urlscan.io logo urlscan.io
SecurityTrails logo

www.icij.org Open in urlscan Pro
2600:9000:20a8:c200:1b:e244:83c0:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.icij.org/
Submission: On December 29 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 9 domains to perform 50 HTTP transactions. The main IP is 2600:9000:20a8:c200:1b:e244:83c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.icij.org.
TLS certificate: Issued by Amazon on June 12th 2022. Valid for: a year.
This is the only time www.icij.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    2600:9000:20a8:c200:1b:e244:83c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.icij.org
2    2a00:1450:400d:808::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:4700::6811:915b (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
22    2600:9000:20eb:200:1e:4eb6:8ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.icij.org
2    20.22.175.94 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
web-pusa01.app.blackbaud.net
2    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:4400::ac40:9197 (United States)

ASN13335 (CLOUDFLARENET, US)
trackcmp.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
29 icij.org
www.icij.org
media.icij.org
2 MB
5 gstatic.com
fonts.gstatic.com
60 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
region1.google-analytics.com — Cisco Umbrella Rank: 2124
20 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
2 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 11342
prism.app-us1.com — Cisco Umbrella Rank: 11376
6 KB
2 blackbaud.net
web-pusa01.app.blackbaud.net Failed
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
119 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
437 B
1 trackcmp.net
trackcmp.net — Cisco Umbrella Rank: 12009
315 B
50 9
Domain Requested by
22 media.icij.org www.icij.org
7 www.icij.org www.icij.org
5 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.icij.org
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 web-pusa01.app.blackbaud.net www.icij.org
2 www.googletagmanager.com www.icij.org
www.googletagmanager.com
1 stats.g.doubleclick.net www.google-analytics.com
1 region1.google-analytics.com www.googletagmanager.com
1 trackcmp.net diffuser-cdn.app-us1.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 diffuser-cdn.app-us1.com www.icij.org
50 12
Subject Issuer Validity Valid
*.icij.org
Amazon		 2022-06-12 -
2023-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
diffuser-cdn.app-us1.com
R3		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.app.blackbaud.net
GeoTrust TLS RSA CA G1		 2022-02-22 -
2023-03-25		 a year crt.sh
app-us1.com
Cloudflare Inc ECC CA-3		 2022-12-07 -
2023-12-06		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-09-25 -
2023-09-25		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.icij.org/
Frame ID: 0C3B6BDF9306B5BB382EA69F0E874D2C
Requests: 46 HTTP requests in this frame

Frame: https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Frame ID: 9A53CEB51372149DD7615B0CDE8DBF5D
Requests: 1 HTTP requests in this frame

Frame: https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Frame ID: 94A300B7F83873D84C2BBAC85666655A
Requests: 1 HTTP requests in this frame

Frame: https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Frame ID: B0F2DD0B8640B6D32FB07EE2EF0CE405
Requests: 1 HTTP requests in this frame

Frame: https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Frame ID: 7E05B925BF22AB9265B7D23C13572680
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

International Consortium of Investigative Journalists - ICIJ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

50
Requests

96 %
HTTPS

91 %
IPv6

9
Domains

12
Subdomains

12
IPs

3
Countries

2629 kB
Transfer

6991 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.icij.org/ 		89 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6badc94f0a622f3b4c42c4e2efe06c9fe967ff39ac4c3a7ea3d26fdc576c4cc5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
3553
cache-control
max-age=15, s-maxage=600
content-encoding
gzip
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Thu, 29 Dec 2022 08:59:18 GMT
link
<https://www.icij.org/wp-json/>; rel="https://api.w.org/" <https://www.icij.org/wp-json/wp/v2/pages/15>; rel="alternate"; type="application/json" <https://www.icij.org/>; rel=shortlink
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-amz-cf-id
UPRh-Zn07RagfGPhoZi_RPDdrjo1p5cBlm7ddRDuMN2iP5hm6oVKpg==
x-amz-cf-pop
MAD51-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
40FC5307_137A_AC14809C_01BB_63AD56E5_0315_6606
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
style.min.css
www.icij.org/wp/wp-includes/css/dist/block-library/ 		87 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:38:42 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
MAD51-C1
age
1188
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC5307_4F74_AC14809C_01BB_63AD6020_7CD6_6673
x-ua-compatible
IE=Edge
last-modified
Mon, 04 Jul 2022 12:10:37 GMT
etag
W/"62c2d8bd-15b64"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-amz-cf-id
w7PCwx7Kdek8ZYLS369uYDyYalFEjLhDXwMoDChgk82ExyA_jEj5ag==
main.css
www.icij.org/app/themes/icij/dist/styles/ 		300 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/app/themes/icij/dist/styles/main.css
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
d310d58cd687866fc5f7626f6ec0a42f9a9f2609ccdbec6a7986b16ee8c0f3da
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:34:13 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
MAD51-C1
age
1458
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC521B_40D6_AC14809C_01BB_63AD5F15_6CA2_6673
x-ua-compatible
IE=Edge
last-modified
Wed, 21 Dec 2022 18:08:40 GMT
etag
W/"63a34ba8-4af6c"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-amz-cf-id
CvnKn6Kc8_MUiuMKPmTE45n63y_1sGtqWP2vP7FpIDtlIVZyYmVtJg==
jquery.min.js
www.icij.org/wp/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/wp/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:54:06 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
MAD51-C1
age
265
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC5519_79AC_AC14809C_01BB_63AD63BD_BC32_6673
x-ua-compatible
IE=Edge
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
etag
W/"6048e0ac-15db1"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
p4CL-orct0yGJj0FKXX9eXHRJBC82QBswjFpRDPJgHEuVlwSiHx7SA==
jquery-migrate.min.js
www.icij.org/wp/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:54:06 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
MAD51-C1
age
265
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC5519_79BC_AC14809C_01BB_63AD63BE_BC48_6673
x-ua-compatible
IE=Edge
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
etag
W/"5fb4e3fe-2bd8"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
CNpDB9C6yjPxsi3PyQcmgQmqXgYtP2tzYO_5RiR52SkbVhEJU-dAYg==
main.js
www.icij.org/app/themes/icij/dist/scripts/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.icij.org/app/themes/icij/dist/scripts/main.js
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
def51343a232a84a56e31d4e24c4fc39b00feb2d989f4119ed71f95a90358b91
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:38:44 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
MAD51-C1
age
1187
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC521B_549E_AC14809C_01BB_63AD6022_7CF8_6673
x-ua-compatible
IE=Edge
last-modified
Wed, 21 Dec 2022 18:08:40 GMT
etag
W/"63a34ba8-4a52fe"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-amz-cf-id
wLNjk42BqY4sTghaxntcv6Ij3vJ3YdFO4xI-MT4Y2C41E0aTYSA1hw==
js
www.googletagmanager.com/gtag/ 		112 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-3383794-7
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcd3297f9db07fd79d035bc12290f53c168792834e063a0a564c91c7d929c192
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:58:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44674
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Dec 2022 09:58:32 GMT
css2
fonts.googleapis.com/ 		7 KB
746 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700;900&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/dist/styles/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3fa02d45548ef038ee98c0a084a9452319b4ac2b9574cea7da53fca7c33c8f4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 09:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 09:37:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 09:58:32 GMT
css2
fonts.googleapis.com/ 		3 KB
1010 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/dist/styles/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 09:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 09:19:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 09:58:32 GMT
css2
fonts.googleapis.com/ 		1 KB
495 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Anton:wght@400&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/dist/styles/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8414c901724cd12ba86915b39133c545d4c8f348dc917a75c449594c82b819fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 29 Dec 2022 09:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 29 Dec 2022 09:58:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 29 Dec 2022 09:58:32 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.icij.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 15:59:12 GMT
x-content-type-options
nosniff
age
237560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 15:59:12 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.icij.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 22:01:25 GMT
x-content-type-options
nosniff
age
129427
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Dec 2023 22:01:25 GMT
v1
web-pusa01.app.blackbaud.net/embed/goalmeter/ Frame 9A53 		0
0
v1
web-pusa01.app.blackbaud.net/embed/goalmeter/ Frame 94A3 		0
0
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:58:32 GMT
content-encoding
gzip
via
1.1 e72282a38ed8303004dbeb48a5b8fbb4.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
LHR3-C1
age
264
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 21 Oct 2021 17:42:06 GMT
server
cloudflare
etag
W/"4d482a43613d3966f353ec9d97452e0c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
7811ad87fb7b24e3-LHR
x-amz-cf-id
329Q-pbErw_aq14MTzsSXnydUR7mrNUyBgQ8zWjhhTFkpvBv37bkDA==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.icij.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 07:19:38 GMT
x-content-type-options
nosniff
age
9534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 07:19:38 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.icij.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:20:50 GMT
x-content-type-options
nosniff
age
560262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:20:50 GMT
1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v23/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/anton/v23/1Ptgg87LROyAm3Kz-C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.icij.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:07:59 GMT
x-content-type-options
nosniff
age
103833
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17020
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 05:07:59 GMT
Shadow-Diplomants-story-3-strip-club-by-Matt-Rota-ProPublica-ICIJ_1200.jpg
media.icij.org/uploads/2022/12/ 		232 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/Shadow-Diplomants-story-3-strip-club-by-Matt-Rota-ProPublica-ICIJ_1200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb1f0160ff81936e911524994f2667668e5eb717ff0a9eee057bed08e5209bb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5.lZlkrqljahospyeIyv8SjRneXZyZDl
date
Wed, 28 Dec 2022 10:50:24 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 21:53:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
83290
x-amz-server-side-encryption
AES256
etag
"96100073eb5bcd4b53a333ece7026371"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
237912
x-amz-cf-id
8HxK_sB06t6Or2LnTQIKS4TV_8IGok7MlJCH2dEJc1WTctKGf0gHnQ==
2022-covers-mash-up-360x200.jpg
media.icij.org/uploads/2022/12/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/2022-covers-mash-up-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdf0e55a43a9e3029f46be46f296ce10ee805d8c45c80cb2b4cbdc0f4a0f4bdb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
dyElYxZZcs2L1z7a9ZHSX6UinTZ0I0.E
date
Wed, 28 Dec 2022 20:46:36 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 20:12:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
47518
x-amz-server-side-encryption
AES256
etag
"e3b2af5ce80c239fd2355dce8f403786"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
17302
x-amz-cf-id
4HL5iMCxdMJOxZDm36US44uFXU1-GLpRMlmHf1DMf-mLNa7s9wr2oQ==
Ericsson-List-Broken-Justice-DPAs-360x200.jpg
media.icij.org/uploads/2022/12/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/Ericsson-List-Broken-Justice-DPAs-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b534def50f7603d6933049e9f61709a4f501e6df12929987009e7b2dbb17813

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
hwXS3_jfSZKe1mYDI_3dCYMQXCYXGPmC
date
Thu, 29 Dec 2022 09:50:52 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 13 Dec 2022 23:38:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65514
x-amz-server-side-encryption
AES256
etag
"7978370cbc0fbef28d3e3b9a32937768"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
18785
x-amz-cf-id
x-rk3s7qu6IwQ09rF7FZsP06S4djGI9bgIEc-9HcziFoPbyRbHzWcw==
Rodil-illustration-Armando.info_-360x200.jpg
media.icij.org/uploads/2022/12/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/Rodil-illustration-Armando.info_-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54dbad9589daf80088b8b76af61a9c961c424379ba2efead618620a72abfd94d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
PNtJnpHv3H3kofPYBS8Fjug2_1Cxatdq
date
Thu, 29 Dec 2022 09:50:52 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 03:58:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
1908
x-amz-server-side-encryption
AES256
etag
"d0afad98ae284216f5cf6df383a652c7"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
15446
x-amz-cf-id
GMogrJHcajjkiL9DzBx2kFUbloiecCn4m0XcBEtxI1FHEVTgLThovw==
web_GettyImages-107758593-360x200.jpg
media.icij.org/uploads/2022/12/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/web_GettyImages-107758593-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6da0850c96d66c9de6da4aac835351dceec2db689f5a6b7f92e95574368ba816

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
K7j3S3rLiC2KXHWLq1cLYzoC0RfoLnsA
date
Thu, 29 Dec 2022 09:42:55 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 19:57:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
42682
x-amz-server-side-encryption
AES256
etag
"7327be765e45b12a15360f5126d98312"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
12320
x-amz-cf-id
LrPP0yTlWS8h3Fqrgc3aEwIhUrUOb7pLT_M_UsosMdT9fcuBrgYfbQ==
Shadow-Diplomats-project-logo-background-360x200.jpg
media.icij.org/uploads/2022/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/11/Shadow-Diplomats-project-logo-background-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47aae50e3a4763d1ed2bbef7d6e0cb1334ef338ef9378e74f3b455809b075ec8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
7iCQIa2lmyxZZRYfUn5kx7UNsTfd5fzu
date
Thu, 29 Dec 2022 09:42:55 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 02:18:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
29095
x-amz-server-side-encryption
AES256
etag
"4da0bcb24efc5dbcc28b9fd3e9bfa64e"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
7758
x-amz-cf-id
sYns_FQYV4KbealYi9b7tHUZfhEXo3Og2eoQ_XoIJnv6bz7_iFuuww==
Trafficking-Inc-Overview-filtered-360x200.jpg
media.icij.org/uploads/2022/10/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/10/Trafficking-Inc-Overview-filtered-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81d009789bb708ca7841b31d95b73fb17e0016d06627f20a82e546675b57937f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
c5zIXW0mGHhADmokg6TSltHiRcXoNb4c
date
Wed, 28 Dec 2022 21:07:13 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 03:30:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
46281
x-amz-server-side-encryption
AES256
etag
"580a79d2c7315c9e469fc3dbff1c419e"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
14678
x-amz-cf-id
0wXxSufwBmB1tVFXooeDSCcwTWYV0C5XDVLQoNLIZDlS9kZ-m4jInA==
Antiquities-filter-16x9-1-360x200.jpg
media.icij.org/uploads/2021/10/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2021/10/Antiquities-filter-16x9-1-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d63dba35cb7b494c9698efc5d1fc3a75e6d6cc9117e29294da901e41ecd5e8f2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
v9GhMnslALXqAHsk.RhOmoB9dCq1t7Om
date
Wed, 28 Dec 2022 21:53:53 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 08:49:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
43481
x-amz-server-side-encryption
AES256
etag
"eafd1f93c1141f1668bd72ec3862dc1b"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
12239
x-amz-cf-id
OF85O31qV5YfaUg_x4tRFyX_u5qSZZG1Lp-EVOgOQIXR3mUILRNmFg==
Uber-Files-Backseat-drivers-360x200.jpg
media.icij.org/uploads/2022/07/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/07/Uber-Files-Backseat-drivers-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6e649feeaa6f4199f39534c9534568af5a7444f5a8e6673961179fdb7f832add

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
Be4zhlNV.BezoT4DBoPSO7XCfIHvVHKc
date
Thu, 29 Dec 2022 09:42:55 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Sat, 09 Jul 2022 11:10:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
45618
x-amz-server-side-encryption
AES256
etag
"34896e53a1effb3ace74c3151d26d79d"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
15181
x-amz-cf-id
hHXUFtMZ12jWxqKyi08ICZg5dTOAC78ZZ_TMHWGVAy-_4uvsqAFCxw==
Russia-Archive-Banner-360x200.jpg
media.icij.org/uploads/2022/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/03/Russia-Archive-Banner-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7976920b4001cb5587c67d937e5077d6da0b159ae3376a61e5e483c54161b1fd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
5j0x0Tknweq62zFPFOblbWWTmwH_aDGu
date
Thu, 29 Dec 2022 00:25:58 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 09:36:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
34356
x-amz-server-side-encryption
AES256
etag
"69b9a1cc2587b5a306908dc62226a669"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
18188
x-amz-cf-id
Xowj0GFsTqFeeeXXzame6-n0mWNcjrfgKd_7BmZxVbvDUXcegf7tbQ==
cover-bg-only-final-360x200.png
media.icij.org/uploads/2022/02/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/02/cover-bg-only-final-360x200.png
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
070b6395283ad705a4152f98866ef5f3cc04be9d04aae55776023eb146a63895

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
JI4lznGRC2Oc.df9ooF3VwX6r5o56_gK
date
Wed, 28 Dec 2022 11:01:00 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Sun, 27 Feb 2022 12:28:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
82654
x-amz-server-side-encryption
AES256
etag
"c0152b8f9920fb9844233b5cda6964fa"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
64232
x-amz-cf-id
fCXpem2Ca59Jxr0UtfJMhEbCHvRnmmPvA1wcM6APniL50P1yo_MQWA==
PP-Banner-City-V8-360x200.jpeg
media.icij.org/uploads/2021/10/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2021/10/PP-Banner-City-V8-360x200.jpeg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8180a140cae3ecfd95f4255a4cede9be21c4748218dc05012786183bd7f2ef38

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
dQ5IjrfwvCxCiDnSubcNxsRR.9DD0tZ2
date
Thu, 29 Dec 2022 09:42:55 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Sun, 03 Oct 2021 15:29:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
34356
x-amz-server-side-encryption
AES256
etag
"0ce5a2d958316d2a4808bf46dcfe9bd5"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
19039
x-amz-cf-id
NaOXX07SRaIEHTOCZp-UUYqb1Ysjl-dvZEVAlAqwgxp_zLc0rMtbew==
FinCEN_Files_ICIJ_1920px-360x200.jpg
media.icij.org/uploads/2020/09/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2020/09/FinCEN_Files_ICIJ_1920px-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a56aad4446893a86ab990a8474a43ecfeb492b79842fb4072ade2b74414d8c75

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
2GjkDBEFlYD2v4_EeODpZhWMsjaRrhRH
date
Thu, 29 Dec 2022 09:42:55 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Fri, 18 Sep 2020 19:05:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
40888
x-amz-server-side-encryption
AES256
etag
"9300bd79f6819fdf3388a5d12a0d1646"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
21971
x-amz-cf-id
l8TqqNQMRIMQWAirV-Er62pMOKNnDYudT6vIEdN00WeC0IugiSzxIg==
1920_XXI_Offshore_EN.jpg
media.icij.org/uploads/2022/12/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/1920_XXI_Offshore_EN.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4b0cee799b9236e71bea41d375369fb1285a8ca61616c4b824b23543fa8dd16d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
MoTLSR5eO57kZlVSJiei98DbVoG9LQLh
date
Thu, 29 Dec 2022 09:50:52 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 05:22:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
8017
x-amz-server-side-encryption
AES256
etag
"6d7b0d2ccbeaf79b039ecce51481d8e1"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
93435
x-amz-cf-id
gV1yX4meI4Dps9hvou3O_Jq68wcgaLMwt3jHYDKYD2DYphJhFA02cw==
Ericsson-offices-photo-by-Ericsson-360x200.jpg
media.icij.org/uploads/2022/02/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/02/Ericsson-offices-photo-by-Ericsson-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
08806a598293b32ea2150cfe9d1fa27c9ac2c91e73edd2f819bbd582f4a24d5d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
tn.oRRyhzqpukfUzz3p1jopTMRdfPlRF
date
Thu, 29 Dec 2022 09:43:35 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 15 Feb 2022 19:58:22 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
15639
x-amz-server-side-encryption
AES256
etag
"09637ba2e04bb581a971bb9a0e90e107"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
10218
x-amz-cf-id
cVpBgtsi4VHfFQaFpz8z-nPL9pg99qamXSnALkDHxAzYPMloVqseJw==
Ericsson_Borje_Ekholm_GettyImages-632747404-360x200.jpg
media.icij.org/uploads/2022/03/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/03/Ericsson_Borje_Ekholm_GettyImages-632747404-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b21292dd156b8824d84da2013cc1b548154cf5487e7de478642599815fdf32b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
R_UBLpkjk2NMBBVbynGR1adb_27cX5oM
date
Wed, 28 Dec 2022 15:42:54 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Wed, 02 Mar 2022 09:51:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65740
x-amz-server-side-encryption
AES256
etag
"abc0941ad963ebdb0ca9e214dd0b7f7f"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
11940
x-amz-cf-id
u_tj-K2gdYYZ4JUXi-_BJvn-4FB_0Q6avN-pIO7gBlUH9C216G1kTw==
web_GettyImages-1230372652-1-360x200.jpeg
media.icij.org/uploads/2022/12/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/web_GettyImages-1230372652-1-360x200.jpeg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05de3661de44f35c5f68b59f28847bdb4069f5d8dd473f230744e8a6edacb718

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ExfJJHYJs5sacyn0DDuPrBQAuBLDeUau
date
Wed, 28 Dec 2022 15:42:54 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 20:05:58 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
65740
x-amz-server-side-encryption
AES256
etag
"9352d17316db83c6dd83af609e56e877"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
10168
x-amz-cf-id
XVVrHcP19rP4WtTxR8xHotT25gawqLiHx85k0EQqsbN3IKcu8gR1fw==
white-warrant-collage-2-360x200.jpg
media.icij.org/uploads/2022/12/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/white-warrant-collage-2-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aae5c0fca94e2f4caaccc50311ffd2e1b31d7f41631bfe4be05cf66d9ba638b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
rAxepHPEiz7qUvdrCnLB6RMs0oBdMuaF
date
Thu, 29 Dec 2022 09:50:52 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 17:41:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
44973
x-amz-server-side-encryption
AES256
etag
"a19fdd4f144cdd10b2b5f2c38ddae446"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
16848
x-amz-cf-id
Lq-TQ1aPDgwWGr-QND8KWlFOtC0NG6AC2Z9S_585ez6HwnXv5Ym8Pg==
shadow-diplomats-impact-360x200.jpg
media.icij.org/uploads/2022/12/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/12/shadow-diplomats-impact-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c36c678de5679b30260747def813fa9bccea5d764e31065c2042d9a7bf0d0ac2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
DA6Pjt5PZBIuiZ0ryKu6jowYq6.0pKX0
date
Thu, 29 Dec 2022 09:50:52 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 06 Dec 2022 17:49:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
49458
x-amz-server-side-encryption
AES256
etag
"e17e4404d675265dde4552138ce3e72a"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
21013
x-amz-cf-id
uFspeZ2S6qgiZINLr7WeuDnVE2PBYA_bms3lmbNoIjvu3_m_9xscAw==
Putin_Award_Honorary_Consuls-360x200.jpg
media.icij.org/uploads/2022/11/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/11/Putin_Award_Honorary_Consuls-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16972bc43d0e17d14f80ab462ae064d8feeb566437174c5972f937982d351312

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
ViXLQb5FASJnLGWOmwlgOITS1RakZkBa
date
Thu, 29 Dec 2022 09:58:33 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Thu, 01 Dec 2022 03:18:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
341
x-amz-server-side-encryption
AES256
etag
"0be64c944f314445d407b11fd7ac6268"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
29855
x-amz-cf-id
9REM9x28MVPHj3xXIqJKRrfqlWQWhx_du3Yh4dVPAoM_trgiAmJdUQ==
web_GettyImages-1354445433-360x200.jpg
media.icij.org/uploads/2022/11/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/11/web_GettyImages-1354445433-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a738c2ea58128894d50f103d14f9df933ec631ccfd1bbbb05c0bcd821a01adf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
oMxu3v8.pU3udqAmuuiNHIHQrA7rFpWL
date
Thu, 29 Dec 2022 09:57:02 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Tue, 01 Nov 2022 20:23:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
5444
x-amz-server-side-encryption
AES256
etag
"f89bf6686287e2ae6c11d8cc61658c32"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13399
x-amz-cf-id
4rMIOx2gVYe2GtKaNaZ4nQZMuFnXrvC-c2IOGTr3rc4RLqVxEbh_Tg==
MTI-Pavla-Holcova-360x200.jpg
media.icij.org/uploads/2022/10/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.icij.org/uploads/2022/10/MTI-Pavla-Holcova-360x200.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:200:1e:4eb6:8ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
360efffe9e9aff7ffd990b880465ee457b7573313f3ffa72f73b2151198bb0d2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
aI9tfebSbW1Zcjq9C7xzYPcmRhQM_NX9
date
Thu, 29 Dec 2022 09:57:13 GMT
via
1.1 69f13f852a135432abb1b7bfc5a8b420.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 02:52:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
age
6053
x-amz-server-side-encryption
AES256
etag
"3f0a69145cf84629daec5c2ab9c6efa9"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
18756
x-amz-cf-id
-hNM2r21PJQXy3k1fPzBsPvOatR2W9lr-hs1FziVnLTf7aFNC661RQ==
v1
web-pusa01.app.blackbaud.net/embed/goalmeter/ Frame B0F2 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Requested by
Host:
URL: webpack:///../../node_modules/vue/dist/vue.esm.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.22.175.94 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9c6b1b4cd1b48f698ce1bcdc574e2d7a93a64fc5653af77b9dda52585604ab88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.icij.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
6619
content-type
text/html;charset=UTF-8
date
Thu, 29 Dec 2022 09:58:34 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
7
x-request-id
92527270-3da1-9c8e-8066-c5d51b0125b1
x-xss-protection
1; mode=block
v1
web-pusa01.app.blackbaud.net/embed/goalmeter/ Frame 7E05 		6 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Requested by
Host:
URL: webpack:///../../node_modules/vue/dist/vue.esm.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
20.22.175.94 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
9c6b1b4cd1b48f698ce1bcdc574e2d7a93a64fc5653af77b9dda52585604ab88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.icij.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
6619
content-type
text/html;charset=UTF-8
date
Thu, 29 Dec 2022 09:58:33 GMT
expires
0
pragma
no-cache
server
istio-envoy
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-envoy-upstream-service-time
10
x-request-id
3cbe351f-771e-9e15-9dd8-875b444584ae
x-xss-protection
1; mode=block
2-black.f786c1cd.jpg
www.icij.org/app/themes/icij/dist/scripts/img/ 		494 KB
495 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.icij.org/app/themes/icij/dist/scripts/img/2-black.f786c1cd.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20a8:c200:1b:e244:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7ce943c737691dfe15c5c4c4fa16684aa97f28476aad103327dbf858f028e2aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:54:08 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 b797234d27f385a39f8a380c54637a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD51-C1
age
265
x-cache
Hit from cloudfront
content-length
505654
x-xss-protection
1; mode=block
x-request-id
40FC5519_79AC_AC14809C_01BB_63AD63C0_BC7A_6673
x-ua-compatible
IE=Edge
last-modified
Wed, 21 Dec 2022 18:08:39 GMT
etag
"63a34ba7-7b736"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
-iCMySrdhhif-nrOHYNoSGccxklKerxRUMhkZw6At7fxXDHy7XPnZQ==
js
www.googletagmanager.com/gtag/ 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHK7PVGCC7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3383794-7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
765e8254786e562775e6424fd7aec700814d89753075f78de24d561cb83d076e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:58:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76282
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 29 Dec 2022 09:58:33 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3383794-7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 29 Dec 2022 08:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5473
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Thu, 29 Dec 2022 10:27:20 GMT
/
prism.app-us1.com/ 		246 B
461 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=27682030&u=https%3A%2F%2Fwww.icij.org%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.32
Resource Hash
df992c8109885da3bb7901f24591d3b0027dad70c0cf7b607f8ca6b3afb021c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:58:33 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.4.32
content-type
application/javascript
cache-control
no-cache, private
x-envoy-upstream-service-time
44
cf-ray
7811ad88fa81dd7c-LHR
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1460898283&t=pageview&_s=1&dl=https%3A%2F%2Fwww.icij.org%2F&ul=en-us&de=UTF-8&dt=International%20Consortium%20of%20Investigative%20Journalists%20-%20ICIJ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=514512805&gjid=1003008740&cid=876194448.1672307913&tid=UA-3383794-7&_gid=354481438.1672307913&_r=1&gtm=2oubu0&z=37675754
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.icij.org/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 09:58:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.icij.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
t_prism_sitemessages.php
trackcmp.net/ 		0
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://trackcmp.net/t_prism_sitemessages.php?trackid=27682030&prismid=d5a0c78e-5b31-425d-aaa2-390d84d77ba4&url=https%3A%2F%2Fwww.icij.org%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9197 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.13
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 09:58:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/8.1.13
p3p
CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
content-type
text/javascript;charset=UTF-8
cache-control
no-cache, private
x-envoy-upstream-service-time
126
x-privacy-policy
You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-ray
7811ad8a8ff5892a-LHR
content-length
0
collect
region1.google-analytics.com/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZHK7PVGCC7&gtm=2oebu0&_p=1460898283&cid=876194448.1672307913&ul=en-us&sr=1600x1200&_s=1&sid=1672307913&sct=1&seg=0&dl=https%3A%2F%2Fwww.icij.org%2F&dt=International%20Consortium%20of%20Investigative%20Journalists%20-%20ICIJ&en=page_view&_fv=2&_ss=2&_c=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHK7PVGCC7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.icij.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Dec 2022 09:58:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.icij.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3383794-7&cid=876194448.1672307913&jid=514512805&gjid=1003008740&_gid=354481438.1672307913&_u=YEBAAUAAAAAAACAAI~&z=2132715188
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.icij.org/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 29 Dec 2022 09:58:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.icij.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
web-pusa01.app.blackbaud.net
URL
https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A
Domain
web-pusa01.app.blackbaud.net
URL
https://web-pusa01.app.blackbaud.net/embed/goalmeter/v1?svcid=renxt&componentId=062e1f82-0731-4ea1-b81c-df676f571c5d&environmentId=p-N99xBDNJ_USGrl1gX1QS4A

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontentvisibilityautostatechange undefined| $ function| jQuery object| FontAwesomeConfig object| ___FONT_AWESOME___ function| _ object| $cookies function| gtag object| dataLayer string| visitorGlobalObjectAlias function| vgo object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| prismGlobalObjectAlias object| visitorGlobalObject object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady

8 Cookies

Domain/Path Name / Value
www.icij.org/ Name: AWSALB
Value: 7Laic1ksLs51wgAIAJYBCxE9IqlLalmUY4jw9tSyOi9/4LUX2XOHuL7qY2El9L1WDCIhfhLdNsuG/s1hWOwWRWaO63NOcOr3P4Q2EneQAGbX4kVVLb4NwNDqLDdi
www.icij.org/ Name: AWSALBCORS
Value: 7Laic1ksLs51wgAIAJYBCxE9IqlLalmUY4jw9tSyOi9/4LUX2XOHuL7qY2El9L1WDCIhfhLdNsuG/s1hWOwWRWaO63NOcOr3P4Q2EneQAGbX4kVVLb4NwNDqLDdi
.icij.org/ Name: _gid
Value: GA1.2.354481438.1672307913
.icij.org/ Name: _gat_gtag_UA_3383794_7
Value: 1
prism.app-us1.com/ Name: prism_27682030
Value: d5a0c78e-5b31-425d-aaa2-390d84d77ba4
.icij.org/ Name: prism_27682030
Value: d5a0c78e-5b31-425d-aaa2-390d84d77ba4
.icij.org/ Name: _ga_ZHK7PVGCC7
Value: GS1.1.1672307913.1.0.1672307913.0.0.0
.icij.org/ Name: _ga
Value: GA1.1.876194448.1672307913

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
media.icij.org
prism.app-us1.com
region1.google-analytics.com
stats.g.doubleclick.net
trackcmp.net
web-pusa01.app.blackbaud.net
www.google-analytics.com
www.googletagmanager.com
www.icij.org
web-pusa01.app.blackbaud.net
20.22.175.94
2001:4860:4802:34::36
2600:9000:20a8:c200:1b:e244:83c0:93a1
2600:9000:20eb:200:1e:4eb6:8ec0:93a1
2606:4700:4400::ac40:9197
2606:4700::6811:915b
2a00:1450:400d:802::2003
2a00:1450:400d:807::200a
2a00:1450:400d:808::2008
2a00:1450:400d:80a::200e
2a00:1450:4025:401::9d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05de3661de44f35c5f68b59f28847bdb4069f5d8dd473f230744e8a6edacb718
070b6395283ad705a4152f98866ef5f3cc04be9d04aae55776023eb146a63895
08806a598293b32ea2150cfe9d1fa27c9ac2c91e73edd2f819bbd582f4a24d5d
15eb202865d1d835fae2eff61bb922fa91fb4064a1fb850ebadab1f190782648
16972bc43d0e17d14f80ab462ae064d8feeb566437174c5972f937982d351312
1a738c2ea58128894d50f103d14f9df933ec631ccfd1bbbb05c0bcd821a01adf
360efffe9e9aff7ffd990b880465ee457b7573313f3ffa72f73b2151198bb0d2
3fa02d45548ef038ee98c0a084a9452319b4ac2b9574cea7da53fca7c33c8f4d
47aae50e3a4763d1ed2bbef7d6e0cb1334ef338ef9378e74f3b455809b075ec8
4b0cee799b9236e71bea41d375369fb1285a8ca61616c4b824b23543fa8dd16d
54dbad9589daf80088b8b76af61a9c961c424379ba2efead618620a72abfd94d
5b534def50f7603d6933049e9f61709a4f501e6df12929987009e7b2dbb17813
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6badc94f0a622f3b4c42c4e2efe06c9fe967ff39ac4c3a7ea3d26fdc576c4cc5
6da0850c96d66c9de6da4aac835351dceec2db689f5a6b7f92e95574368ba816
6e649feeaa6f4199f39534c9534568af5a7444f5a8e6673961179fdb7f832add
765e8254786e562775e6424fd7aec700814d89753075f78de24d561cb83d076e
7976920b4001cb5587c67d937e5077d6da0b159ae3376a61e5e483c54161b1fd
7ce943c737691dfe15c5c4c4fa16684aa97f28476aad103327dbf858f028e2aa
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8180a140cae3ecfd95f4255a4cede9be21c4748218dc05012786183bd7f2ef38
81d009789bb708ca7841b31d95b73fb17e0016d06627f20a82e546675b57937f
8414c901724cd12ba86915b39133c545d4c8f348dc917a75c449594c82b819fc
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9c6b1b4cd1b48f698ce1bcdc574e2d7a93a64fc5653af77b9dda52585604ab88
a56aad4446893a86ab990a8474a43ecfeb492b79842fb4072ade2b74414d8c75
aae5c0fca94e2f4caaccc50311ffd2e1b31d7f41631bfe4be05cf66d9ba638b7
b21292dd156b8824d84da2013cc1b548154cf5487e7de478642599815fdf32b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bcd3297f9db07fd79d035bc12290f53c168792834e063a0a564c91c7d929c192
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c36c678de5679b30260747def813fa9bccea5d764e31065c2042d9a7bf0d0ac2
ce358141326f8a2cc7d363f6cc66ea5e81a6cd31aad8214885843c1c91faba54
d310d58cd687866fc5f7626f6ec0a42f9a9f2609ccdbec6a7986b16ee8c0f3da
d63dba35cb7b494c9698efc5d1fc3a75e6d6cc9117e29294da901e41ecd5e8f2
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def51343a232a84a56e31d4e24c4fc39b00feb2d989f4119ed71f95a90358b91
df992c8109885da3bb7901f24591d3b0027dad70c0cf7b607f8ca6b3afb021c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fb1f0160ff81936e911524994f2667668e5eb717ff0a9eee057bed08e5209bb7
fdf0e55a43a9e3029f46be46f296ce10ee805d8c45c80cb2b4cbdc0f4a0f4bdb
feb9617bd3fcda1a52cbf8539985fddac2aaab0e6df8dbdac21ec3e9a179a4be