sfaskjysakjd.onlineport.ir Open in urlscan Pro
172.67.172.199 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sfaskjysakjd.onlineport.ir/
Submission: On May 15 via api (May 15th 2024, 11:40:43 am UTC) from US — Scanned from DE

Summary HTTP 79 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 20 domains to perform 79 HTTP transactions. The main IP is 172.67.172.199, located in United States and belongs to CLOUDFLARENET, US. The main domain is sfaskjysakjd.onlineport.ir.
TLS certificate: Issued by E1 on April 30th 2024. Valid for: 3 months.

This is the only time sfaskjysakjd.onlineport.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	172.67.172.199 172.67.172.199	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	104.16.251.51 104.16.251.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ab0... 2a02:26f0:ab00:3bf::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	104.16.252.51 104.16.252.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.146.13 13.33.146.13	16509 (AMAZON-02) (AMAZON-02)
1	18.173.155.56 18.173.155.56	16509 (AMAZON-02) (AMAZON-02)
3	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
1	18.173.154.111 18.173.154.111	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.115 54.230.228.115	16509 (AMAZON-02) (AMAZON-02)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
1	54.230.228.76 54.230.228.76	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	54.230.228.119 54.230.228.119	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	172.67.72.135 172.67.72.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	52.84.198.126 52.84.198.126	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:3e00:11:1ed0:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	99.83.154.140 99.83.154.140	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:20:... 2606:4700:20::681a:7e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.29.222 3.5.29.222	14618 (AMAZON-AES) (AMAZON-AES)
79	26

2 172.67.172.199 (United States)

ASN13335 (CLOUDFLARENET, US)

sfaskjysakjd.onlineport.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 104.16.251.51 (None, )

ASN13335 (CLOUDFLARENET, US)

assets.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.assets-d.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00:3bf::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.16.252.51 (None, )

ASN13335 (CLOUDFLARENET, US)

img.assets-c3.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets-c3.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.146.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-146-13.maa50.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.155.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-155-56.muc50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.206.68 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.154.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-111.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-115.muc50.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-76.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.228.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-228-119.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.72.135 (United States)

ASN13335 (CLOUDFLARENET, US)

static.trueanthem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.198.126 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-84-198-126.muc50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:3e00:11:1ed0:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:7e5 (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.29.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	propublica.org assets.propublica.org — Cisco Umbrella Rank: 111247 img.assets-d.propublica.org — Cisco Umbrella Rank: 208850 img.assets-c3.propublica.org — Cisco Umbrella Rank: 315181 assets-c3.propublica.org — Cisco Umbrella Rank: 250557 www.propublica.org Failed	641 KB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 5842 iteratehq.com — Cisco Umbrella Rank: 5078	28 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 89 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205	171 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3095	1 KB
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 3500	496 B
2	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 308	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 7810	126 B
2	trueanthem.com static.trueanthem.com — Cisco Umbrella Rank: 24527	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 988	59 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3249 p1.parsely.com — Cisco Umbrella Rank: 2383	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	188 KB
2	onlineport.ir sfaskjysakjd.onlineport.ir	34 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 9492	468 B
1	cloudfront.net d3div1mtym39ic.cloudfront.net	67 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2775	233 B
1	gstatic.com www.gstatic.com	202 KB
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 8046	113 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3699	34 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 8530	66 KB
79	20

	Domain	Requested by
17	img.assets-d.propublica.org	sfaskjysakjd.onlineport.ir
15	assets.propublica.org	sfaskjysakjd.onlineport.ir assets.propublica.org
3	iteratehq.com	platform.iteratehq.com
3	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
3	www.google.com	sfaskjysakjd.onlineport.ir www.gstatic.com
3	assets-c3.propublica.org	sfaskjysakjd.onlineport.ir
2	platform.iteratehq.com	sfaskjysakjd.onlineport.ir platform.iteratehq.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	www.google.de	sfaskjysakjd.onlineport.ir
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	static.trueanthem.com	www.googletagmanager.com static.trueanthem.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	sfaskjysakjd.onlineport.ir www.googletagmanager.com
2	img.assets-c3.propublica.org	sfaskjysakjd.onlineport.ir
2	sfaskjysakjd.onlineport.ir	sfaskjysakjd.onlineport.ir
1	ams-pageview-public.s3.amazonaws.com
1	d3div1mtym39ic.cloudfront.net	sfaskjysakjd.onlineport.ir
1	vc.hotjar.io	script.hotjar.com
1	www.gstatic.com	www.google.com
1	script.hotjar.com	static.hotjar.com
1	p1.parsely.com	sfaskjysakjd.onlineport.ir
1	htlbid.com	sfaskjysakjd.onlineport.ir
1	static.hotjar.com	sfaskjysakjd.onlineport.ir
1	cdn.parsely.com	sfaskjysakjd.onlineport.ir
1	ak.sail-horizon.com	sfaskjysakjd.onlineport.ir
1	cdn-4.convertexperiments.com	sfaskjysakjd.onlineport.ir
0	www.propublica.org Failed	assets.propublica.org
79	29

This site contains links to these domains. Also see Links.

Domain
www.propublica.org
give.propublica.org
projects.propublica.org
www.facebook.com
twitter.com
www.instagram.com
www.readfrontier.org
mississippitoday.org
www.nytimes.com
capitalandmain.com
www.youtube.com
policies.google.com

Subject Issuer	Validity	Valid
onlineport.ir E1	`2024-04-30` - `2024-07-29`	3 months	crt.sh
assets.propublica.org E1	`2024-04-17` - `2024-07-16`	3 months	crt.sh
img.assets-d.propublica.org Cloudflare Inc ECC CA-3	`2023-10-28` - `2024-10-27`	a year	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-09`	a year	crt.sh
img.assets-c3.propublica.org Cloudflare Inc ECC CA-3	`2023-10-28` - `2024-10-27`	a year	crt.sh
assets-c3.propublica.org E1	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
trueanthem.com E1	`2024-03-18` - `2024-06-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh
*.google.de WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
iteratehq.com E1	`2024-03-19` - `2024-06-17`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh

This page contains 2 frames:

Primary Page: https://sfaskjysakjd.onlineport.ir/
Frame ID: FE206D71BA25EC7997F49E737AA51327
Requests: 81 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9zZmFza2p5c2FramQub25saW5lcG9ydC5pcjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=x1q3voxyrpds
Frame ID: E58314BB6A51381F1B43BDA827E0F780
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProPublica — Investigative Journalism and News in the Public Interest

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

79
Requests

95 %
HTTPS

32 %
IPv6

20
Domains

29
Subdomains

26
IPs

5
Countries

1663 kB
Transfer

4291 kB
Size

14
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://www.propublica.org/
Title: ProPublica

Search URL Search Domain Scan URL

URL: https://give.propublica.org/give/346423/#!/donation/checkout?c_src=UpRed
Title: Donate

Search URL Search Domain Scan URL

URL: https://projects.propublica.org/nonprofits/
Title: Nonprofit Explorer

Search URL Search Domain Scan URL

URL: https://www.propublica.org/local-initiatives/
Title: Local Initiatives

Search URL Search Domain Scan URL

URL: https://www.propublica.org/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.propublica.org/about/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/racial-justice
Title: Racial Justice

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/health-care
Title: Health Care

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/criminal-justice
Title: Criminal Justice

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/
Title: more…

Search URL Search Domain Scan URL

URL: https://www.propublica.org/midwest/
Title: Midwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/northwest/
Title: Northwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/south/
Title: South

Search URL Search Domain Scan URL

URL: https://www.propublica.org/southwest/
Title: Southwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/texas/
Title: Texas

Search URL Search Domain Scan URL

URL: https://www.propublica.org/newsapps/
Title: Graphics & Data

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/
Title: Series

Search URL Search Domain Scan URL

URL: https://www.propublica.org/video/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.propublica.org/local-reporting-network/
Title: Local Reporting Network

Search URL Search Domain Scan URL

URL: https://www.propublica.org/electionland/
Title: Electionland

Search URL Search Domain Scan URL

URL: https://www.propublica.org/datastore/
Title: Data Store

Search URL Search Domain Scan URL

URL: https://www.propublica.org/impact/
Title: Impact

Search URL Search Domain Scan URL

URL: https://www.propublica.org/jobs/
Title: Jobs & Fellowships

Search URL Search Domain Scan URL

URL: https://www.propublica.org/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica
Title: Facebook Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/propublica
Title: Twitter Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/propublica/
Title: Instagram Instagram

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/texas-granbury-isd-school-board-courtney-gore

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jeremy-schwartz
Title: Jeremy Schwartz

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/texas-tim-dunn-wilks-brothers-vouchers-courtney-gore

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/guns-chicago-police-ella-french-indiana-tiahrt-amendment

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/guns
Title: Under the Gun

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/vernal-coleman
Title: Vernal Coleman

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/sarahbeth-maney
Title: Sarahbeth Maney

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/minnesota-attorney-general-sues-contract-for-deed-seller-chadwick-banken

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jessica-lussenhop
Title: Jessica Lussenhop

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/fields-of-green

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/chinese-organized-crime-us-marijuana-market

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/sebastian-rotella
Title: Sebastian Rotella

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/kirsten-berg
Title: Kirsten Berg

Search URL Search Domain Scan URL

URL: https://www.readfrontier.org/author/garrett/
Title: Garrett Yalch

Search URL Search Domain Scan URL

URL: https://www.readfrontier.org/author/clifton-adcock/
Title: Clifton Adcock

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/texas-school-board-bond-elections

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jessica-priest
Title: Jessica Priest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/lexi-churchill
Title: Lexi Churchill

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/dan-keemahill
Title: Dan Keemahill

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/mississippi-lawmakers-jail-detentions-mentally-ill

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/committed-to-jail
Title: Committed to Jail

Search URL Search Domain Scan URL

URL: https://mississippitoday.org/author/kroyals/
Title: Kate Royals

Search URL Search Domain Scan URL

URL: https://mississippitoday.org/
Title: Mississippi Today

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/el-camino-correcto-documental-familia-venezolana-asilo

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/gerardo-del-valle
Title: Gerardo del Valle

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/trump-irs-audit-chicago-hotel-taxes

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/the-secret-irs-files
Title: The Secret IRS Files

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/paul-kiel
Title: Paul Kiel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/lo-que-un-incendio-en-un-centro-de-detencion-en-mexico-nos-revela-sobre-la-politica-de-inmigracion-de-estados-unidos

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/perla-trevizo
Title: Perla Trevizo

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/georgia-law-could-lead-to-more-voter-suppression

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/doug-bock-clark
Title: Doug Bock Clark

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/plastics-waste-united-nations-international-conference-treaty-ottawa

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/lisa-song
Title: Lisa Song

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/propublica-editor-in-chief-stephen-engelberg-wins-freedom-of-the-press-career-award
Title: ProPublica Editor-In-Chief Stephen Engelberg Wins Freedom of the Press Career Award

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/propublica
Title: ProPublica

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/nypd-police-displicine-records-database-accountability-misconduct

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/sergio-hernandez
Title: Sergio Hernandez

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/blinken-israel-military-aid-human-rights-violations-leahy-law

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/brett-murphy
Title: Brett Murphy

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/shrub-oak-school-autism-new-york-education-oversight

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jennifer-smith-richards
Title: Jennifer Smith Richards

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jodi-cohen
Title: Jodi S. Cohen

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/syphilis-south-dakota-great-plains-tribes-hhs-becerra

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/anna-maria-barry-jester
Title: Anna Maria Barry-Jester

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/pulitzer-prize-announcement-propublica-supreme-court

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/oklahoma-oil-cleanup

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/unplugged
Title: Unplugged

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/mark-olalde
Title: Mark Olalde

Search URL Search Domain Scan URL

URL: https://capitalandmain.com/
Title: Capital & Main

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/propublica-wins-nellie-bly-award-for-supreme-court-coverage
Title: ProPublica Wins Nellie Bly Award for Supreme Court Coverage

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/propublica
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.propublica.org/feeds/propublica/main
Title: RSS

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://give.propublica.org/give/346423/#!/donation/checkout?c_src=vote
Title: Keep Them Honest Support journalism that speaks truth to power. Donate Now

Search URL Search Domain Scan URL

URL: http://www.propublica.org/corrections
Title: Read our corrections

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/tell-us-about-mental-health-care-access
Title: We’re Investigating Mental Health Care Access. Share Your Insights.

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/help-propublica-investigate-the-world-of-subprime-car-loans
Title: Help ProPublica Investigate the World of Subprime Car Loans

Search URL Search Domain Scan URL

URL: https://projects.propublica.org/the-year-after-a-denied-abortion/
Title: The Year After a Denied Abortion

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://www.propublica.org/nerds/
Title: The Nerd Blog

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/
Title: @ProPublica

Search URL Search Domain Scan URL

URL: https://www.propublica.org/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.propublica.org/leadership/
Title: Board and Advisors

Search URL Search Domain Scan URL

URL: https://www.propublica.org/staff/
Title: Officers and Staff

Search URL Search Domain Scan URL

URL: https://www.propublica.org/diversity/
Title: Diversity

Search URL Search Domain Scan URL

URL: https://www.propublica.org/fellowships/
Title: Fellowships

Search URL Search Domain Scan URL

URL: https://www.propublica.org/media-center/
Title: Media Center

Search URL Search Domain Scan URL

URL: https://www.propublica.org/reports/
Title: Reports

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

79 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
sfaskjysakjd.onlineport.ir/ 163 KB
33 KB 544ms
324ms Document
text/html 172.67.172.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e362ccd8b4fbf9b8656feebbbb47ecc689c9aef91b421f1246fb2ae262d798b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://projects.propublica.org
alt-svc: h3=":443"; ma=86400
cache-control: max-age=900, public, must-revalidate, stale-while-revalidate=60, stale-if-error=60
cf-cache-status: DYNAMIC
cf-ray: 8842daa4ca30696a-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 15 May 2024 11:40:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: http://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/
pragma: cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZWfM9Pjju%2Fgl6VQj7s8utro8ceLQwsIuLiwlVSDQCObO6OnqFHVHSTCTBsB86Jqg9pkNo%2BRVkQ4%2B8jUL%2BcESm8PEsaG%2BPSvlubAZ3qy1mVqKZtBfquG7%2FIhkBvrlAwPSqUyzX3nwleVw8x4cPw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-author: queue-worker
x-debug: Cached
x-frame-options: DENY
x-origin: v3-www.propublica.org

GET
H3 200 main.51828988.css
assets.propublica.org/static/prod/v5/css/ 391 KB
45 KB 208ms
166ms Stylesheet
text/css 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f5b6ad0f1007fa29e9c6525beb9468a91aa6c8aa8b00d041b3723c6f0f66d8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: GCNG8J1D7FN6JZQ6
cf-polished: origSize=403941
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Q52rgpjTph8c2H3zAZ4E2AfdYt49wiEu+2aByTOkemZj9fGtcb5DKAUcUsyZ329KozltcVAfBQc=
cf-bgj: minify
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: W/"9723d90915352bb1e6384c4cb89d9553"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 8842daa73abb9a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 201904-banner.png
assets.propublica.org/static/prod/v4/images/ 99 KB
99 KB 192ms
149ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/201904-banner.png
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d81e0bf79972922227d4a367c03cfa4fb33dc5406fbeb3b904b56acbc394dae

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: 4G7MP0J90RCM8ZX9
cf-polished: origFmt=png, origSize=266577
content-disposition: inline; filename="201904-banner.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100988
x-amz-id-2: KBy2ZFVCHs1LGdGkUl7bCO/29txhIY8n44ECfuCVvEkKx2YPtEVK3ADhY8iFXR+lFl3wCSLzIpQ=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 20:20:46 GMT
server: cloudflare
etag: "8e130e9cded2311891e95ff9b35f157f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa73abe9a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 20240305-stefano-summo-mj-Lead-promo.jpg
img.assets-d.propublica.org/v5/images/ 17 KB
17 KB 136ms
80ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240305-stefano-summo-mj-Lead-promo.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.7845&fp-y=0.5162&h=413&q=75&w=310&s=e6da927ed4e68bd86570956c783dacd9
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88cd4b58cea10db9f7c0904eb5f1cad4e386939190586a41e34194014956fed8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront), 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 2c51a767-e5fb-4e8e-9d4e-ca1f0db96a2a
x-cache: Hit from cloudfront
x-amz-apigw-id: WfCJZHG2IAMESyQ=
content-length: 17070
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:44 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6622b0a2-4b9866213af43a8d0ccac648;Parent=76be65e5def6ee61;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa74c5da025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: fGnoy48JdMOeiTUH5qHS7gm6iq9lG6FqVk-h9RpdGeLnyCElNH1c5g==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 email-decode.min.js Show response
sfaskjysakjd.onlineport.ir/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
16ms Script
application/javascript 172.67.172.199
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sfaskjysakjd.onlineport.ir/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.172.199 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 May 2024 09:31:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"663b4689-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeVpg6c%2BZLG6Gpi0HFsMbOa8fcfqEfSJAlbdeRzE2VeTFthajYfRXp6zBFWQ%2FDtpagnk7JCyXqq5Yr1lVTJCTmp3MZbPVRUIyxmxQAkybdROJDo3rZ6di4TkNsqcpOzlEehFEfm6WeZOd%2BASmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8842daa72ce3696a-FRA
expires: Fri, 17 May 2024 11:40:36 GMT

GET
H3 200 main.2c37ba76.js Show response
assets.propublica.org/static/prod/v5/js/ 141 KB
39 KB 189ms
176ms Script
application/javascript 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/js/main.2c37ba76.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ae2a479a40471a2ee0aafc4e7dafba5123f2b219d91563d52b56853a3bea13

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 20:21:40 GMT
server: cloudflare
x-amz-request-id: G86SBFEJWB5D742D
etag: W/"30a5684f8e8a889b49bddd5f9d39c8c9"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 8842daa73ac29a0c-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: +H1281CKHPzb18vWvn59G6siGmQo3W0J8SzMpoXSEa/77x+jvqP4PfdX/p491iAvtsIcEd/Kq2o=
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H2 200 1004759-1004714.js Show response
cdn-4.convertexperiments.com/js/ 213 KB
66 KB 51ms
13ms Script
application/javascript 2a02:26f0:ab00:3bf::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/1004759-1004714.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:3bf::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 778d5af40c891e3cbb829b38ade00d7416462970c90b59a06d2b8583abead595

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
content-length: 67152
expires: Wed, 15 May 2024 11:45:36 GMT

GET
H3 200 TiemposTextWeb-Regular_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 28 KB
28 KB 274ms
255ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposTextWeb-Regular_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053a9b913df62d6f62e05479e93d679953d2cf19de25301648d4701d838f7e17

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: PXHB2NTT5ZMZ7CE5
alt-svc: h3=":443"; ma=86400
content-length: 28357
x-amz-id-2: ZpbG/6BSbm7WrfcdTB9DSVRHCJ1IuaolXJ6RI+SQEO71m83IW3iwP+2gQ9DU5V8ouDXD8Ld7pFs=
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "2f0dc7dd281de8884c39fefcbf755812"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9cd5c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cce51e792b5bed74f35c8b0540f856a24116ecd96dad0c9b64e6a4552c4afcb9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 813 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a2d88e2d2d50aa91bce568a9e4a5c707d30c56b84f97f306a069c10eac5ae33

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b44840c1bb8e5b5df03db4c7589c7d129dd00a88fab8e57fafc0b75b6c2659ca

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 481 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cece1f4ebf180c5740977e93adbbf6d91af4d5a0f8c9034025a2bec8b3119a75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15fbec6e5b37cc7e9ff13f533cebd43d4a4579b9b257d6c96b21936463361f75

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Graphik-Bold-Web_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 18 KB
18 KB 230ms
212ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/Graphik-Bold-Web_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f75efe09e9a15de6732fbf32bb96bd5d570689576f84be9763fe6147f3f405c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: PXHF27K2JKQNCGVS
alt-svc: h3=":443"; ma=86400
content-length: 17965
x-amz-id-2: nmKwJMAnpfIYcAbU6Mlp/ZLtzXGaht4q0g4hed2tJEvCBOgBxk605m8FjAJ+wTe+G1qOfsxeoRY=
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "36c66768f1f0efc2065048e1f1dba296"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9c75c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 TiemposTextWeb-Bold_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 29 KB
29 KB 245ms
227ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposTextWeb-Bold_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 890a308f110701f892cbb8d923d529a06c44e5bbeafa6b92df2fae66f3706bd1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: PXH1229KJ2GY5RVR
alt-svc: h3=":443"; ma=86400
content-length: 29395
x-amz-id-2: CaBWTEyCU5MLmazMQRC9ICf1woFVzfBlh+xxxlQweWKoBMjtxWU1NLbWppLCbb8LqwEiXZF60dE=
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "15e76bde224fbb7970e3b89254be71da"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9bd5c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 Graphik-Regular-Web_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 16 KB
16 KB 292ms
275ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/Graphik-Regular-Web_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ce372d43a91580bdc4185d48a02bef4b7954c49e721e181fa02b656eaa61213

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: MISS
x-amz-request-id: YYJS0SM81CZAM1SD
alt-svc: h3=":443"; ma=86400
content-length: 15885
x-amz-id-2: 2a/Fr/6S3nzVwec8WrcvU0vpExnB5xrX10NBD4tiX7YSvHT7mAmwDCsUiEePeywhL55vrmXZYd8=
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "1974b7e72f30b60ceed7de2e5653d7b4"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9bf5c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 TiemposHeadlineWeb-Black_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 19 KB
19 KB 235ms
218ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposHeadlineWeb-Black_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6407c87204c820e7f94f1e129190e3f3589f59c4768cc97c3a76d43075d8f2fa

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: PXHEBN5VSA3V59ZT
alt-svc: h3=":443"; ma=86400
content-length: 19337
x-amz-id-2: juKcbf5Wv/5fT1ZS5qLYo8tIh+epxbQ8cTBIOhIc2I9BCPf/NlN6uCkAz9fruajUi/SfYS96YnA=
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "4ca36d6287f01b10c1ac41cd2e1da923"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9b05c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 TiemposHeadlineWeb-Bold_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 19 KB
20 KB 264ms
246ms Font
font/woff2 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposHeadlineWeb-Bold_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62ee001f1b8313b0030ddf9c3a30c789075a2a4a9065557ab76c46d088bbe0f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: PXHE22TAG33VKDHF
alt-svc: h3=":443"; ma=86400
content-length: 19529
x-amz-id-2: p/gfr53r0sexYSoAM3rijGeBHBFJ9hJyrxDYVfMip59f/XwjAQ5fbNXgipZr+ePsD0F/kcftcl7SHtCgkO8HU2jRwgPBQ8na
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "bf354483d7fb9a80bff102f07b0c2266"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8c9cb5c20-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET 20240507-Tauber-Schools-019_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 0
0

GET 20240226-Tauber-Schools_025_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 0
0

GET
H3 200 20240502-Maney-GunsIncChicagoCopKilling-010PROMOweb.jpg
img.assets-d.propublica.org/v5/images/ 8 KB
8 KB 93ms
90ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240502-Maney-GunsIncChicagoCopKilling-010PROMOweb.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=693207ce74117eff197a11f05fa3dbb4
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d3a9d4bc659388e516ef0e8f21640f6c00a130f41e9907c267bdd85d8c47f9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 51b32b366d2fc0baf4c02123f643c37c.cloudfront.net (CloudFront), 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 09284351-6a3a-4011-a20d-70e464aedd27
x-cache: Hit from cloudfront
x-amz-apigw-id: XyPSVHGeoAMEl8g=
content-length: 7988
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6643f8db-5df981f57710785c2e0451f4;Parent=4bceb78fadfca828;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae65a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: RleeeoGJ4SbeHWNd9OCyU1eE2PllMz2vSkMH_gyTKZf72UJkYkBvUw==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 CFD-Lawsuit_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 6 KB
7 KB 78ms
75ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/CFD-Lawsuit_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5025&fp-y=0.339&h=210&q=75&w=210&s=b4b671258e1dfee305128dcbd4fcd7bb
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ed523ba0d33db08b71614b3659da2b066763d5fa5772214f9f9f0b29a8bc114

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 abf16b943a9b4039b87ccdb094d9303e.cloudfront.net (CloudFront), 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: bacb1c0c-6bb1-4317-8f76-5cebaee014a5
x-cache: Hit from cloudfront
x-amz-apigw-id: XyPSTFOBoAMEJUw=
content-length: 6112
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6643f8db-1e979d5b7aaf6a4b134d1301;Parent=4fab6f79f1b0592f;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae69a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 6VJggJorKWKDziyWXdP-WQFLI7XIJRmUpE5cfwjaMynx-Jakbr0_bQ==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240305-stefano-summo-mj-Lead-promo.jpg
img.assets-d.propublica.org/v5/images/ 9 KB
9 KB 94ms
90ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240305-stefano-summo-mj-Lead-promo.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.7845&fp-y=0.5162&h=210&q=75&w=210&s=3250bf09869254b613ee072cc8cbeb3f
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82224455eb312523cc61715cbd620482b50284f62662fbcfc06a7bcf887240ba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront), 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: df3700e4-74a4-406c-896d-70abb8f72b9a
x-cache: Hit from cloudfront
x-amz-apigw-id: We_SKEHnIAMEfLA=
content-length: 8838
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:36:39 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6622ac0d-0abe69564a69f4da5cddaabd;Parent=05618480dcb4cdbf;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae6ba025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: b6WzufyKg-hX7Bvkc8ABOI1sBsYeBm8W24qLnGUihM1WyZnme8iepQ==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-c3.propublica.org/images/getInvolved/ 12 KB
12 KB 132ms
77ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-c3.propublica.org/images/getInvolved/20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=107c7562169ec9b742a208a3807c0da3
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9ddff082e26c7d95ca5602cfe9bc8bec3a2d0a90409f5b243003601d5f5f3a8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 db38c5279288cd1c6aea4fa2c0409120.cloudfront.net (CloudFront), 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P8, FRA2-C2
x-amzn-requestid: 111e9051-cd14-4e48-bbd6-6358d6f37ed6
x-cache: Hit from cloudfront
x-amz-apigw-id: XzqdMFsDoAMEjeA=
content-length: 11980
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:46 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66448aba-7c0347d31cd5c8e34bbf2fb3;Parent=095ae1a5f145ae05;Sampled=0;lineage=60d7814e:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa90ec75d3c-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 5G8OJyzS4Ie9s9uVY1-QOpkjQHSsZcVV7cC0x6asqEGdbrLoJoKckQ==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 Mississippi-jails-mentally-ill-impact_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 7 KB
7 KB 81ms
76ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Mississippi-jails-mentally-ill-impact_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=0a0ad76bbee67d2987b85ae6a6391b35
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d364a27561f1316e4e629d9651d4205db6e44d6a5acfe6de5096281281b9f5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront), 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 70d70044-ad11-4f71-86d1-5829d9926e31
x-cache: Hit from cloudfront
x-amz-apigw-id: XubvuES_IAMEpGg=
content-length: 6748
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:36:39 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66427331-71353ecf69ae8e3b2aad5878;Parent=61fcd5f2994204f1;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae6ca025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: g2JMoAB3ByyYPQdzY501Ljc-0gsEyfTxxRAo-d5fixvTtEuSQZWfCg==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 The-right-way-centered-promo-image-blank.jpg
img.assets-d.propublica.org/v5/images/ 4 KB
4 KB 79ms
75ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/The-right-way-centered-promo-image-blank.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=98a7a37ae18ddea39d68875ed89ea3f9
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 984de13f6543b1464bc64472dcff38e52025597ad16e308a0048ab6bbcd5084d

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 2e8126aebd83e92e3cf50c4f9c832912.cloudfront.net (CloudFront), 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 160355ce-54f0-4e87-93a5-033756a5e030
x-cache: Hit from cloudfront
x-amz-apigw-id: XLg4jFtnoAMEiCg=
content-length: 3644
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:36:39 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66347b69-140c6b596b5bd2fc0043b734;Parent=4f369a571501d37a;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae6fa025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: wMj1dPj8rMiNfFtLfK_1SeiFix2NNL97NmkYkqNMziAPWR-Ic4DplA==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 9 KB
9 KB 59ms
55ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=0f5f0faa13e656e5feb90e2f945bdfc5
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bca58f5bf11793f5959b28fd3476d8d6c592f10a32774d673812b834cebfc5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront), 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P9, FRA60-P4
age: 49
x-amzn-requestid: bd74ef51-24a7-4eb7-b664-5e92e21c5624
x-cache: Hit from cloudfront
x-amz-apigw-id: XnGJbGdQoAMEV0A=
content-length: 8818
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:39:47 GMT
server: cloudflare
x-amzn-trace-id: Root=1-663f83d5-518fb2de0d5dd5b53b8a29d1;Parent=1615c95c7ef0925d;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae71a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: uFN90WXE5QUarUZM87tJTvP7fIyjBgyEtabwRokbAh4srkaVUOpnvA==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 032823_pratje_IMMIDEATHS_015_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 7 KB
8 KB 71ms
67ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/032823_pratje_IMMIDEATHS_015_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=c07f435dfbd4e540ddff7a7524ee4b1b
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd187dd83ea88b0d70d1a880296f8919c52b261374e2561e9d465c29d0eefd4

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront), 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 7b7eab95-e475-4602-be0a-557bf9912ae5
x-cache: Hit from cloudfront
x-amz-apigw-id: XGJKeFnWIAMEA7A=
content-length: 7660
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:14:30 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66325575-03c60d7e00ac05701225e695;Parent=3f16168d24892c11;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ae72a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: hzCZGwM_exS1JZ0acB6YN-7U25vCvb89xGEsmbJE616w0zGHpjKErw==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 donate-photo-a.png
assets.propublica.org/static/prod/v5/images/ 55 KB
55 KB 154ms
150ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v5/images/donate-photo-a.png
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017cc4a845c86c76aa87dd23e6105c4ea1554ff01617677defda7a29631ea073

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: KWFWEWXN1GT3CWFW
cf-polished: origFmt=png, origSize=97209
content-disposition: inline; filename="donate-photo-a.webp"
alt-svc: h3=":443"; ma=86400
content-length: 56306
x-amz-id-2: DWMhRD2rrcZmXj12DY6OqB9r1ERkwFF93CbUG5JzN4ryn1WBhdSXklIwRxmwcijuqZq8FWwjQcg=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "a6a7bd61f873e433432b1902463c1271"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8bc309a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 medal_franklin_128.png
assets.propublica.org/static/prod/v4/images/ 43 KB
43 KB 145ms
140ms Image
image/png 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/medal_franklin_128.png
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6526d59e74abd6e7f4ed066c717f2879df1513d2cc21c9587feeccc790f25917

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: 82475YYKC95TWE60
cf-polished: origSize=47303, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 44123
x-amz-id-2: DQO6vx9MNILJUIiv0PyhJxHU21t00K05ElKK3SgB6PY8nMzzba8k8T44j0S+N72+BYbWEs71DOA=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 20:20:46 GMT
server: cloudflare
etag: "9abb0c80a53b1f9c11c0d743c5199651"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8bc389a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 events-promo.jpg
assets.propublica.org/static/prod/v5/images/ 24 KB
25 KB 161ms
157ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v5/images/events-promo.jpg
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cdc41c84edf158e42c0aa0a79cd55895ae6bff5e569c51d2ce1cbd23d799eba

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: BSVNZSGMBE82QFZE
cf-polished: qual=85, origFmt=jpeg, origSize=70035
content-disposition: inline; filename="events-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25070
x-amz-id-2: UztzSvT7QpkAEOSJzZPV54SvFlxn0aLfR+fjs4D4yn/uBsazhWhPy09Z+bOa8SnjN+UouBY7GSo=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
etag: "fc39cc962c0c5fe9b76c97d2e339fd33"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8bc399a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 promo-data-store.gif
assets.propublica.org/static/prod/v4/images/ 16 KB
16 KB 157ms
153ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/promo-data-store.gif
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf859e8cb71b170b4f1165be584c99e31b20141200d121e7bde2ab9258bc8dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: XQ2TG37VBRMX1BCS
cf-polished: origFmt=gif, origSize=30773
content-disposition: inline; filename="promo-data-store.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15906
x-amz-id-2: OUjoeuzNtBqLuWO6U5W8VjuHjvCH4Cc3RubZ5Zz5sUf+6Vc08qD1asmQM4vgvTgpdEB7M/o7efE=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 10 May 2024 20:20:46 GMT
server: cloudflare
etag: "9bbe69bb4150c94d2e769a70d765ca01"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8842daa8bc3b9a0c-FRA
expires: Thu, 16 May 2024 11:40:36 GMT

GET
H3 200 20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 28 KB
29 KB 119ms
63ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb09ef9a505ea83f231c82ab639a34ff5d28d06f1d0e689587fbe859ca5aea0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: 1AQA1VMD1HXXE16D
age: 5200
cf-polished: qual=85, origFmt=jpeg, origSize=33346
content-disposition: inline; filename="20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28692
x-amz-id-2: SbtagCovNKbBvDTblA7vSdJWcihXqmjDON88QLOGD8LZWAXvm8MBfGlf3KGl6YnOjgFay6C0B6s=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 May 2024 10:11:00 GMT
server: cloudflare
etag: "314322446b31216b063611513fc941cf"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8842daa90a921968-FRA
expires: Wed, 15 May 2024 12:10:36 GMT

GET
H3 200 20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 6 KB
6 KB 126ms
70ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9ac7bec5b01562a7bc2ea4e5ee605071f052ca69b8485140d4fb288bd0017b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: JAA53BK49GAHN09Q
age: 83761
cf-polished: qual=85, origFmt=jpeg, origSize=13974
content-disposition: inline; filename="20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6146
x-amz-id-2: 8mhJFPmcPFs0OCJPTb9oIfG1EQ5BMrm2G/8zA7Ni4Qgi4CHfNWgC6ieUTulR+sYbe3XL8Fy0Vys=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 11:01:22 GMT
server: cloudflare
etag: "06cc0ccafc24f69c899d1d7bc5598f95"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8842daa90a951968-FRA
expires: Wed, 15 May 2024 12:10:36 GMT

GET
H3 200 Used-Cars-Callout-1x1-crop.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 23 KB
23 KB 102ms
46ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/Used-Cars-Callout-1x1-crop.jpg
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca261d1bb59c845d0d51e92a9dd91984ee1071592eb0714af218da8c2e686dd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
cf-cache-status: HIT
x-amz-request-id: MJ2GZQ78V58V79VF
age: 16678
cf-polished: qual=85, origFmt=jpeg, origSize=33036
content-disposition: inline; filename="Used-Cars-Callout-1x1-crop.webp"
alt-svc: h3=":443"; ma=86400
content-length: 23210
x-amz-id-2: Utw/sR9ZTZl2yqaBh8ogNxd9/vg+7QxNpCdvViJ7sQxH2c+D1DttNv202VXAy7PISVNqKkxo7co=
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 Dec 2023 13:01:22 GMT
server: cloudflare
etag: "7e796b0ca7229a0a788fe167e513b079"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8842daa90a981968-FRA
expires: Wed, 15 May 2024 12:10:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 242 KB
85 KB 162ms
69ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5334512bcc4b88d39231a31792ce8d98853699b0155265ade0b56d2d5eff454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86693
x-xss-protection: 0
last-modified: Wed, 15 May 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 15 May 2024 11:40:36 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 976ms
302ms Script
application/javascript 13.33.146.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.146.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-146-13.maa50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:35:47 GMT
content-encoding: gzip
via: 1.1 c6ad7e7d0a024444ca42438214ae6c72.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 06:45:39 GMT
server: AmazonS3
x-amz-cf-pop: MAA50-C2
age: 291
x-amz-server-side-encryption: AES256
etag: W/"6a90e37d3f128291a2aab5a6b31ac0a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: e8-9C8vsxiyxKhQjZ9z0_ZrlhcfPg3ptHh9rEYcj2UZp-d-BTu0OAA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/propublica.org/ 57 KB
21 KB 67ms
15ms Script
application/javascript 18.173.155.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/propublica.org/p.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.155.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-155-56.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: d3884bc713cb5a627601c698c23e35773a26df0834336c1ec44dc99850405bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Wed, 15 May 2024 04:34:38 GMT
content-encoding: gzip
via: 1.1 2d22bd8fe92380401bbc1d8cc010e5a0.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 21:08:48 GMT
server: nginx
x-amz-cf-pop: MUC50-P3
age: 28035
etag: W/"633b4f60-e288"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: TGOHkbrGuyNXa03h1gW8i7aRxGsj05a-M3JGy73Oh97oL8iX8iI6Pw==
expires: Thu, 16 May 2024 03:53:21 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
983 B 124ms
46ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

GSE /

Resource Hash

6c59d2d70813f83bf73c2beacf860661ba86ec095e321991c5102bd6cc911897

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 15 May 2024 11:40:36 GMT

GET
H2 200 hotjar-3261149.js Show response
static.hotjar.com/c/ 9 KB
4 KB 93ms
39ms Script
application/javascript 18.173.154.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3261149.js?sv=6

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.154.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-154-111.muc50.r.cloudfront.net

Software

Resource Hash

8f1276caee62654031a7ee96b46747545ad3c8e66b5e82213141659f6c39c365

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 15 May 2024 11:40:11 GMT
via: 1.1 918459d66ab0cca4258acacb6d3f6edc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P3
age: 25
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/f954a67193126db835f581b700ab6415
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: STP7GdQwpplxwZB4vDNNW1VGeq-NhqQCNdOkV3lsMxiNWVg7Eyye5g==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/propublica.org/ 365 KB
113 KB 488ms
436ms Script
application/javascript 54.230.228.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/propublica.org/htlbid.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-115.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c372e3970089df2cb842ed126a1235ff3c04681d07a5e487abc87cbfac2b3e2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:37 GMT
content-encoding: gzip
via: 1.1 4b3ef7616dbf62f98d54524f0218face.cloudfront.net (CloudFront)
last-modified: Mon, 27 Mar 2023 20:02:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
etag: W/"f8c955d1772eab7aaec7aa53f2255e0a"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: wuZGoqOXALVFfyaSeQfIkQvmjy2Pux32VyAx0XTntbV5didWVNIVJA==

GET
H3 200 20240507-Tauber-Schools-019_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 6 KB
6 KB 46ms
45ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240507-Tauber-Schools-019_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.6523&fp-y=0.679&h=533&q=75&w=800&s=0d3660ce12173873d1507cbb447f81c3
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfc566098277aae4eff62eee60b8730b6c5eed9a0590385b1b4efbbdcba37024

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 6ee264f4aa2ef518b13a5a8305e8080e.cloudfront.net (CloudFront), 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P9, FRA60-P4
age: 45
x-amzn-requestid: b0df5f20-7b42-445f-9b89-f1bc173d17f3
x-cache: Hit from cloudfront
x-amz-apigw-id: Xzo8UFCqIAMEgrw=
content-length: 5672
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:39:51 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6644884e-24417821092fe6c55393c0e6;Parent=596de1710e2754d6;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce8fa025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Hr2jITpZM_C2gZcdx40-0kgXhaXc073JWzcCxtalOiRbjjJuagJXhw==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240226-Tauber-Schools_025_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 5 KB
5 KB 48ms
47ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240226-Tauber-Schools_025_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=267&q=75&w=400&s=ebe35b700d7c8267ee3eae77a778a4d4
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11246d71f0fd1a28f8712dafbe0141d407bc12d773d8b6ee917e84bb3e96b931

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 e1af02661708034e962bd39b357a50aa.cloudfront.net (CloudFront), 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P9, FRA60-P4
age: 48
x-amzn-requestid: b6ffdbbb-9518-4495-a820-6b6d0802b238
x-cache: Hit from cloudfront
x-amz-apigw-id: Xzqh9GGfIAMEBtw=
content-length: 4840
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:39:48 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66448ad9-4eb6b22425211d5330d3a58a;Parent=1e527c09dfc00f3b;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce92a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: w3IOf2pFzf3BpjlH-skuyQQJPMSX16xhCJBKYkX15105BPT98fBVpA==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240502-Maney-GunsIncChicagoCopKilling-010PROMOweb.jpg
img.assets-d.propublica.org/v5/images/ 2 KB
3 KB 75ms
73ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240502-Maney-GunsIncChicagoCopKilling-010PROMOweb.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=beea97929d6b9daf2ac5a63a19cc69ab
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6076a2efbb87c490ecc5821c60c4cccdd5be649070a98f76e4f8216e44ac13a0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront), 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: c21a2eff-8564-495b-a2f7-4a3d72747837
x-cache: Hit from cloudfront
x-amz-apigw-id: XzqhQE7WoAMEIRg=
content-length: 2518
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66448ad4-2f47670c2d51bfba1dbbee85;Parent=37881b075067e41b;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce94a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 0dIQ0oZCLtt2_5CpuIlL7oLVnF6cWZ1nmmTRQZCmrNomVzy_Ur8Ysg==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 CFD-Lawsuit_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 2 KB
3 KB 66ms
65ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/CFD-Lawsuit_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5025&fp-y=0.339&h=105&q=75&w=105&s=ad5d08afff5e1b049e0fd21c54e82ee1
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d3ecaecc396730ec5190ead4aaba7ef4026e72d4b1284edc85ce347e6abdaa2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 78668cba389ee6455cf1c23180f33cf8.cloudfront.net (CloudFront), 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 0b756e8d-36e8-4c11-b008-f1496042b155
x-cache: Hit from cloudfront
x-amz-apigw-id: XzJRnHSNIAMEhbg=
content-length: 2446
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-664455a3-48c369a456ade2a032459bec;Parent=5f1c6b07db741872;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce95a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Cpgmc3uLnkUgR3rpDl5oKJlrsTeThah40Ut1QyoB0pCXnfNpl868WQ==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240305-stefano-summo-mj-Lead-promo.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
4 KB 73ms
72ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240305-stefano-summo-mj-Lead-promo.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.7845&fp-y=0.5162&h=105&q=75&w=105&s=bea69204be58c9355a7b9fd474eacf3a
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9b4c4d8fdef3d5367ad0668998b47f348745d34adca46f0c39e1226f5935bf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 dbddc07d9edf6f99394912c390c6ef32.cloudfront.net (CloudFront), 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 27b1ab4e-d288-475e-8568-fdaa8cc32fc5
x-cache: Hit from cloudfront
x-amz-apigw-id: We_YZEBYIAMEafg=
content-length: 3540
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6622ac35-2ec9b74272d3ceb368718bd6;Parent=21b86ef59168c216;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce98a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: stk8eKp98FYTHNiGcpDzJCFPfDo1V6tHUlPYH0VqaF-dZOkMRwrqjg==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-c3.propublica.org/images/getInvolved/ 4 KB
4 KB 69ms
68ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-c3.propublica.org/images/getInvolved/20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=51e7a3c7f5f6a9ecd17a639d086b019b
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f2ceec3ae850aa7bd98e3aa865a1099bd417b6c417eb7e9be4d41d831ebe12

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront), 1.1 7158aa4ac648947d564b98d9769b5b2a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P8, FRA2-C2
x-amzn-requestid: 1da9ba87-aea4-442c-8027-b8898973716c
x-cache: Hit from cloudfront
x-amz-apigw-id: XzqjxHB9oAMEnww=
content-length: 3822
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:46 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66448ae4-007a70633e719e874c89bdf7;Parent=3598186196c4e318;Sampled=0;lineage=60d7814e:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa91ee95d3c-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: xR2bu9qLfyYweL4Saj0P-NpGAGntwWuByXZ1k3z_PEnIrAyIgCFfCw==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 Mississippi-jails-mentally-ill-impact_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 2 KB
3 KB 71ms
70ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Mississippi-jails-mentally-ill-impact_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=b061cad9e243b59008241a3c94b69287
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b532ea507df8d6223d83ace7146d269b9746279d604c54cfaf98d3f832cc18d5

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront), 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 05be5ac7-95c3-4563-9985-2766c5222eda
x-cache: Hit from cloudfront
x-amz-apigw-id: XusKAGv4IAMETVQ=
content-length: 2238
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66428d72-0ba116245f8c817d6592010a;Parent=4077b7f98f362b56;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce9ca025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 2GZC6kv1DaN9xtFdMKSZxgoaekODs-EOHFyuz_n-zLTOssDdoJ7Zdg==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 The-right-way-centered-promo-image-blank.jpg
img.assets-d.propublica.org/v5/images/ 1 KB
2 KB 76ms
75ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/The-right-way-centered-promo-image-blank.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=826d6360e8c01d39d8be1e7a01f0b335
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e414be9087afaa6b3353058c6d9fee0338d5301f390dbbb7fd6a2fd82863fc

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 6641a812839e5267ee0880e96b41efc4.cloudfront.net (CloudFront), 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 68e2915f-34b9-43b7-a105-a5c893b42c93
x-cache: Hit from cloudfront
x-amz-apigw-id: XLqXeFSDIAMEnMA=
content-length: 1446
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:25:45 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66348a95-7c50600520f4cd365e5300d2;Parent=6b48f7fbdf243a3d;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce9ea025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: rwrVWuUQupZg4qjSTvK7E0FvGcWqnDEcjVbh-89xe21DOuEkVlFkFg==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
3 KB 61ms
61ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=002881dfeef3baefbc1cad522281c232
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdce9254e4a6e29820bf43706d19c5e5b54aa6323f1fae055a0ad707bda5ed65

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 27cdec4bbea3c020f504b2062d4e122c.cloudfront.net (CloudFront), 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: FRA60-P9, FRA60-P4
age: 47
x-amzn-requestid: cccb9c70-9753-4efc-bffd-a37dd3bbc751
x-cache: Hit from cloudfront
x-amz-apigw-id: XnGJgGl9IAMEfzg=
content-length: 2782
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:39:49 GMT
server: cloudflare
x-amzn-trace-id: Root=1-663f83d6-60c5922a6bb9047b0670ea96;Parent=6611fe596ee4099e;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8ce9fa025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: kaA3vQ2UkjQoEJPcK-zfa4UN_gE2FLM-2A9N0T5rC6bikGvz_zx1tw==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H3 200 032823_pratje_IMMIDEATHS_015_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
3 KB 73ms
72ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/032823_pratje_IMMIDEATHS_015_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=ff0aa6b7993963aac6e47995da1b1d37
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3747c8ab1498b3f961f53992493d7802d305b1e8d67b982b51beb76958a5069a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: ba3847b6-b38c-484a-8e56-c0aebc6e8596
x-cache: Hit from cloudfront
x-amz-apigw-id: XGRVhGlaoAMEhcw=
content-length: 2656
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 15 May 2024 11:21:26 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66326289-1e928b8d6b09937375c0c971;Parent=34aa8c1a82b00c0e;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8842daa8cea0a025-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: _vmysHp7Mz_W6BSHrXF5ewnvT6nN4-uGAC_feBg6xxp6JHb_1DkfyQ==
expires: Thu, 15 May 2025 11:40:36 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
260 B 126ms
27ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1715773236685&plid=6e6a4988-c229-4e04-9675-1d3122a45780&idsite=propublica.org&url=https%3A%2F%2Fsfaskjysakjd.onlineport.ir%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fsfaskjysakjd.onlineport.ir%2F&sref=&sts=1715773236682&slts=0&title=ProPublica+%E2%80%94+Investigative+Journalism+and+News+in+the+Public+Interest&date=Wed+May+15+2024+13%3A40%3A36+GMT%2B0200+(Mitteleurop%C3%A4ische+Sommerzeit)&action=pageview&pvid=6d9baf91-ee07-40e5-9fe5-1cdc4d2f35cd&u=pid%3D725dedc2-1bc4-4b67-8b81-ef2129c50a6c
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 11:40:36 GMT
Cache-Control: no-cache
Last-Modified: Wednesday, 15-May-2024 11:40:36 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 modules.e5979922753cf3b8b069.js Show response
script.hotjar.com/ 222 KB
55 KB 43ms
15ms Script
application/javascript 54.230.228.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e5979922753cf3b8b069.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3261149.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.230.228.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-228-76.muc50.r.cloudfront.net

Software

Resource Hash

0c9367da8b34432f76a9ff9f347fc20129239f9a6b137bed9a830d02f501e89e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 13:37:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
age: 79410
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55998
last-modified: Tue, 14 May 2024 13:36:29 GMT
etag: "dabac5cc8e90131b43632bc82895bb8e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: X-rVQDanbGxj8ggiOlOsl1alM7AbPemhJdW0YVmNtsOHNNZuw0OjZw==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/ 505 KB
202 KB 126ms
41ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Origin: https://sfaskjysakjd.onlineport.ir
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:38:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206091
x-xss-protection: 0
last-modified: Sun, 05 May 2024 20:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 May 2025 11:38:07 GMT

GET
H2 204 3261149 Show response
vc.hotjar.io/sessions/ 0
233 B 95ms
48ms XHR
text/plain 54.230.228.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3261149?s=0.25&r=0.06435666129616768
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e5979922753cf3b8b069.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.228.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-228-119.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Wed, 15 May 2024 11:40:36 GMT
cache-control: no-store
via: 1.1 e3d75b6784ddc24c20248c83cdbce544.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amz-cf-id: k-uSshWVRYJL8A8pYO_PbQYLFAReZEHPexNE7t0gUghZWVh8wz4QbA==
x-cache: Miss from cloudfront

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 310 KB
103 KB 71ms
69ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

09e4405d55414e116fca36e10bb7caba11f92ed97e9fd7daf7d6442c9dbcced5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 15 May 2024 11:40:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 119ms
36ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 15 May 2024 09:41:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 7173
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 15 May 2024 11:41:03 GMT

GET
H3 200 ta.js Show response
static.trueanthem.com/scripts/ 731 B
1 KB 66ms
33ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3265
x-guploader-uploadid: ABPtcPpItgc2I0DsJO_7GYE6oUn-6YlLfjLFNN00iaFhkSf3B80tsH9uk6_A4DMuH5tJi3FTgKRkziQYFw
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:23 GMT
server: cloudflare
etag: W/"2d510096ac78a0ff3a40edae5d9c0c92"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=cFyq6Q==, md5=LVEAlqx4oP86QO2uXZwMkg==
x-goog-generation: 1680495923461532
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NUMvK6TAG5gbrXaOOfGBtvZxwUZtkB9eYQM9AgFb5a7k6Oa6bu%2FzzsswbQjFhguG2fzLfyLGtAXf4QX%2FZXUtEO6TzBm36aAqkM8PY9e1Om9C4QXdVJ1JA4Lp2Y3jJshiq96Yq1PQqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 731
cf-ray: 8842daaa983a2c79-FRA
expires: Wed, 15 May 2024 11:46:11 GMT

GET
H3 200 ta.c34341.js Show response
static.trueanthem.com/scripts/ 27 KB
11 KB 38ms
38ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.c34341.js

Requested by

Host: static.trueanthem.com
URL: https://static.trueanthem.com/scripts/ta.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:36 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1754
x-guploader-uploadid: ABPtcPo73xMcS1vfzcAVCmDMNsbXcUVyohE1QW63T_MieX_mLfcrhEKDdXEmsi1uswLjUsXovvY
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:20 GMT
server: cloudflare
etag: W/"28b2dbdb03f096998a381f6126ddac4c"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=rvRlhw==, md5=KLLb2wPwlpmKOB9hJt2sTA==
x-goog-generation: 1680495920536276
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8f8E7qG5xLaE%2FkiTRh6IM94BwDe6q%2Bla2%2B4Cu2e4irVCwG1VeL9G79%2FhoxhROljSZUBn4VuvfOnzp6WqCAMrOoDmOCyQWp%2Bgm0mI8aus4EqtmRngO%2FMWoJycvH2NyXsLZvpHuSjljA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 27234
cf-ray: 8842daaad8842c79-FRA
expires: Wed, 15 May 2024 12:05:05 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame E583 0
0 268ms
48ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9zZmFza2p5c2FramQub25saW5lcG9ydC5pcjo0NDM.&hl=de&v=vjbW55W42X033PfTdVf6Ft4q&size=invisible&cb=x1q3voxyrpds

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/vjbW55W42X033PfTdVf6Ft4q/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-oxfp9r5Ikaa5W0KWFzcF8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sfaskjysakjd.onlineport.ir/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-oxfp9r5Ikaa5W0KWFzcF8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 15 May 2024 11:40:37 GMT
expires: Wed, 15 May 2024 11:40:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 224ms
20ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K9RW8M6GL5&gtm=45je45d0v874879369z89102051180za200&_p=1715773236584&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1447149499.1715773237&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715773237&sct=1&seg=0&dl=https%3A%2F%2Fsfaskjysakjd.onlineport.ir%2F&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&en=page_view&_fv=1&_nsi=1&_ss=1&ep.contentType=Item&ep.authorName=&ep.seriesName=&ep.publicationDate=October%2031%2C%202019%2013%3A02%3A00&ep.contentRegion=&ep.articleTopic=&ep.articleTitle=Homepage&ep.contentLanguage=en&ep.craftId=45&ep.articleVersion=&ep.contentLocation=&ep.storyType=&ep.impact=false&ep.pageType=&tfd=1307
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 232ms
19ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K9RW8M6GL5&cid=1447149499.1715773237&gtm=45je45d0v874879369z89102051180za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 267ms
64ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K9RW8M6GL5&cid=1447149499.1715773237&gtm=45je45d0v874879369z89102051180za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1437396124

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
217 B 43ms
43ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1270252307&t=pageview&_s=1&dl=https%3A%2F%2Fsfaskjysakjd.onlineport.ir%2F&ul=de-de&de=UTF-8&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1320273179&gjid=339116834&cid=1447149499.1715773237&tid=UA-3742720-1&_gid=108727956.1715773237&_r=1&_slc=1&gtm=45He45d0n81K8BNLGXv9102051180za200&cd1=Item&cd2=&cd3=&cd4=&cd5=October%2031%2C%202019%2013%3A02%3A00&cd6=&cd7=&cd8=Homepage&cd9=&cd10=&cd11=45&cd12=&cd13=&cd14=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=221288997

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
29 KB 214ms
75ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/propublica.org/htlbid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

f5847b5fb04c4f9e86b335f77a8708d27b61a56966d2635230769e0cd8ca8d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29874
x-xss-protection: 0
server: cafe
etag: 710 / 19858 / m202405090101 / config-hash: 11131376430450304227
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 15 May 2024 11:40:37 GMT

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

303 KB
67 KB

67ms
15ms

Script
application/javascript

2600:9000:26db:3e00:11:1ed0:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/
Protocol: H2
Server: 2600:9000:26db:3e00:11:1ed0:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sfaskjysakjd.onlineport.ir/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Wed, 15 May 2024 10:57:24 GMT
content-encoding: br
via: 1.1 ca623c10f2a669c8a9af30362937ebac.cloudfront.net (CloudFront)
last-modified: Tue, 07 May 2024 20:29:12 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P3
age: 2594
x-amz-server-side-encryption: AES256
etag: W/"299fe111f64c76143769e50e3f9edd6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 5SMF92gZ-a1kR__dh_Y5FqH6Rj350DQyDMyjJjrT3Kuc2FqG2dPsEQ==

Redirect headers

date: Tue, 14 May 2024 22:06:42 GMT
via: 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront), 1.1 f6bc6f6279f11021614bfd42e1f4410e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, MUC50-P5
age: 48835
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: OEE2pjAC6Na6ETdL3H-opq9NV9703dIk0-25yzmhmWDcIlxU9iSvww==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 157ms
19ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3742720-1&cid=1447149499.1715773237&jid=1320273179&gjid=339116834&_gid=108727956.1715773237&npa=1&_u=YADAAEAAAAAAACAAI~&z=666032890

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 15 May 2024 11:40:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 59ms
59ms Image
image/gif 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3742720-1&cid=1447149499.1715773237&jid=1320273179&npa=1&_u=YADAAEAAAAAAACAAI~&z=1923680641

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 62ms
61ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3742720-1&cid=1447149499.1715773237&jid=1320273179&npa=1&_u=YADAAEAAAAAAACAAI~&z=1923680641

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/ 454 KB
142 KB 36ms
35ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:39:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145002
x-xss-protection: 0
server: cafe
etag: 8410536799634492291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 15 May 2025 11:39:48 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
81 B 139ms
69ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=sfaskjysakjd.onlineport.ir

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

71e2f1233d14633ea3961570190c74e8ee00271b33d959b59dc00663995fcda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57
x-xss-protection: 0
expires: Wed, 15 May 2024 11:40:37 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 434ms
408ms XHR
application/javascript 52.84.198.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.198.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-198-126.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:38 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 4a87b0ff8f386aa5361d3117d5ee6dd2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P5
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: oMhxv8yboHfkmss2mJmGxXzpxpT0oG6Hk4Y1evz6Ufo7QDHSDJwqjQ==

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
496 B 102ms
102ms Fetch
application/json 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: eb8cd05a012c4878af1ebbafba8fb79e544c7e1a7db2df073e88efbe46dd2d74

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
x-lib-version: v1.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer c1d320b4976cc13366759531bf948c3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://sfaskjysakjd.onlineport.ir/
x-referring-url: https://sfaskjysakjd.onlineport.ir/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:38 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 195
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 359ms
99ms Preflight
text/plain 99.83.154.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://sfaskjysakjd.onlineport.ir
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 15 May 2024 11:40:37 GMT

GET modal-default.json
www.propublica.org//api_components/ 0
0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 397 B
933 B 72ms
30ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: sfaskjysakjd.onlineport.ir
URL: https://sfaskjysakjd.onlineport.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79c4e36a1e1912f897724fb10b67d936da36d05777ad6179b0d34f3cbffd288c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:37 GMT
x-amz-version-id: 5luuDEGIbJ35XqsYUhrahuImXBlSS3rO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: G2H9S3PY0WHTV9JS
age: 335
x-amz-server-side-encryption: AES256
x-amz-id-2: +/ewavC5VfpAAkUULO9Nv9G0YoLWgIayQZPy8GiNeD0WZrrw7dGC6ddYXmSPD62TnkVcPTUGLMc=
last-modified: Tue, 14 May 2024 19:17:32 GMT
server: cloudflare
etag: W/"147ea5fde58a19cf1ad1311a2e8a5361"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=StrcTSPKNIsMFUZ59TX7KQ%2BjNRzN7248CsnEGI4mu6tzdNnCZuYdD6ndmJy99ZAOcyu44Dg1ymP4DiH16d2d824e38JQz93XxpdTg98mZt1IwEPT7ir66IaDyzNVnJV4Hcks%2FUTdqA%2FgmpmAP%2ByZ86uG5V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 8842dab10c591957-FRA

GET
H3 200 icon.min.svg
assets.propublica.org/static/prod/v5/images/ 760 B
794 B 134ms
134ms Other
image/svg+xml 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/images/icon.min.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38612cda05ab573cee15c92de7d79ba05e20826b5556105bbe2bae7115336249

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Apr 2024 20:53:32 GMT
server: cloudflare
x-amz-request-id: X7FZTAH3A3B8XKX0
etag: W/"0e3cc0ffcf4d11a7c12de2484b21cae8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 8842dab0ee309a0c-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: K1u4sPl0qDvfKbTANJHm+RjZBzx4J6kzyBr+6FTGdAnP9/AaromH8gAG+mJISFOEcEXC9w9qBXE=
expires: Thu, 16 May 2024 11:40:38 GMT

GET
H2 200 match-prod-1a15cf76997684e4de82.js Show response
platform.iteratehq.com/ 75 KB
26 KB 27ms
26ms Script
application/javascript 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-1a15cf76997684e4de82.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edfd6dec10157922e2764b0299b90309e1505929b97100aaaba3a6c83503c5d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:37 GMT
x-amz-version-id: YTAKuILEz2iw32sn9iDFYApJcLvXYgUQ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 5N75SJE29DD8EVQ4
age: 58851
x-amz-server-side-encryption: AES256
x-amz-id-2: VJwBPUX6ET1kqcDWvObuCissWZBIhzG6tA1Xu9d5LIHow1p31AKxk+LYwAb0mOQV77iMACCrRbU=
last-modified: Tue, 14 May 2024 19:17:31 GMT
server: cloudflare
etag: W/"c167345dd0c9d4808d12575fd5c4047c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2GQjWae9ryfvVSVtWh9JGG69n6ceNmNGGw5VTs%2BwUNEtvjoPXf1ciUi1o%2B1VCKg0NeQU35FnC1t93Cl1hB41bIEqAlkoJqCWcbEowdihdFHBTbxA7Fr25xpsCPyaw7wcM64dOvdZXit6UvzxprJBjifIoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 8842dab14c9e1957-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 164ms
114ms Preflight 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://sfaskjysakjd.onlineport.ir
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 8842dab1eb8f36de-FRA
content-length: 0
date: Wed, 15 May 2024 11:40:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1uuxwTfZXZ6ho7mLwNljnyqTakcuqWBggPyiX%2Fj71R1ZAYXIsvTG0MihiVLcBat271nuihIdxqCPePpakAoqvK6Stf96RAFOUs5zl9wC1EUpBOlWOR%2Bc0pOxL4aWtealJSkOFmmQjKSbV8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 300 B
545 B 110ms
110ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-1a15cf76997684e4de82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fe63803d8818f3f729ea5815dd65fa9158dc00cf59452c90e6e7eb3aa171e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNjYwMTQzMzI1fQ.HJYYZWnRLo7nKQHPteT9eeNeXePWXpYAyhaNyFAES-Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://sfaskjysakjd.onlineport.ir/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:38 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rh%2FDFObGexbOEUarPUh5s5mewxoVCBdGbNdgjbK%2FiLyCQJlpveDjdiIUqku64x0RKdsXpokgs7FfFA45aBunzxixnCOg3VJFcKP4Abh2pCSmGSbSpjEGb4Prxx6klnzRV2Mu72B%2BGvRdx3U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8842dab2aca336de-FRA

GET
H3 200 favicon.ico
assets.propublica.org/static/prod/v5/images/ 25 KB
9 KB 407ms
407ms Other
image/x-icon 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8796e78a474cc95aff438ec3edbd53b8f73f2070908071d0bf3ff52dfad467e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
x-amz-request-id: P0NMVZXDAEDXTFNN
etag: W/"7618a5468d045023863395f178884d55"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=86400
cf-ray: 8842dab1bf159a0c-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BmOIx6P6kI1BLU5WI8koLTbfSWpxIn+5ZiYct9nIdEpqnKmWh00CEaXKzFVxFS4p7cXgDJlkIWs=
expires: Thu, 16 May 2024 11:40:38 GMT

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
468 B 352ms
116ms Image
image/png 3.5.29.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=dd5659ffad64
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.29.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 15 May 2024 11:40:39 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: WBGTNYXHDRVB3R9T
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: mgsEssg4cP+/XFMci94I65TVNGFk1izGfRTV2kvEV20SS2SLTer0suE15DERgp6vDY2XM+WcxznRvqHrp8ziOWFpZBT8Nj3w

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
337 B 109ms
109ms Fetch
application/json 2606:4700:20::681a:7e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-1a15cf76997684e4de82.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:7e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6440164cccca309c0b5d8b4f17504d58cc23621c17fccdf3506cb0137398659d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ0OWYzNmVkOGQzODAwMDFiZmE0MmUiLCJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNzE1NzczMjM4fQ.K_W5sjHK6QTznLi85K2MVcU8A4vA6Fx48iPmPi0o8_c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://sfaskjysakjd.onlineport.ir/
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 15 May 2024 11:40:38 GMT
strict-transport-security: max-age=0; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DsIEF60Vqfu9X4iOAZOaqxQB0lkG9l7g%2FrOoMrzvZT6QLAfqZTUhUFIi7CC%2B0nKgg%2FHlvE%2By9wll%2F3pZgjMEEGWK2MUYt7xcrpQwgjOUYRmM0pQNZTARFgZN9tmM%2BQ3KtHIIrV%2FXI9GQFK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 8842dab4cf2836de-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 24ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K9RW8M6GL5&gtm=45je45d0v874879369z89102051180za200&_p=1715773236584&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1447149499.1715773237&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&sid=1715773237&sct=1&seg=0&dl=https%3A%2F%2Fsfaskjysakjd.onlineport.ir%2F&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&_s=2&tfd=6312
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://sfaskjysakjd.onlineport.ir/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 15 May 2024 11:40:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sfaskjysakjd.onlineport.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.assets-d.propublica.org
URL: https://img.assets-d.propublica.org/v5/images/20240507-Tauber-Schools-019_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.6523&fp-y=0.679&h=1067&q=75&w=1600&s=96fb10690b0aef379efa3b3555169a3c

Domain: img.assets-d.propublica.org
URL: https://img.assets-d.propublica.org/v5/images/20240226-Tauber-Schools_025_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=1067&q=75&w=1600&s=95cea00059a1048c9df184e3152e80f4

Domain: www.propublica.org
URL: https://www.propublica.org//api_components/modal-default.json

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.propublica.org/	1969-12-31 23:59:59	Name: _cfuvid Value: 30K2j9eEqFLro65TXNQJQv03j41LlKZBbYnfRSF9vI0-1715773236499-0.0.1.1-604800000
sfaskjysakjd.onlineport.ir/	1969-12-31 23:59:59	Name: Value: test
.onlineport.ir/	1970-01-20 20:36:15	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://sfaskjysakjd.onlineport.ir/%22%2C%22sref%22:%22%22%2C%22sts%22:1715773236682%2C%22slts%22:0}
.onlineport.ir/	1970-01-21 06:05:37	Name: _parsely_visitor Value: {%22id%22:%22pid=725dedc2-1bc4-4b67-8b81-ef2129c50a6c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1715773236682}
.onlineport.ir/	1970-01-21 05:21:49	Name: _hjSessionUser_3261149 Value: eyJpZCI6IjMwYjRiMzdhLTY4NzMtNTg1Yi04ZmM3LTVkOWFiZDM4ZjcwNyIsImNyZWF0ZWQiOjE3MTU3NzMyMzY3OTcsImV4aXN0aW5nIjpmYWxzZX0=
.onlineport.ir/	1970-01-20 20:36:15	Name: _hjSession_3261149 Value: eyJpZCI6ImNjNzk4ZDRlLWIyMmItNGQ1OS1iZDIyLWJmMzIzMmU3ZmY1ZiIsImMiOjE3MTU3NzMyMzY3OTgsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.onlineport.ir/	1970-01-21 06:12:13	Name: _ga Value: GA1.2.1447149499.1715773237
.onlineport.ir/	1970-01-20 20:37:39	Name: _gid Value: GA1.2.108727956.1715773237
.onlineport.ir/	1970-01-20 20:36:13	Name: _gat_UA-3742720-1 Value: 1
sfaskjysakjd.onlineport.ir/	1970-01-20 20:36:15	Name: sailthru_pageviews Value: 1
sfaskjysakjd.onlineport.ir/	1970-01-21 05:21:49	Name: sailthru_content Value: c1455ab43579fce6e568b5dc72f298af
sfaskjysakjd.onlineport.ir/	1970-01-21 05:21:49	Name: sailthru_visitor Value: 659eeafd-d465-4ed6-8006-0ffa08176d0c
.onlineport.ir/	1970-01-21 06:12:13	Name: _ga_K9RW8M6GL5 Value: GS1.1.1715773237.1.0.1715773238.59.0.0
.onlineport.ir/	1970-01-21 06:12:13	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjQ0OWYzNmVkOGQzODAwMDFiZmE0MmUiLCJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNzE1NzczMjM4fQ.K_W5sjHK6QTznLi85K2MVcU8A4vA6Fx48iPmPi0o8_c

35 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://sfaskjysakjd.onlineport.ir/ Message: Access to fetch at 'https://www.propublica.org//api_components/modal-default.json' from origin 'https://sfaskjysakjd.onlineport.ir' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.propublica.org//api_components/modal-default.json Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://sfaskjysakjd.onlineport.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.sail-horizon.com
ams-pageview-public.s3.amazonaws.com
api.sail-personalize.com
assets-c3.propublica.org
assets.propublica.org
c.amazon-adsystem.com
cdn-4.convertexperiments.com
cdn.parsely.com
d3div1mtym39ic.cloudfront.net
htlbid.com
img.assets-c3.propublica.org
img.assets-d.propublica.org
iteratehq.com
p1.parsely.com
platform.iteratehq.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
sfaskjysakjd.onlineport.ir
static.hotjar.com
static.trueanthem.com
stats.g.doubleclick.net
vc.hotjar.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.propublica.org
img.assets-d.propublica.org
www.propublica.org
104.16.251.51
104.16.252.51
13.33.146.13
142.250.185.130
142.250.186.35
172.67.172.199
172.67.72.135
18.173.154.111
18.173.155.56
2001:4860:4802:32::36
216.58.206.68
2600:9000:26db:3e00:11:1ed0:3900:93a1
2606:4700:20::681a:7e5
2a00:1450:4001:806::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9d
2a02:26f0:ab00:3bf::14a9
3.5.29.222
52.84.198.126
54.155.18.159
54.230.228.115
54.230.228.119
54.230.228.76
99.83.154.140
00ae2a479a40471a2ee0aafc4e7dafba5123f2b219d91563d52b56853a3bea13
017cc4a845c86c76aa87dd23e6105c4ea1554ff01617677defda7a29631ea073
053a9b913df62d6f62e05479e93d679953d2cf19de25301648d4701d838f7e17
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09e4405d55414e116fca36e10bb7caba11f92ed97e9fd7daf7d6442c9dbcced5
0c9367da8b34432f76a9ff9f347fc20129239f9a6b137bed9a830d02f501e89e
11246d71f0fd1a28f8712dafbe0141d407bc12d773d8b6ee917e84bb3e96b931
15fbec6e5b37cc7e9ff13f533cebd43d4a4579b9b257d6c96b21936463361f75
1bb09ef9a505ea83f231c82ab639a34ff5d28d06f1d0e689587fbe859ca5aea0
1dd187dd83ea88b0d70d1a880296f8919c52b261374e2561e9d465c29d0eefd4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27d364a27561f1316e4e629d9651d4205db6e44d6a5acfe6de5096281281b9f5
2d81e0bf79972922227d4a367c03cfa4fb33dc5406fbeb3b904b56acbc394dae
3747c8ab1498b3f961f53992493d7802d305b1e8d67b982b51beb76958a5069a
38612cda05ab573cee15c92de7d79ba05e20826b5556105bbe2bae7115336249
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
4a2d88e2d2d50aa91bce568a9e4a5c707d30c56b84f97f306a069c10eac5ae33
4a624368de63b32a27d36d8032e5e1bfe03a5e738338493aa0dfc4938d9cd3c0
4cdc41c84edf158e42c0aa0a79cd55895ae6bff5e569c51d2ce1cbd23d799eba
4ce1f595ea044b955619f6839a22ac34a22d80efde699f84f044976baa4831e3
5334512bcc4b88d39231a31792ce8d98853699b0155265ade0b56d2d5eff454b
5f75efe09e9a15de6732fbf32bb96bd5d570689576f84be9763fe6147f3f405c
6076a2efbb87c490ecc5821c60c4cccdd5be649070a98f76e4f8216e44ac13a0
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6407c87204c820e7f94f1e129190e3f3589f59c4768cc97c3a76d43075d8f2fa
6440164cccca309c0b5d8b4f17504d58cc23621c17fccdf3506cb0137398659d
6526d59e74abd6e7f4ed066c717f2879df1513d2cc21c9587feeccc790f25917
6c59d2d70813f83bf73c2beacf860661ba86ec095e321991c5102bd6cc911897
6d3ecaecc396730ec5190ead4aaba7ef4026e72d4b1284edc85ce347e6abdaa2
6fe63803d8818f3f729ea5815dd65fa9158dc00cf59452c90e6e7eb3aa171e76
71e2f1233d14633ea3961570190c74e8ee00271b33d959b59dc00663995fcda5
75f2ceec3ae850aa7bd98e3aa865a1099bd417b6c417eb7e9be4d41d831ebe12
778d5af40c891e3cbb829b38ade00d7416462970c90b59a06d2b8583abead595
79c4e36a1e1912f897724fb10b67d936da36d05777ad6179b0d34f3cbffd288c
7c372e3970089df2cb842ed126a1235ff3c04681d07a5e487abc87cbfac2b3e2
7c9b4c4d8fdef3d5367ad0668998b47f348745d34adca46f0c39e1226f5935bf
7ed523ba0d33db08b71614b3659da2b066763d5fa5772214f9f9f0b29a8bc114
82224455eb312523cc61715cbd620482b50284f62662fbcfc06a7bcf887240ba
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88cd4b58cea10db9f7c0904eb5f1cad4e386939190586a41e34194014956fed8
890a308f110701f892cbb8d923d529a06c44e5bbeafa6b92df2fae66f3706bd1
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
8f1276caee62654031a7ee96b46747545ad3c8e66b5e82213141659f6c39c365
984de13f6543b1464bc64472dcff38e52025597ad16e308a0048ab6bbcd5084d
98e414be9087afaa6b3353058c6d9fee0338d5301f390dbbb7fd6a2fd82863fc
9ce372d43a91580bdc4185d48a02bef4b7954c49e721e181fa02b656eaa61213
a62ee001f1b8313b0030ddf9c3a30c789075a2a4a9065557ab76c46d088bbe0f
a8796e78a474cc95aff438ec3edbd53b8f73f2070908071d0bf3ff52dfad467e
aba3b1e74a53993ab198f8376eaf3bc0c9d841b9bc6d95f47ab839bbdb502d47
aca261d1bb59c845d0d51e92a9dd91984ee1071592eb0714af218da8c2e686dd
ae9ac7bec5b01562a7bc2ea4e5ee605071f052ca69b8485140d4fb288bd0017b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b44840c1bb8e5b5df03db4c7589c7d129dd00a88fab8e57fafc0b75b6c2659ca
b532ea507df8d6223d83ace7146d269b9746279d604c54cfaf98d3f832cc18d5
c5f5b6ad0f1007fa29e9c6525beb9468a91aa6c8aa8b00d041b3723c6f0f66d8
cce51e792b5bed74f35c8b0540f856a24116ecd96dad0c9b64e6a4552c4afcb9
cece1f4ebf180c5740977e93adbbf6d91af4d5a0f8c9034025a2bec8b3119a75
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc566098277aae4eff62eee60b8730b6c5eed9a0590385b1b4efbbdcba37024
d3884bc713cb5a627601c698c23e35773a26df0834336c1ec44dc99850405bda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1d3a9d4bc659388e516ef0e8f21640f6c00a130f41e9907c267bdd85d8c47f9
e362ccd8b4fbf9b8656feebbbb47ecc689c9aef91b421f1246fb2ae262d798b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb8cd05a012c4878af1ebbafba8fb79e544c7e1a7db2df073e88efbe46dd2d74
edfd6dec10157922e2764b0299b90309e1505929b97100aaaba3a6c83503c5d5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bca58f5bf11793f5959b28fd3476d8d6c592f10a32774d673812b834cebfc5
f5339b2c0e2da97d564233498a2ee75b6fd895f8408d4bd90d1319d002a3f46d
f5847b5fb04c4f9e86b335f77a8708d27b61a56966d2635230769e0cd8ca8d10
f9ddff082e26c7d95ca5602cfe9bc8bec3a2d0a90409f5b243003601d5f5f3a8
fcf859e8cb71b170b4f1165be584c99e31b20141200d121e7bde2ab9258bc8dd
fdce9254e4a6e29820bf43706d19c5e5b54aa6323f1fae055a0ad707bda5ed65

sfaskjysakjd.onlineport.ir Open in urlscan Pro 172.67.172.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

79 Requests

95 %HTTPS

32 %IPv6

20 Domains

29 Subdomains

26 IPs

5 Countries

1663 kBTransfer

4291 kBSize

14 Cookies

100 Outgoing links

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sfaskjysakjd.onlineport.ir Open in urlscan Pro
172.67.172.199 Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

95 %
HTTPS

32 %
IPv6

20
Domains

29
Subdomains

26
IPs

5
Countries

1663 kB
Transfer

4291 kB
Size

14
Cookies

79 HTTP transactions
5 data transactions