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 14:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 19 Apr 2023 16:05:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
48 KB 60ms
58ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T7SWVZP

Requested by

Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e69117f9f2a9c31afe1a448d7a69a05cb13128bc6a51c8a4fd36223bcfa00fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49123
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 15:40:47 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 86 KB
26 KB 757ms
28ms Script
application/javascript 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f3597ddd0e1f7410c7185c4261d2bd66606745e49804541c5047841441b60e04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: QBYX3R6qNypbKSfia.qp_26XtnfXmz08
content-encoding: br
date: Wed, 19 Apr 2023 15:40:48 GMT
last-modified: Mon, 17 Apr 2023 07:16:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
etag: W/"7e88bf7f25d5ca44cc21ac09544fab98"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: EgDVHfKKFv94dOsPq1rmSeP26CLN6toTxUEba7mY5pz95imE20FRIw==
content-length: 26284
expires: Wed, 19 Apr 2023 23:40:48 GMT

POST
H2 200 / Show response
process.iconnode.com/google-ads/ 0
217 B 781ms
36ms XHR
text/html 76.223.116.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://process.iconnode.com/google-ads/
Requested by: Host: scripts.iconnode.com
URL: https://scripts.iconnode.com/107959.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.116.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a171616d2c13795e3.awsglobalaccelerator.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://salazarinvestigations.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://salazarinvestigations.com
access-control-allow-credentials: true
content-length: 0

POST
H2 200 / Show response
process.iconnode.com/session/ 0
233 B 839ms
103ms XHR
text/html 76.223.116.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://process.iconnode.com/session/
Requested by: Host: scripts.iconnode.com
URL: https://scripts.iconnode.com/107959.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.116.242 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a171616d2c13795e3.awsglobalaccelerator.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33 / PHP/7.4.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://salazarinvestigations.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: none
server: Apache/2.4.56 () OpenSSL/1.0.2k-fips PHP/7.4.33
x-powered-by: PHP/7.4.33
access-control-max-age: 86400
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://salazarinvestigations.com
access-control-allow-credentials: true
content-length: 0

GET
H2 200 2ebb6df8137de94241a7c0fc8d39278c Show response
batchgeo.com/map/ Frame 7AD7 29 KB
8 KB 804ms
121ms Document
text/html 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Requested by

Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0016ad7cc0c76026a72aaf2578e519b637ac13e10bfb6c53cab0a926b0647abd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

Referer: https://salazarinvestigations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7ba63f81983fd15f-BUF
content-encoding: gzip
content-length: 7952
content-type: text/html; charset=UTF-8
date: Wed, 19 Apr 2023 15:40:48 GMT
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL

GET
DATA 200
OK truncated
/ 148 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cae0406edd0e7858831c6437e162688867a59a042b05fcb9db2349395f7e5cc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 142 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 287a605893ad3e519d4e1debff055f6be7cc05509fad977c57f470f579972f78

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 collect
www.google-analytics.com/g/ 0
177 B 407ms
53ms Ping
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-GGPD408JFC&gtm=45je34c0&_p=1157711699&gdid=dZGIzZG&cid=1099321520.1681918848&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681918847&sct=1&seg=0&dl=https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F&dt=Worker%E2%80%99s%20Compensation%20-%20Salazar%20Investigations&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GGPD408JFC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://salazarinvestigations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 19 Apr 2023 16:28:10 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 385 B
592 B 171ms
92ms Script
application/javascript 184.51.148.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=12191868&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F&channel_type=code&jsonp=__q9zotfbd9pr

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.51.148.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-51-148-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

98675b3646c2ef18e27b234475b6ec594e765e518631e0088f3081530ef00907

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://salazarinvestigations.com/;
X-Frame-Options	allow-from https://salazarinvestigations.com/

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://salazarinvestigations.com/;
date: Wed, 19 Apr 2023 15:40:48 GMT
content-length: 385
vary: Accept-Encoding
x-frame-options: allow-from https://salazarinvestigations.com/
content-type: application/javascript; charset=UTF-8

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 51ms
51ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1157711699&t=pageview&_s=1&dl=https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F&ul=en-us&de=UTF-8&dt=Worker%E2%80%99s%20Compensation%20-%20Salazar%20Investigations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=33287333&gjid=1990815316&cid=1099321520.1681918848&tid=UA-123578514-26&_gid=247185436.1681918848&_r=1&gtm=457e34c0&did=dZGIzZG&gdid=dZGIzZG&jsscut=1&z=1411861574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://salazarinvestigations.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://salazarinvestigations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 51ms
51ms XHR
text/plain 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1157711699&t=pageview&_s=1&dl=https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F&ul=en-us&de=UTF-8&dt=Worker%E2%80%99s%20Compensation%20-%20Salazar%20Investigations&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIhAAAAACAAI~&jid=15185113&gjid=1601786309&cid=1099321520.1681918848&tid=UA-123578514-26&_gid=247185436.1681918848&_r=1&_slc=1&gtm=45He34c0n81T7SWVZP&z=423800839

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://salazarinvestigations.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://salazarinvestigations.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.2.5/ Frame 7AD7 89 KB
28 KB 90ms
28ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.5/bundle.tracing.min.js

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

982493c889d08edf84287b45b09f99413005d953f6c142bf4507575434ba9519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://batchgeo.com/
Origin: https://batchgeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 01 Apr 2021 11:46:33 GMT
server: Fastly
age: 1228428
etag: "42a89c1095bd4d0dcdb0a636e3bba33b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28076
expires: Thu, 04 Apr 2024 10:27:00 GMT

GET
H2 200 bootstrap.js Show response
batchgeo.com/js/dist/ Frame 7AD7 265 KB
92 KB 57ms
56ms Script
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/dist/bootstrap.js?v=1678920074

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b639869e3105ce7079f03cc01039045f770664e48c86a3f0a0d8e54218dc7169

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 15 Mar 2023 22:41:14 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "425d2-5f6f80aac7893-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7ba63f82985ad15f-BUF
expires: Wed, 19 Apr 2023 07:04:38 GMT

GET
H2 200 site.js Show response
batchgeo.com/js/dist/ Frame 7AD7 56 KB
14 KB 91ms
90ms Script
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/dist/site.js?v=1678200733

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbfad7c7af3d011579946bc80b80d979befb11863ec5944aac0773152f5114f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Mar 2023 14:52:13 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "df9e-5f6508e9035e1-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba63f82985bd15f-BUF
content-length: 14556
expires: Mon, 17 Apr 2023 19:44:02 GMT

GET
H2 200 map.min.css
batchgeo.com/css/ Frame 7AD7 109 KB
19 KB 91ms
90ms Stylesheet
text/css 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/css/map.min.css?v=3360210496

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3811a0f0985a77c5ede1a4c116e40af2c3a6f17f2f93d73e7beed0209572d417

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 31 Mar 2023 23:52:05 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "1b460-5f83ae57e7c52-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba63f82985cd15f-BUF
content-length: 19183
expires: Mon, 24 Apr 2023 18:05:12 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 7AD7 169 KB
55 KB 436ms
84ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&callback=afterMapsLoaded&libraries=visualization,places,drawing&client=gme-batchgeo&channel=batchgeo&region=us

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4fed93756a68e1ab25444ba00a9394240f5ca80efa7fbb456742843a4e1660d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56269
x-xss-protection: 0

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
2 KB 126ms
126ms Script
application/javascript 184.51.148.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=309af93d-6d76-4518-9f5d-d1d408681599&version=1030.2.2.271.16.17.6.3.2.1.2.2.7&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 92a410751c1cca9c2d5883a1fac3d30d3f502c08c2bafcd333a683f3bc078a32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1410
expires: Wed, 19 Apr 2023 15:50:48 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 7AD7 165 KB
60 KB 52ms
52ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDV7WVB

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

527103133a08d3e0c38235d32b23040e021ad2450f8fa8d1ba29032e65254b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61815
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 15:40:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7AD7 8 KB
1 KB 306ms
43ms Stylesheet
text/css 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600&display=swap

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/css/map.min.css?v=3360210496

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

705384e4e7b109a52186e636d7cb811c31b6b7b3af4f14df30fd3214fc304006

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 14:00:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 19 Apr 2023 15:40:48 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame DF11 9 KB
3 KB 133ms
92ms Document
text/html 184.51.148.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 41385410f793ad90acd03840bc2990de694afb8fc26cd07b40065ff3c008e048

Request headers

Referer: https://salazarinvestigations.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 2558
content-type: text/html; charset=utf-8
date: Wed, 19 Apr 2023 15:40:48 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 93ms
92ms Script
application/javascript 184.51.148.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=309af93d-6d76-4518-9f5d-d1d408681599&version=ff93808ef52c6dd040640c4853b854bd_57f70bb4057c5c62e00f0a14f056b329&language=en&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73e058c2fd82a130e13ec22b891ca7d6dcf28e8ffe3ecfe804f27ae69dd4728b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=583
content-length: 3789
expires: Wed, 19 Apr 2023 15:50:31 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 7AD7 49 KB
20 KB 38ms
37ms Script
text/javascript 2607:f8b0:4006:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDV7WVB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 19 Apr 2023 14:05:12 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5736
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 19 Apr 2023 16:05:12 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067553256/ Frame 7AD7 2 KB
2 KB 140ms
56ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067553256/?random=1681918848905&cv=11&fst=1681918848905&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&ref=https%3A%2F%2Fsalazarinvestigations.com%2F&hn=www.googleadservices.com&frm=2&tiba=Salazar%20Investigations%20-%20North%20America&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDV7WVB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

483a0232bd85ed53aaf261bc107af3018085719065e0d670b978fa03af472cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7AD7 240 KB
81 KB 55ms
55ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TQ4EXSMT0N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDV7WVB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a2a029e1cdea5d41fe7da19ec2bc3845b417af1798bdb12e86b8cbe87fcd93b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 19 Apr 2023 15:40:48 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 7AD7 183 KB
66 KB 60ms
60ms Script
application/javascript 2607:f8b0:4006:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-1067553256&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDV7WVB

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cb7d073ddfe25569be33e4ebb17e6c4f0d18589d1a675e273d5c4fd3182c56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67098
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 19 Apr 2023 15:40:48 GMT

GET
H2 200 1680899938 Show response
static.batchgeo.com/map/json/2ebb6df8137de94241a7c0fc8d39278c/ Frame 7AD7 21 KB
5 KB 88ms
71ms Script
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.batchgeo.com/map/json/2ebb6df8137de94241a7c0fc8d39278c/1680899938?_=1681918848933

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/js/dist/bootstrap.js?v=1678920074

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24e88d81156dd1d153a2b5d781e0d680afe18216e4e0babfaca56cee76b757a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-frame-options: ALLOWALL
content-type: application/javascript
cache-control: max-age=2592000, max-age=1800
cf-ray: 7ba63f8658a5d15f-BUF
content-length: 4874
expires: Wed, 19 Apr 2023 16:10:49 GMT

GET
H2 200 batchgeotoolbaricons.ttf
batchgeo.com/css/fonts/ Frame 7AD7 7 KB
4 KB 55ms
54ms Font
font/ttf 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/css/fonts/batchgeotoolbaricons.ttf?192019

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/css/map.min.css?v=3360210496

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a11d89053777b0487c730fde05a8a75c3e0bc250ba7a43960ae53a5dcab478d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

Referer: https://batchgeo.com/css/map.min.css?v=3360210496
Origin: https://batchgeo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
strict-transport-security: max-age=0
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 23:42:02 GMT
server: cloudflare
etag: W/"1cf8-5e8bfcad491c3"
x-frame-options: DENY
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cf-ray: 7ba63f8678a6d15f-BUF

GET
H2 200 1.cd26ba8a.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame DF11 209 KB
65 KB 29ms
28ms Script
application/javascript 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.cd26ba8a.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6316d4056e3b848caf0cfc343a283bf13724a775a611845719f815156b13cc35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: QmrnWubOArQNxJHXfGTT14Npg3aUzwTo
content-encoding: br
date: Wed, 19 Apr 2023 15:40:49 GMT
last-modified: Thu, 06 Apr 2023 11:28:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
etag: W/"0d74237440aef013888123f1472d74e1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: SLIdBYPWCMKChX5y9vonIlSYdCaICS8zfKRDw2h0bhCWd_NQIoszUg==
content-length: 66249
expires: Thu, 18 Apr 2024 15:40:49 GMT

GET
H2 200 0.da00a09a.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame DF11 46 KB
16 KB 55ms
54ms Script
application/javascript 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.da00a09a.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: f6416d77af5b39ebbd4a0210ccdb1412a941a7e5b2099dfb11e4eb4c32147f88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: mcU9YIqqZjYJSIS.2R5FMhHae3zDj6Ay
content-encoding: gzip
date: Wed, 19 Apr 2023 15:40:49 GMT
last-modified: Mon, 03 Apr 2023 07:06:53 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"aa012140a0cd1d332bc79efaa3b5e34f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 1f9hC-mABsZrOQDOkRG0M4GM5dD4KfLlpSfI99CIsiu2zLGLvYcOKA==
content-length: 15922
expires: Thu, 18 Apr 2024 15:40:49 GMT

GET
H2 200 iframe.42fc4e54.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame DF11 756 KB
204 KB 40ms
40ms Script
application/javascript 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.42fc4e54.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 3c3bf016168a6045d2eae02f7bedee44005d520b0cd29d3bb56a033febc0b3af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: URNCnlRNmY9ztnP4NglowKmDv_bAIsn1
content-encoding: br
date: Wed, 19 Apr 2023 15:40:49 GMT
last-modified: Mon, 17 Apr 2023 07:17:00 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
x-amz-server-side-encryption: AES256
etag: W/"df8e916bf762225c5e7ede3754a40b63"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: IcY_EuJliRJ9IscraZ2V1lxT7950A-_bWClv8eN1gzv7nrixzfGayg==
content-length: 208439
expires: Thu, 18 Apr 2024 15:40:49 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 7AD7 3 B
45 B 100ms
48ms XHR
application/json 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.5/bundle.tracing.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://batchgeo.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 index.js Show response
batchgeo.com/js/dist/ Frame 7AD7 533 KB
150 KB 93ms
93ms XHR
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/dist/index.js?_=1681918848934

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.5/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ac0ae3d905433e0915268b6bbd99f27fe838d7869ce00b4b369aa183e60db65

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
sentry-trace: 56d8634e28284f12aa1a930fc37c56b1-8dc8aa74f988ebab-0, 56d8634e28284f12aa1a930fc37c56b1-a321a059302e47d4-0

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 10 Apr 2023 21:35:42 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "8551f-5f9022827f626-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7ba63f86f8aed15f-BUF
expires: Wed, 19 Apr 2023 16:10:49 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame DF11 13 KB
13 KB 87ms
28ms Font
application/octet-stream 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Wed, 19 Apr 2023 15:40:49 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: HaDfKU-VMWpRhKUZuubsrzw6XmFHnQw6MSVisHSp6mWyN2np6N6xrw==
expires: Thu, 18 Apr 2024 15:40:49 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame DF11 12 KB
13 KB 90ms
31ms Font
application/octet-stream 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=12191868&group=0&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Wed, 19 Apr 2023 15:40:49 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: zAvD784f1C-6vFrPWqPfcysnXzVYORYvnUatB7c76sbNeem-1mtPmQ==
expires: Thu, 18 Apr 2024 15:40:49 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1067553256/ Frame 7AD7 2 KB
2 KB 116ms
115ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1067553256/?random=1681918849220&cv=11&fst=1681918849220&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&ref=https%3A%2F%2Fsalazarinvestigations.com%2F&hn=www.googleadservices.com&frm=2&tiba=Salazar%20Investigations%20-%20North%20America&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1067553256&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

17b2d315abf4af37a30ebc06b83fd7a445fc12b79360c4480923dfb46f692889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067553256/ Frame 7AD7 42 B
455 B 147ms
61ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067553256/?random=1681918848905&cv=11&fst=1681916400000&bg=ffffff&guid=ON&async=1&gtm=45He34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&ref=https%3A%2F%2Fsalazarinvestigations.com%2F&frm=2&tiba=Salazar%20Investigations%20-%20North%20America&fmt=3&is_vtc=1&random=1723615131&rmt_tld=0&ipr=y

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 271 KB
76 KB 44ms
43ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&callback=afterMapsLoaded&libraries=visualization,places,drawing&client=gme-batchgeo&channel=batchgeo&region=us

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c388d207ee89237012775f1beedb92413f19e754fd08728a34efa36c70f1547f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 17:11:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77259
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 16 Apr 2024 17:11:41 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 159 KB
58 KB 59ms
58ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/util.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eda4967806f34499d6e937d868857c7bb92ec0a5d7861530336433732c5face5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 07:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59680
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 07:41:35 GMT

GET
H2 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 75 KB
27 KB 109ms
109ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/map.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c49ce5f191872364c5e62094faaf65db41513d069e648b45039be64b28abd01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:02:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27442
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 11:02:04 GMT

GET
H2 200 svg
staticnode.batchgeo.com/marker/ Frame 7AD7 656 B
583 B 126ms
117ms Image
image/svg+xml 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staticnode.batchgeo.com/marker/svg?type=pushpinPlain&size=20&fill=red&stroke=black&text=&opacity=1

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba6f2e8d90cefd6a59f0dc0eccb7bbb94fd73e50f8594d32cbf1c0dab156fdab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
via: 1.1 44f18fa5317ccaef6a4a5e65d43dd8c8.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
x-amz-cf-pop: ORD51-C1
age: 62973
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7ba63f8978efd15f-BUF
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 0ewPflZxRlOozefTxWK2rg-_EypzaM1ePrW4gmR6gxCaSi7ZtR3U0Q==

GET
H2 200 svg
staticnode.batchgeo.com/marker/ Frame 7AD7 656 B
674 B 104ms
96ms Image
image/svg+xml 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staticnode.batchgeo.com/marker/svg?type=pushpinPlain&size=20&fill=blue&stroke=black&text=&opacity=1

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

473cbb4782444b5b5bac2df87b71b3f7334939f99f7c63ddb274f2e22368464e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
via: 1.1 36cc224d7812baa70145cc1e6b92b8a4.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
x-amz-cf-pop: ORD51-C1
age: 14662
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7ba63f8978f0d15f-BUF
access-control-allow-headers: X-Requested-With
x-amz-cf-id: _Z7SX26twD70LfuaJWB_K7M8zyfFJOdVt_911CVnIwTG3CaB7y8J6Q==

GET
H3 200 marker.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 35 KB
13 KB 25ms
24ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/marker.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c381efe7c0a5c80930ede2c88a70dc34f0ceff77f9fea00b26146dd2acd82281

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15188
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13218
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 11:27:41 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 27 KB
10 KB 45ms
44ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/onion.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb33638160100877276c264437731d2ef357a00fafe43f7be95160676c3fc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 12 Apr 2023 16:08:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 603125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10053
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 11 Apr 2024 16:08:44 GMT

GET
H3 200 visualization_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/8a/ Frame 7AD7 8 KB
3 KB 46ms
45ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/8a/visualization_impl.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ed25d8126af8e86684d1395ee2abee3ef2697128f0a089e9fffb48f5fcb4f96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:16:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 105849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3532
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 00:54:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 10:16:40 GMT

GET
H2 200 table-data-sorter.js
batchgeo.com/js/table-data-sorter/ Frame 7AD7 6 KB
3 KB 61ms
60ms Other
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/table-data-sorter/table-data-sorter.js?1681162424

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f983b453ced65d1f24e4480703221aba1d600f8f24505ac22e357a4aea78cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Sep 2022 23:42:03 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "1776-5e8bfcad7dd87-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba63f8b290cd15f-BUF
content-length: 2417
expires: Mon, 17 Apr 2023 22:05:56 GMT

GET
H2 200 table-data-sorter.js
batchgeo.com/js/table-data-sorter/ Frame 7AD7 6 KB
2 KB 60ms
60ms Other
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/table-data-sorter/table-data-sorter.js?1681162424

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f983b453ced65d1f24e4480703221aba1d600f8f24505ac22e357a4aea78cc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
cf-cache-status: HIT
strict-transport-security: max-age=0
age: 0
content-length: 2417
last-modified: Thu, 15 Sep 2022 23:42:03 GMT
server: cloudflare
etag: "1776-5e8bfcad7dd87-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba63f8b290dd15f-BUF
expires: Mon, 17 Apr 2023 22:05:56 GMT

GET
H2 200 build-rows-worker.js
batchgeo.com/js/batchgeo-table/ Frame 7AD7 2 KB
1 KB 59ms
58ms Other
application/javascript 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://batchgeo.com/js/batchgeo-table/build-rows-worker.js?1681162424

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55bfe9f7bc4c1c74ffbebcb30fa8e0f2d23e71b0031e63ca815edb8142fb2efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:49 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 Jan 2023 14:53:16 GMT
server: cloudflare
strict-transport-security: max-age=0
etag: "792-5f2b3359d3345-gzip"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba63f8b390ed15f-BUF
content-length: 962
expires: Mon, 17 Apr 2023 22:05:58 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/1067553256/ Frame 7AD7 42 B
108 B 56ms
55ms Image
image/gif 2607:f8b0:4006:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1067553256/?random=1681918849220&cv=11&fst=1681916400000&bg=ffffff&guid=ON&async=1&gtm=45be34c0&u_w=1600&u_h=1200&url=https%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&ref=https%3A%2F%2Fsalazarinvestigations.com%2F&frm=2&tiba=Salazar%20Investigations%20-%20North%20America&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1390406448&rmt_tld=0&ipr=y

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:49 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/v2/customer/ Frame DF11 195 B
1 KB 118ms
96ms XHR
application/json 184.51.148.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/v2/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.cd26ba8a.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.211 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 16c2eed93812a92b49479b1b6d76a4dd20239aa5e294b54c8655c4844dc91f20

Request headers

Referer: https://secure.livechatinc.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:49 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 195
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 7AD7 326 B
848 B 153ms
49ms Image
image/bmp 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:50 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 19 Apr 2023 15:40:50 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 7AD7 20 KB
4 KB 92ms
91ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d-43.05451912280234&2d80.14562570178481&2m2&1d90&2d53.81814890350292&2u3&4sen-US&5e0&6sm%40643000000&7b0&8e0&12e1&13shttps%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&14b1&callback=_xdc_._l81rjj&key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&channel=batchgeo&token=32847

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b01395e7e5c81fc77f7e0113a999cc430eebdd923aba2d00b73eb8b5c9d3cd33

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=63
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4276
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 StaticMapService.GetMapImage
maps.googleapis.com/maps/api/js/ Frame 7AD7 53 KB
53 KB 29ms
29ms Image
image/png 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.googleapis.com/maps/api/js/StaticMapService.GetMapImage?1m2&1i64&2i524&2e1&3u3&4m2&1u622&2u432&5m10&1e0&5sen-US&6sus&8m3&1e33&2e3&8e1&10b1&12b1&14i1379903&key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&channel=batchgeo&token=80415

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

9550ba9438e9aafa3fefa39e80bca72ffba8162a76804a1fe70f751ab695e6e5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 18:39:19 GMT
server: scaffolding on HTTPServer2
age: 75690
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=86400
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53786
x-xss-protection: 0
expires: Wed, 19 Apr 2023 18:39:19 GMT

GET
H2 200 svg
staticnode.batchgeo.com/marker/ Frame 7AD7 669 B
623 B 72ms
70ms Image
image/svg+xml 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staticnode.batchgeo.com/marker/svg?type=pushpinPlain&size=12&fill=red&stroke=black&text=&opacity=1

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a7aa804c0f72153d20d79d2428574be69954accec1c2dff4c3e5260ad7d152

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:50 GMT
via: 1.1 7b891ba5ffaf08dd209adf67026190da.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
x-amz-cf-pop: ORD52-C1
age: 64138
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7ba63f8c792dd15f-BUF
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Vhr1sL1V2cZeS1Asyl0M_NnlZSmVWVQLNYIiuPkw9DuRr2EUeBTFww==

GET
H2 200 svg
staticnode.batchgeo.com/marker/ Frame 7AD7 669 B
584 B 73ms
61ms Image
image/svg+xml 2606:4700:3108::ac42:2883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://staticnode.batchgeo.com/marker/svg?type=pushpinPlain&size=12&fill=blue&stroke=black&text=&opacity=1

Requested by

Host: batchgeo.com
URL: https://batchgeo.com/map/2ebb6df8137de94241a7c0fc8d39278c

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:3108::ac42:2883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e4f6174126a818ac7d682e8dcbf3bbea3d2a800f8fcb98d3a228445a4becd23

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:50 GMT
via: 1.1 527c74dee7ff1a3b0677c4b4d0a38936.cloudfront.net (CloudFront)
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=0
x-amz-cf-pop: ORD51-C1
age: 19702
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 7ba63f8c892fd15f-BUF
access-control-allow-headers: X-Requested-With
x-amz-cf-id: mS6LxbtTlORh5IPT_M6V4eF8_NiJzIkUb5gK0jynfxY3M2sfQa3Wxw==

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 7AD7 62 B
84 B 46ms
46ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&3sbatchgeo&4sAIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&7m1&1e0&8b0&callback=_xdc_._fyqda4&key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&channel=batchgeo&token=102295

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6b4854849194afd95c4241bea812ea589e6f0a89931b8765d77332044207f1cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 7AD7 62 B
83 B 45ms
44ms Script
text/javascript 2607:f8b0:4006:81f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fbatchgeo.com%2Fmap%2F2ebb6df8137de94241a7c0fc8d39278c&3sAIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&7snv22hn&9sbatchgeo&10e1&11b0&callback=_xdc_._bltk33&key=AIzaSyCoKUnDLxDZuwvgzC7tEVAYM3nDsLgoBU8&channel=batchgeo&token=82698

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/51/8a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

69e03eb7d4c82cb8a4a67abb976c7ec8ccad0e3cc401a7e38faac932a44147f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://batchgeo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 15:40:50 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=20
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame DF11 13 KB
13 KB 39ms
38ms Font
application/octet-stream 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
date: Wed, 19 Apr 2023 15:40:50 GMT
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12852
x-amz-cf-id: HaDfKU-VMWpRhKUZuubsrzw6XmFHnQw6MSVisHSp6mWyN2np6N6xrw==
expires: Thu, 18 Apr 2024 15:40:50 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame DF11 12 KB
13 KB 34ms
34ms Font
application/octet-stream 184.51.148.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Requested by: Host: salazarinvestigations.com
URL: https://salazarinvestigations.com/workers-compensation/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.148.209 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-51-148-209.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

Request headers

Referer: https://secure.livechatinc.com/
Origin: https://secure.livechatinc.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
date: Wed, 19 Apr 2023 15:40:50 GMT
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 12688
x-amz-cf-id: zAvD784f1C-6vFrPWqPfcysnXzVYORYvnUatB7c76sbNeem-1mtPmQ==
expires: Thu, 18 Apr 2024 15:40:50 GMT

GET
H2 200 AdobeStock_218713397-600x400.jpeg
salazarinvestigations.com/wp-content/uploads/2022/06/ 99 KB
99 KB 37ms
37ms Image
image/jpeg 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://salazarinvestigations.com/wp-content/uploads/2022/06/AdobeStock_218713397-600x400.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 60b5124fe1cd219dc23d1f9be2e536a0bd3ce623e42ca9c1e99832a32f9f1037

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:50 GMT
last-modified: Tue, 28 Jun 2022 08:16:02 GMT
server: nginx
etag: "18d21-5e27da5ae3480"
x-cache-nxaccel: MISS
content-type: image/jpeg
accept-ranges: bytes
content-length: 101665

GET
H2 200 Workers-compensation-scaled.jpeg
salazarinvestigations.com/wp-content/uploads/2023/01/ 559 KB
560 KB 35ms
34ms Image
image/jpeg 209.87.159.232
NEXCESS-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://salazarinvestigations.com/wp-content/uploads/2023/01/Workers-compensation-scaled.jpeg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 209.87.159.232 , United States, ASN36444 (NEXCESS-NET, US),
Reverse DNS: cloudhost-1920807.us-midwest-1.nxcli.net
Software: nginx /
Resource Hash: 322028e27097fb9672e9485e9615279007b088ec971ec4938d85b95f4b3e7189

Request headers

accept-language: en-US,en;q=0.9
Referer: https://salazarinvestigations.com/workers-compensation/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 15:40:50 GMT
last-modified: Tue, 17 Jan 2023 16:55:52 GMT
server: nginx
etag: "8bb3f-5f2789288f600"
x-cache-nxaccel: MISS
content-type: image/jpeg
accept-ranges: bytes
content-length: 572223

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 20:47:58	Name: __lc_cid Value: 446c98d7-d36c-40ba-994e-eb3555d3cadd
.accounts.livechatinc.com/v2/customer/token	1970-01-20 20:47:58	Name: __lc_cst Value: a5b2518ac4766a0b33821bc547ff34191df400602c18eacd88b3683c6b4dd22891be2a3bece4bad05b40b16a6848fcbcf9dd407742a43a36d4e8a8b0686a
.accounts.livechatinc.com/customer/token	1970-01-20 20:47:58	Name: __lc_cid Value: 446c98d7-d36c-40ba-994e-eb3555d3cadd
.accounts.livechatinc.com/customer/token	1970-01-20 20:47:58	Name: __lc_cst Value: a5b2518ac4766a0b33821bc547ff34191df400602c18eacd88b3683c6b4dd22891be2a3bece4bad05b40b16a6848fcbcf9dd407742a43a36d4e8a8b0686a
.salazarinvestigations.com/	1970-01-20 20:47:58	Name: wc_visitor Value: 107959-c1ea9b6f-873a-4216-ab58-0935e1784259
.salazarinvestigations.com/	1970-01-20 15:31:10	Name: wc_client Value: direct+..+none+..++..++..++..++..+https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F+..+107959-c1ea9b6f-873a-4216-ab58-0935e1784259+..+
.salazarinvestigations.com/	1969-12-31 23:59:59	Name: wc_client_current Value: direct+..+none+..++..++..++..++..+https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F+..+107959-c1ea9b6f-873a-4216-ab58-0935e1784259+..+
salazarinvestigations.com/	1970-01-20 19:57:34	Name: _monsterinsights_uj Value: {"1681918848":"https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F%7C%23%7CWorker%E2%80%99s%20Compensation%20-%20Salazar%20Investigations%7C%23%7C4832"}
salazarinvestigations.com/	1970-01-20 19:57:34	Name: _wpfuj Value: {"1681918848":"https%3A%2F%2Fsalazarinvestigations.com%2Fworkers-compensation%2F%7C%23%7CWorker%E2%80%99s%20Compensation%20-%20Salazar%20Investigations%7C%23%7C4832"}
.salazarinvestigations.com/	1970-01-20 20:47:58	Name: _ga_GGPD408JFC Value: GS1.1.1681918847.1.0.1681918847.0.0.0
.salazarinvestigations.com/	1970-01-20 20:47:58	Name: _ga Value: GA1.2.1099321520.1681918848
.salazarinvestigations.com/	1970-01-20 11:13:25	Name: _gid Value: GA1.2.247185436.1681918848
.salazarinvestigations.com/	1970-01-20 11:11:58	Name: _gat_gtag_UA_123578514_26 Value: 1
.salazarinvestigations.com/	1970-01-20 11:11:58	Name: _gat_UA-123578514-26 Value: 1
.doubleclick.net/	1970-01-20 20:47:58	Name: IDE Value: AHWqTUki7pZEKbl6V74j9-0mVB9nPWT71L1bnvrM0AKoTP33Qf6O9xXDwRPShMdN
accounts.livechatinc.com/	1970-01-20 11:11:58	Name: __oauth_redirect_detector Value: counter=1&t=1681918879&tag=59dcf3d1433315a34417cdee3f4341c77bcb25f7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
batchgeo.com
browser.sentry-cdn.com
cdn.livechatinc.com
fonts.googleapis.com
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
process.iconnode.com
salazarinvestigations.com
scripts.iconnode.com
secure.livechatinc.com
static.batchgeo.com
staticnode.batchgeo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
108.138.106.123
184.51.148.209
184.51.148.211
209.87.159.232
2606:4700:3108::ac42:2883
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::200e
2a04:4e42:400::729
76.223.116.242
0016ad7cc0c76026a72aaf2578e519b637ac13e10bfb6c53cab0a926b0647abd
066ec1ac2852906b7e7253ee3c129e0efd2343d8671712db064502f03228ccb0
0a2a029e1cdea5d41fe7da19ec2bc3845b417af1798bdb12e86b8cbe87fcd93b
0cae0406edd0e7858831c6437e162688867a59a042b05fcb9db2349395f7e5cc
16c2eed93812a92b49479b1b6d76a4dd20239aa5e294b54c8655c4844dc91f20
17b2d315abf4af37a30ebc06b83fd7a445fc12b79360c4480923dfb46f692889
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ed25d8126af8e86684d1395ee2abee3ef2697128f0a089e9fffb48f5fcb4f96
24e88d81156dd1d153a2b5d781e0d680afe18216e4e0babfaca56cee76b757a8
26633f2fe4b480d2bab88805212716453c5c5462f6df5ea8ef65d73fad794d45
287a605893ad3e519d4e1debff055f6be7cc05509fad977c57f470f579972f78
288d156b63cea15974f8ced0963ccc03ca9688a0e2da4af409339c065faab72f
2cb33638160100877276c264437731d2ef357a00fafe43f7be95160676c3fc63
2e4f6174126a818ac7d682e8dcbf3bbea3d2a800f8fcb98d3a228445a4becd23
322028e27097fb9672e9485e9615279007b088ec971ec4938d85b95f4b3e7189
33052d73f2f15dc9ddcf10aaf4e397921e587329d6cb27b86c733f7341229ebb
3811a0f0985a77c5ede1a4c116e40af2c3a6f17f2f93d73e7beed0209572d417
3c3bf016168a6045d2eae02f7bedee44005d520b0cd29d3bb56a033febc0b3af
41385410f793ad90acd03840bc2990de694afb8fc26cd07b40065ff3c008e048
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
473cbb4782444b5b5bac2df87b71b3f7334939f99f7c63ddb274f2e22368464e
483a0232bd85ed53aaf261bc107af3018085719065e0d670b978fa03af472cd2
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
4f983b453ced65d1f24e4480703221aba1d600f8f24505ac22e357a4aea78cc0
4fed93756a68e1ab25444ba00a9394240f5ca80efa7fbb456742843a4e1660d0
527103133a08d3e0c38235d32b23040e021ad2450f8fa8d1ba29032e65254b13
52984e532d02a87a060764ff400626a1b81cc316284a8ba1feab5d94697119a0
55bfe9f7bc4c1c74ffbebcb30fa8e0f2d23e71b0031e63ca815edb8142fb2efd
59658ed53ed3ce045d55485c4d3eeb16b87ee13bb9f5e21466b556efebbffb69
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5ac0ae3d905433e0915268b6bbd99f27fe838d7869ce00b4b369aa183e60db65
5cb7d073ddfe25569be33e4ebb17e6c4f0d18589d1a675e273d5c4fd3182c56f
5e69117f9f2a9c31afe1a448d7a69a05cb13128bc6a51c8a4fd36223bcfa00fc
60b5124fe1cd219dc23d1f9be2e536a0bd3ce623e42ca9c1e99832a32f9f1037
6316d4056e3b848caf0cfc343a283bf13724a775a611845719f815156b13cc35
65ae05cb1187b6eacddcc464141af208d9c172aeed20c74c3bf7663b530c5c0d
69e03eb7d4c82cb8a4a67abb976c7ec8ccad0e3cc401a7e38faac932a44147f8
6b4854849194afd95c4241bea812ea589e6f0a89931b8765d77332044207f1cb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705384e4e7b109a52186e636d7cb811c31b6b7b3af4f14df30fd3214fc304006
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
73e058c2fd82a130e13ec22b891ca7d6dcf28e8ffe3ecfe804f27ae69dd4728b
83238a9c118b388bee1eede2f1c04b6441ac0c4a543f502457e3d2309a9d3e99
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8c49ce5f191872364c5e62094faaf65db41513d069e648b45039be64b28abd01
92a410751c1cca9c2d5883a1fac3d30d3f502c08c2bafcd333a683f3bc078a32
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9550ba9438e9aafa3fefa39e80bca72ffba8162a76804a1fe70f751ab695e6e5
982493c889d08edf84287b45b09f99413005d953f6c142bf4507575434ba9519
98675b3646c2ef18e27b234475b6ec594e765e518631e0088f3081530ef00907
9df3e11ee6d986523f964af671877d9a83ff47df58fcbdbc259011792bbea5ca
a0bbd3f43c120216b50ece24901362637c93989d42ea41622a432b9174b5f9ef
a11d89053777b0487c730fde05a8a75c3e0bc250ba7a43960ae53a5dcab478d9
abc9faa4970e07db7d506d6b2a98e4c86223be305c7541ced54ea2e15f99a76e
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b01395e7e5c81fc77f7e0113a999cc430eebdd923aba2d00b73eb8b5c9d3cd33
b639869e3105ce7079f03cc01039045f770664e48c86a3f0a0d8e54218dc7169
ba6f2e8d90cefd6a59f0dc0eccb7bbb94fd73e50f8594d32cbf1c0dab156fdab
bef93e2e8d7aa13c05a55bac632650b0c3ba58397a9da64c02fa138fe7439343
c381efe7c0a5c80930ede2c88a70dc34f0ceff77f9fea00b26146dd2acd82281
c388d207ee89237012775f1beedb92413f19e754fd08728a34efa36c70f1547f
c8a7aa804c0f72153d20d79d2428574be69954accec1c2dff4c3e5260ad7d152
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd9ae908178ec0aae2567f7621ea05cf9c86a6a50b01feee05fb5f549847c0fc
d5b6e53c9833f0ab023135c4e3631a86d714c4b580b26c2ea979973ebb521a2c
dbfad7c7af3d011579946bc80b80d979befb11863ec5944aac0773152f5114f7
dc2da83f5d7e36000609f0fe322f4daf3890f7ab34a73bb108b7fbac807efec6
df89d18e6182b3e3d38f545ec52a530842146e0c8ea50e2875c1f5722f2c26df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c2291b733d2fa23e49c2884df95154681b09cf7c6b10e3cd03f51770aca76e
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
eda4967806f34499d6e937d868857c7bb92ec0a5d7861530336433732c5face5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2369c82b6ec19bcf4fe76799d94edc43604e164c0f73978059536159845441
f0c67add34665df2d785635d0c8d11b236e38b9f97cde7b4859d6330f46d51ed
f149bd987e141afa945eeadec4a3303aa1999e4b96561cf1747f82971869265a
f2361252b492101d308ddebf07444fa9f516adc1d3a04e4c2f2b10d0cbc1d9c7
f3597ddd0e1f7410c7185c4261d2bd66606745e49804541c5047841441b60e04
f6416d77af5b39ebbd4a0210ccdb1412a941a7e5b2099dfb11e4eb4c32147f88

salazarinvestigations.com Open in urlscan Pro 209.87.159.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

100 %HTTPS

62 %IPv6

11 Domains

18 Subdomains

14 IPs

1 Countries

2815 kBTransfer

7550 kBSize

16 Cookies

30 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

salazarinvestigations.com Open in urlscan Pro
209.87.159.232 Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

100 %
HTTPS

62 %
IPv6

11
Domains

18
Subdomains

14
IPs

1
Countries

2815 kB
Transfer

7550 kB
Size

16
Cookies

84 HTTP transactions
2 data transactions