projects.propublica.org Open in urlscan Pro
2606:4700::6810:fb33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Effective URL:
https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Submission: On June 18 via manual (June 18th 2021, 3:53:25 pm UTC) from CA

Summary HTTP 67 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 12 domains to perform 67 HTTP transactions. The main IP is 2606:4700::6810:fb33, located in United States and belongs to CLOUDFLARENET, US. The main domain is projects.propublica.org.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on April 26th 2021. Valid for: a year.

This is the only time projects.propublica.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	2606:4700::68... 2606:4700::6810:fb33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6810:fc33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:ba00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.77.57 65.9.77.57	16509 (AMAZON-02) (AMAZON-02)
1	35.171.219.207 35.171.219.207	14618 (AMAZON-AES) (AMAZON-AES)
67	21

14 2606:4700::6810:fb33 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

projects.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:fc33 (United States)

ASN13335 (CLOUDFLARENET, US)

static.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:ba00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.57 (United States)

ASN16509 (AMAZON-02, US)

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.219.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	propublica.org 1 redirects projects.propublica.org www.propublica.org static.propublica.org assets.propublica.org	679 KB
12	gstatic.com www.gstatic.com fonts.gstatic.com	651 KB
10	google.com www.google.com	72 KB
6	typekit.net use.typekit.net p.typekit.net	182 KB
5	google-analytics.com www.google-analytics.com	19 KB
3	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	115 KB
2	google.de www.google.de	170 B
1	chartbeat.net ping.chartbeat.net	201 B
1	sail-horizon.com ak.sail-horizon.com	43 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
1	googletagservices.com www.googletagservices.com	21 KB
67	12

	Domain	Requested by
10	www.google.com	projects.propublica.org www.gstatic.com assets.propublica.org www.google.com
10	static.propublica.org	projects.propublica.org static.propublica.org
8	www.gstatic.com	www.google.com www.gstatic.com
6	assets.propublica.org	projects.propublica.org assets.propublica.org
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com projects.propublica.org
5	use.typekit.net	projects.propublica.org
5	www.propublica.org	projects.propublica.org static.propublica.org
4	fonts.gstatic.com	www.google.com
4	projects.propublica.org	1 redirects projects.propublica.org static.propublica.org
2	www.google.de	projects.propublica.org
2	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net
1	ak.sail-horizon.com	www.propublica.org
1	static.chartbeat.com	www.propublica.org
1	p.typekit.net	projects.propublica.org
1	www.googletagmanager.com	www.propublica.org
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	www.googletagservices.com	www.propublica.org
67	18

This site contains links to these domains. Also see Links.

Domain
www.propublica.org
www.facebook.com
twitter.com
go.propublica.org
policies.google.com
go.pardot.com
feeds.propublica.org
www.twitter.com
itunes.apple.com
play.google.com
donate.propublica.org

Subject Issuer	Validity	Valid
p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion DigiCert SHA2 Extended Validation Server CA	`2021-04-26` - `2022-05-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
ak.sail-horizon.com Amazon	`2021-01-07` - `2022-02-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Frame ID: E810E2BBAFCCF901FDEA46168ACC6C10
Requests: 45 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp
Frame ID: F2BE893E20F0DE2892883F7E41E9F097
Requests: 8 HTTP requests in this frame

Frame: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
Frame ID: E49833FB875BA6A5A032C0419F50065E
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=3v8ak9vly6ue
Frame ID: 9C721F49DB84E7024989296DD31DA7D4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a HTTP 301
https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a Page URL

Detected technologies

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

67
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

18
Subdomains

21
IPs

3
Countries

1849 kB
Transfer

4087 kB
Size

9
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://www.propublica.org/local-reporting-network/
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/propublica
Title:

Search URL Search Domain Scan URL

URL: http://go.propublica.org/sign-up
Title: Sign Up

Search URL Search Domain Scan URL

URL: https://www.propublica.org/donate/
Title: Donate

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.propublica.org/
Title: ProPublica

Search URL Search Domain Scan URL

URL: https://www.propublica.org/illinois/
Title: ProPublica Illinois

Search URL Search Domain Scan URL

URL: https://www.propublica.org/datastore/
Title: The Data Store

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics
Title: Topics

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series
Title: Series

Search URL Search Domain Scan URL

URL: https://www.propublica.org/newsapps
Title: News Apps

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://www.propublica.org/impact
Title: Impact

Search URL Search Domain Scan URL

URL: https://www.propublica.org/corrections
Title: Corrections

Search URL Search Domain Scan URL

URL: https://www.propublica.org/about
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.propublica.org/leadership
Title: Board and Advisors

Search URL Search Domain Scan URL

URL: https://www.propublica.org/staff
Title: Officers and Staff

Search URL Search Domain Scan URL

URL: https://www.propublica.org/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.propublica.org/fellowships
Title: Fellowships

Search URL Search Domain Scan URL

URL: https://www.propublica.org/reports
Title: Reports

Search URL Search Domain Scan URL

URL: https://www.propublica.org/media-center
Title: Media Center

Search URL Search Domain Scan URL

URL: https://www.propublica.org/advertising
Title: Advertising Policy

Search URL Search Domain Scan URL

URL: https://www.propublica.org/code-of-ethics
Title: Code of Ethics

Search URL Search Domain Scan URL

URL: https://www.propublica.org/legal
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://go.pardot.com/emailPreference/e/125411/339
Title: Subscribe by Email

Search URL Search Domain Scan URL

URL: http://feeds.propublica.org/propublica/main
Title: Subscribe by RSS

Search URL Search Domain Scan URL

URL: https://www.twitter.com/propublica
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica
Title: Facebook

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/propublica/id355298887?mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.propublica&hl=en
Title: Android

Search URL Search Domain Scan URL

URL: https://www.propublica.org/podcast
Title: Podcast

Search URL Search Domain Scan URL

URL: https://www.propublica.org/leak-to-us
Title: Leak to Us

Search URL Search Domain Scan URL

URL: https://www.propublica.org/steal-our-stories
Title: Steal Our Stories

Search URL Search Domain Scan URL

URL: https://www.propublica.org/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://donate.propublica.org/
Title: Donate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a HTTP 301
https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 1025-bmo-harris-bank-n-a Show response
projects.propublica.org/bailout/entities/
Redirect Chain

http://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

40 KB
12 KB

274ms
225ms

Document
text/html

2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35ff88a110552f101c936a16170c023131138beb6d48ddf556ce810002a265e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: projects.propublica.org
:scheme: https
:path: /bailout/entities/1025-bmo-harris-bank-n-a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:04 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=43200, public
vary: Accept-Encoding
set-cookie: _bailoutgit_session=T3lMUUJJMUlMbVFiN2NLR000ay9nVjRRbzQwOVQ1VlBUbTdDd2dOL0xkS054anNhMHFrYVBzbFEwa0VYaU5nRENBb0M3ZUg4YkZyQWRXYzR1d0c1eGVpaElPOHFjSmFUdXZFOS9Fc2pUdGRIcXVSL2tUT2E4RXc0YzFzUTBuaWkyeXRWYSsycE42Rmc2cUppS0RNcWNmYWRQQnV6Wnl0RlpRRUsveVBQN1hNZEpJL1ZTc0p6bGFJSjJRUmJleGVWLS11Uk9Nc2VaQk1TemVHbGdHVnNFM01BPT0%3D--35d0e4f00a339badc362aee5d664d4685e4331bc; path=/; secure; HttpOnly
x-request-id: e3bee3ca-dfac-488b-a5a4-097bc7849d84
x-runtime: 0.047437
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: BYPASS
cf-request-id: 0ac16c79d500002b71d5bbf000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6615b03c7e382b71-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

Date: Fri, 18 Jun 2021 15:53:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 18 Jun 2021 16:53:04 GMT
Location: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
cf-request-id: 0ac16c7959000032604b82c000000001
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6615b03bcd403260-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 google_ads_boot.js Show response
www.propublica.org/js/public/assets/ 108 B
450 B 415ms
384ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.propublica.org/js/public/assets/google_ads_boot.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c07848daa5a8b32e27e09e8bebc6c2fa8fb34c9942bf5f05e24e12bcd501c4

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: SAPWAEGJ2NERN9E5
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: tNTav57nltoarCEFayGKXWenq5hlwLLCmNoXhReJXghekPyP2TVluK2bQulWZXODoGG72agCTJM=
last-modified: Mon, 06 Jul 2020 16:50:03 GMT
server: cloudflare
etag: W/"ae226c9fd7c24bdb1f936d75e6a8af1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60
cf-request-id: 0ac16c7ae300002b719e20c000000001
cf-ray: 6615b03e3b1e2b71-FRA
expires: Fri, 18 Jun 2021 15:54:05 GMT

GET
H2 200 all.js Show response
www.propublica.org/js/public/assets/ 244 KB
68 KB 506ms
476ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.propublica.org/js/public/assets/all.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dd1bb70981fb5553d49ff571ff90c1a342c46f280a0fc06d8ff851fd66ec6be

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: F38XW6NQ1EJ1AEGX
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: bR6/2e7/C9Q2ziDUbKFm8nb89gtgsNQYFrHJJRXnyBq3dUIeaExCXSQsWgYprTUtkj1Kmu0BW6k=
last-modified: Mon, 06 Jul 2020 16:50:02 GMT
server: cloudflare
etag: W/"b5f6dcb837d91cdfe2ec3754d5a06e3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60
cf-request-id: 0ac16c7ae600002b71a2268000000001
cf-ray: 6615b03e3b212b71-FRA
expires: Fri, 18 Jun 2021 15:54:05 GMT

GET
H2 200 application-bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1.js Show response
static.propublica.org/rails/assets/bailout/ 486 KB
130 KB 265ms
235ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/application-bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: CVHTWG75K35Q8TTR
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-version-id: 1NQEBU5_e4FwcHMrezqXE0ynuQTcx8_c
x-amz-id-2: f29N0UqE25e8Bd/jNYNIt1n6O6UAIjS2AS500ty+JHhc4eXyJl79+Lsr95VbOz38Nyi81yOIeOo=
last-modified: Wed, 02 Oct 2019 15:21:39 GMT
server: cloudflare
etag: W/"b272de0e7bfc6e4c8b0198b08ac1a459"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7ae700002b718ba1d000000001
cf-ray: 6615b03e3b302b71-FRA
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H2 200 application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
static.propublica.org/rails/assets/bailout/ 87 KB
16 KB 272ms
242ms Stylesheet
text/css 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c7012f236407e46f55c55348e108ab86a909b812a17fe99b4729bb4ea81efa8

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 5CB1AZ7G3FVS6EA9
cf-polished: origSize=90235
cf-ray: 6615b03e3b2d2b71-FRA
last-modified: Wed, 02 Oct 2019 22:01:38 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 9v3/mAdC9A/m1Ax7ycb7AvZ+xynp+3M4p4wCDv8/xy3UFKN9MU5cTk0HyyENpLDJJD7YYBy9IhY=
cf-bgj: minify
server: cloudflare
etag: W/"57dc79efba4bdf13c186302ebb112f20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HAy2oopcyW8m9I5bZafUaBGfSwXbhwOP
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7ae900002b71a0b57000000001
content-type: text/css
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 socialsnippet.js Show response
projects.propublica.org/graphics/javascripts/workcomp/ 3 KB
1 KB 332ms
213ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://projects.propublica.org/graphics/javascripts/workcomp/socialsnippet.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0099f3a512487f122e22ab0e10e3f5dff293708dbb2c35183abfd0d71d997e72

Request headers

:path: /graphics/javascripts/workcomp/socialsnippet.js
pragma: no-cache
cookie: _bailoutgit_session=T3lMUUJJMUlMbVFiN2NLR000ay9nVjRRbzQwOVQ1VlBUbTdDd2dOL0xkS054anNhMHFrYVBzbFEwa0VYaU5nRENBb0M3ZUg4YkZyQWRXYzR1d0c1eGVpaElPOHFjSmFUdXZFOS9Fc2pUdGRIcXVSL2tUT2E4RXc0YzFzUTBuaWkyeXRWYSsycE42Rmc2cUppS0RNcWNmYWRQQnV6Wnl0RlpRRUsveVBQN1hNZEpJL1ZTc0p6bGFJSjJRUmJleGVWLS11Uk9Nc2VaQk1TemVHbGdHVnNFM01BPT0%3D--35d0e4f00a339badc362aee5d664d4685e4331bc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: projects.propublica.org
referer: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
x-pp-upstream: static
cf-cache-status: REVALIDATED
last-modified: Mon, 21 Sep 2020 15:06:58 GMT
server: cloudflare
etag: W/"582584e62ae040a8f2b78b3afce06e8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=120
cf-ray: 6615b03ebffc4a79-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac16c7b4000004a792d247000000001
expires: Fri, 18 Jun 2021 15:55:05 GMT

GET
H2 200 beacons.js Show response
www.propublica.org/js/public/assets/ 2 KB
1 KB 410ms
381ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.propublica.org/js/public/assets/beacons.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d813c7848508603cec7d6dddbe89ad69d05fff32d61c64f6b5f8e89e77345b

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: KS6JVA07EF41QYGH
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: +CLLERK5nFSh3ootUjIIfhUAM6EA6RKqE//qibSwPkPtPPCZ+zqo6vuY6yqH2K2PiqtPB31cdxE=
last-modified: Tue, 09 Feb 2021 14:12:04 GMT
server: cloudflare
etag: W/"2fd607d7fbe49af90fad0acc80283a22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=60
cf-request-id: 0ac16c7ae600002b718b258000000001
cf-ray: 6615b03e3b2b2b71-FRA
expires: Fri, 18 Jun 2021 15:54:05 GMT

GET
H2 200 syndicated-newsletter-v1.0.0.js Show response
assets.propublica.org/prod/v3/js/deploy/ 5 KB
2 KB 199ms
169ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/prod/v3/js/deploy/syndicated-newsletter-v1.0.0.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1446ecce1908c724bb1bd56bf0af14145ff4c4c58cc759a8db653236d80e5ad2

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: E1JZB19MEPSAYQS3
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: wMBIcfS70AZauAmpD/Mz04WZ2JDX99SRl42sqzSyUVE96Cg3XLH1RE6UZPgLFRSfwzFeQ2z/J/I=
last-modified: Tue, 01 Dec 2020 15:54:19 GMT
server: cloudflare
etag: W/"99815ddce9583b349011b9bee7f01ce0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-request-id: 0ac16c7ae700002b71dcb04000000001
cf-ray: 6615b03e3b322b71-FRA
expires: Sat, 19 Jun 2021 15:53:05 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 943 B
708 B 21ms
19ms Script
text/javascript 2a00:1450:4001:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1def2142a1c9266080bc4504e4f728931411853d3612b0b863146983d55419ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 606
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:04 GMT

GET
H2 200 recaptcha-init.js Show response
assets.propublica.org/prod/v3/js/ 1 KB
690 B 195ms
166ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/prod/v3/js/recaptcha-init.js
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd5fc4e73e506c00b0b70b80867ce34207e5f443fa24808d33f8c076b8de0bc6

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: ATZG0MZ6YXD7FJ3B
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: CRHIBCKEmwyFyMYy7O8amOsP0LVFgd9CEHSPPLN4YUqpMH8DgFZnb3EA2OhQQcun
last-modified: Tue, 13 Aug 2019 15:28:23 GMT
server: cloudflare
etag: W/"b7db79f085d73dcaec3abcfbe9c512d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-request-id: 0ac16c7ae700002b7111111000000001
cf-ray: 6615b03e3b362b71-FRA
expires: Sat, 19 Jun 2021 15:53:05 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.propublica.org
URL: https://www.propublica.org/js/public/assets/google_ads_boot.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebc8a58b5368a8871758e6d5fd8628fd037f3d78a04f91ef670daa3e785a619a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "905 / 3 of 1000 / last-modified: 1624014547"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21448
x-xss-protection: 0
expires: Fri, 18 Jun 2021 15:53:05 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 40ms
17ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Fri, 18 Jun 2021 15:53:05 GMT

GET
H2 200 npo2pzg.js Show response
use.typekit.net/ 17 KB
7 KB 169ms
154ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/npo2pzg.js

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8b807aae826c9a18d4ac1d0198b4fc44e043b57488106b3163602b4d16156f8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Fri, 18 Jun 2021 15:53:05 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6872

GET
H3-29 504 print.css
www.propublica.org/css/ 0
0 405ms
405ms Stylesheet
text/html 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.propublica.org/css/print.css?1495207717
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 214 KB
53 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M4BNWZ

Requested by

Host: www.propublica.org
URL: https://www.propublica.org/js/public/assets/beacons.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d82078011327e81c5f8172b3aace11300cf199adce99866f195504974d0caa8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54386
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Jun 2021 15:53:05 GMT

GET
H3-29 200 TiemposTextWeb-Regular-b85918584d7a87585bd579dd207b246fd6656fe55eb3e5ecf605cfd9e832bb3a.woff2
static.propublica.org/rails/assets/bailout/ 55 KB
55 KB 216ms
193ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/TiemposTextWeb-Regular-b85918584d7a87585bd579dd207b246fd6656fe55eb3e5ecf605cfd9e832bb3a.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b85918584d7a87585bd579dd207b246fd6656fe55eb3e5ecf605cfd9e832bb3a

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: 9VSQ6Q3ZGS8CA0VR
cf-ray: 6615b042292a4e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: al1CDUfONfxuGMVmwLb0HDGeuISjQ9cgVkSDWQtrKVB13bRdx3XVz+k+Xfz6y8bompe5mQo8I88=
last-modified: Wed, 02 Oct 2019 15:22:41 GMT
server: cloudflare
etag: W/"b6de382e69480b30c00cafae11a32d17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: 2AWJf8m6UGokt7PCYIlQMZ29LkEgO4o3
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7d5c00004e92ee99d000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 Graphik-Regular-Web-09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2.woff2
static.propublica.org/rails/assets/bailout/ 30 KB
31 KB 173ms
151ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/Graphik-Regular-Web-09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7B5WF04Y0S0WPG2
cf-ray: 6615b04229234e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: iTd/57na0Y2eFBElK6gh45jTNrB+aWKJaeFLjSLu8ysw1CKP+Z5aLPID9q63Z1Q8IR3WKeAtifI=
last-modified: Wed, 02 Oct 2019 15:22:15 GMT
server: cloudflare
etag: W/"1f3881c410d658f75566379cd744c4af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: lrC.Z789SyyxBKA5ri81bIfW9jTN9kGR
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7d5b00004e92478b4000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 Graphik-Semibold-Web-2ee983ccfb87811e8e53c1526050e9e4c5eb6fa8e1bc416225fb96ed14d994f1.woff2
static.propublica.org/rails/assets/bailout/ 33 KB
34 KB 187ms
165ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/Graphik-Semibold-Web-2ee983ccfb87811e8e53c1526050e9e4c5eb6fa8e1bc416225fb96ed14d994f1.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee983ccfb87811e8e53c1526050e9e4c5eb6fa8e1bc416225fb96ed14d994f1

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7BA1HNVGX855QTD
cf-ray: 6615b04229274e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: tr8W1QJUJUKw5dLnVWc04NGZrcNmVAoroTtXNCi+YuCgZ9W1wkCRX6OyZUsw0K2oYzShVapN7Jk=
last-modified: Wed, 02 Oct 2019 15:22:17 GMT
server: cloudflare
etag: W/"fe36d8639a02aa90268686b4812a3520"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: 5Ww.Oc3M15hnr1vKdE3wijHJNBLClxum
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7d5c00004e92fc870000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 TiemposTextWeb-Bold-c6efe45f4a692895ee2e16ad21c0bc523b73511c98ac097d46997a72ee35a335.woff2
static.propublica.org/rails/assets/bailout/ 55 KB
56 KB 201ms
180ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/TiemposTextWeb-Bold-c6efe45f4a692895ee2e16ad21c0bc523b73511c98ac097d46997a72ee35a335.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6efe45f4a692895ee2e16ad21c0bc523b73511c98ac097d46997a72ee35a335

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7B3RW036G44P66D
cf-ray: 6615b04229264e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: C53Iww9EHguYp01vFwcDH9uAvRgf9ckBotGX40rKPAsnDndHjEBOlTR1G9wb5pMhFcaLwNqSVo8=
last-modified: Wed, 02 Oct 2019 15:21:33 GMT
server: cloudflare
etag: W/"97d5bd3d3b360e63bee30a723ebfc2d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: Z.3DNMwqQED3frhOc0Z.QPoh95Y_KItt
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7d5b00004e921e98a000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 search_data.js Show response
projects.propublica.org/bailout/entities/ 118 KB
17 KB 53ms
50ms XHR
text/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://projects.propublica.org/bailout/entities/search_data.js?callback=get_entities&true=get_entities

Requested by

Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40c19fd6be3b96057272c51011f08b2eff1d0dafff48038c2eef9d264dc99c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: _bailoutgit_session=T3lMUUJJMUlMbVFiN2NLR000ay9nVjRRbzQwOVQ1VlBUbTdDd2dOL0xkS054anNhMHFrYVBzbFEwa0VYaU5nRENBb0M3ZUg4YkZyQWRXYzR1d0c1eGVpaElPOHFjSmFUdXZFOS9Fc2pUdGRIcXVSL2tUT2E4RXc0YzFzUTBuaWkyeXRWYSsycE42Rmc2cUppS0RNcWNmYWRQQnV6Wnl0RlpRRUsveVBQN1hNZEpJL1ZTc0p6bGFJSjJRUmJleGVWLS11Uk9Nc2VaQk1TemVHbGdHVnNFM01BPT0%3D--35d0e4f00a339badc362aee5d664d4685e4331bc; pp-tracking={"pageCount":0}
:path: /bailout/entities/search_data.js?callback=get_entities&true=get_entities
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
cache-control: no-cache
:authority: projects.propublica.org
referer: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 25578
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 980788f4-5d5e-4559-ad6e-2939c9941009
x-runtime: 0.007073
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7cb4bd45d966a13247dd23121703e0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=43200
cf-request-id: 0ac16c7dca00004a79ce078000000001
cf-ray: 6615b042db074a79-FRA

GET
H3-29 200 TiemposTextWeb-RegularItalic-dd92f6c93e22ac7c4a2d92489ee5cd1e931122b449588453e4366f99d106faed.woff2
static.propublica.org/rails/assets/bailout/ 56 KB
57 KB 175ms
173ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/TiemposTextWeb-RegularItalic-dd92f6c93e22ac7c4a2d92489ee5cd1e931122b449588453e4366f99d106faed.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd92f6c93e22ac7c4a2d92489ee5cd1e931122b449588453e4366f99d106faed

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7B3863Z9WH0Z99H
cf-ray: 6615b042eaf54e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: AGqNePyrGz6Niy0YawayyvbKpUY0Tr+KMjF/dFOAGx9OSUhoconr1ape5ctQeOI6hlD0X9TEtQI=
last-modified: Wed, 02 Oct 2019 15:22:56 GMT
server: cloudflare
etag: W/"45bb942d00ebc3ebcdeb77b6e2e0ad88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: hXGZ8oiqSeaXTV.LNZFLU.AZeUfGmxoT
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7dd100004e923d016000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 TiemposTextWeb-BoldItalic-7dad042684ea3d02d9961f8cd4885047c1128ae9f7d5ef9fa2e8568c6514b11b.woff2
static.propublica.org/rails/assets/bailout/ 58 KB
58 KB 155ms
153ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/TiemposTextWeb-BoldItalic-7dad042684ea3d02d9961f8cd4885047c1128ae9f7d5ef9fa2e8568c6514b11b.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dad042684ea3d02d9961f8cd4885047c1128ae9f7d5ef9fa2e8568c6514b11b

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7BDBCN27F573TJF
cf-ray: 6615b042eaf84e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 5HykQtTR4Fe8+17+Tqol1/vCaDeowSiui5cUKrO+ugD4iVZV1dWifGQ/l3wPudzHl8jRIsFckRg=
last-modified: Wed, 02 Oct 2019 15:22:11 GMT
server: cloudflare
etag: W/"0cd4cfdd61be2cd755b2e226f5e65089"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: _3EzwXRz85KfgvhUNxgffaGhp6lftCQQ
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7dd600004e924f170000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 Graphik-RegularItalic-Web-245a63d4531e6a57a59b542bab7468b771eb3b47081be2e8caa976920816f69d.woff2
static.propublica.org/rails/assets/bailout/ 33 KB
33 KB 173ms
172ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/Graphik-RegularItalic-Web-245a63d4531e6a57a59b542bab7468b771eb3b47081be2e8caa976920816f69d.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 245a63d4531e6a57a59b542bab7468b771eb3b47081be2e8caa976920816f69d

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: J7BE0JBFQ8MG9X6A
cf-ray: 6615b042eafb4e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: WxfWPluNf9CeW3sb/xDqocX9t/TYF8KvrgSWGal0fuM2atlxSX5SAcHGGtl5427wX7Y0SlqZliM=
last-modified: Wed, 02 Oct 2019 15:21:44 GMT
server: cloudflare
etag: W/"78a18ea2a6c8ac92917d337e91eb39b2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: jCfJnz4hjBuR0Xl3QGv6ngUAIHJSJkaO
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7dd100004e92f1344000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 Graphik-SemiboldItalic-Web-bff31c341abbb5097e3e04d5e1ef38baf97e249026e0b26aa9fda64575863bfb.woff2
static.propublica.org/rails/assets/bailout/ 34 KB
35 KB 187ms
186ms Font
application/font-woff 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.propublica.org/rails/assets/bailout/Graphik-SemiboldItalic-Web-bff31c341abbb5097e3e04d5e1ef38baf97e249026e0b26aa9fda64575863bfb.woff2
Requested by: Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bff31c341abbb5097e3e04d5e1ef38baf97e249026e0b26aa9fda64575863bfb

Request headers

Origin: https://projects.propublica.org
Referer: https://static.propublica.org/rails/assets/bailout/application-0b8f314dff9ed7ba9f6ffe369abe20b87890a6800038a7bd8be41fb813be5d46.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: 9VSKY8FW1PZ8BHXH
cf-ray: 6615b042eaff4e92-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: y7RYkL+EKCG4A5bwsPbZI5Co+kv9LcVpTxXTUwo+Xwxs0jegPHh/sLQPTJN/Sm6pDsohc3vnOoM=
last-modified: Wed, 02 Oct 2019 15:22:12 GMT
server: cloudflare
etag: W/"24cc4579dc2efe8b3b91c12a1f66bd48"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: GET
x-amz-version-id: sZSpt4YMhRcsQz6YOHp4w1j4T4SnyJ74
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-request-id: 0ac16c7dd200004e923006f000000001
content-type: application/font-woff
expires: Sat, 18 Jun 2022 15:53:05 GMT

GET
H3-29 200 newsletter-roadblock-data-store-projects.propublica.org.html Show response
www.propublica.org/partials/ 2 KB
1 KB 314ms
312ms XHR
text/html 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.propublica.org/partials/newsletter-roadblock-data-store-projects.propublica.org.html

Requested by

Host: static.propublica.org
URL: https://static.propublica.org/rails/assets/bailout/application-bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94fa7c754bea698990285dcc2999a73f0588d3919df249810c013ba2c23ce574

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload

Request headers

Accept: */*
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6615b0432bdd4e92-FRA
date: Fri, 18 Jun 2021 15:53:06 GMT
x-debug: Cached
x-origin: v3-www.propublica.org
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
onion-location: https://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/partials/newsletter-roadblock-data-store-projects.propublica.org.html
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://projects.propublica.org
x-author: queue-worker
strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0ac16c7dfe00004e924c822000000001

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ 343 KB
134 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 07:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136998
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 07:58:17 GMT

GET
H2 200 l
use.typekit.net/af/88b36c/000000000000000000016649/27/ 43 KB
43 KB 25ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/88b36c/000000000000000000016649/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i5&v=3
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e1be5c048005664a67b8850f92b064a4efc85bec5a6c883b697717beccbce0e1

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
server: nginx
etag: "68d2212cdf266e56da8889e216f7803d8f4d0983"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44240

GET
H2 200 l
use.typekit.net/af/209b72/000000000000000000016647/27/ 45 KB
45 KB 34ms
19ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/209b72/000000000000000000016647/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4d02af1ceb963cabaf7cf8ab5cbb58f97066cead2aab35db24f72df17c93e8f6

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
server: nginx
etag: "fd9a70ab4da4239d76b9d655f6c18bc4bcbd7f59"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46072

GET
H2 200 l
use.typekit.net/af/06a536/000000000000000000016646/27/ 44 KB
44 KB 28ms
13ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/06a536/000000000000000000016646/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 20dc0d6ecda65ffd54bf3661d02e238bc36a212671102167cd7501e8c8982163

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
server: nginx
etag: "f0a95466e3c884927615a059973c060211c0d1e0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44676

GET
H2 200 l
use.typekit.net/af/7b626e/000000000000000000016648/27/ 41 KB
42 KB 33ms
26ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/7b626e/000000000000000000016648/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 218b0452ac5d3eeb36f3449d4b919a9dbb15b0420398ed7e8ba5f4bedfeb99cb

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:05 GMT
server: nginx
etag: "318ed93cb02f42750bc3a62a06c73f490323094c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 42416

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M4BNWZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3268
date: Fri, 18 Jun 2021 14:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 18 Jun 2021 16:58:37 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 20ms
6ms Image
image/gif 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=npo2pzg&ht=tk&h=projects.propublica.org&f=5022.5035.5178.5310&a=1495526&js=1.20.0&app=typekit&e=js&_=1624031586009
Requested by: Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F2BE 38 KB
19 KB 25ms
24ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0ce47f5019a8ca7bc6b4072739b1808c2e0c5bf093f2122e990f6e1cd9bf204

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LRKklR4Ag8VhhvYj7kp56g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://projects.propublica.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://projects.propublica.org/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jun 2021 15:53:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-LRKklR4Ag8VhhvYj7kp56g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19751
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c03::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=1778314348&gjid=2035144463&_gid=1273476226.1624031586&_u=YGBAgAABAAAAAE~&z=947424081

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 15:53:06 GMT
content-type: text/plain
access-control-allow-origin: https://projects.propublica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 36ms
20ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=414597974&t=event&ni=1&_s=1&dl=https%3A%2F%2Fprojects.propublica.org%2Fbailout%2Fentities%2F1025-bmo-harris-bank-n-a&ul=en-us&de=UTF-8&dt=BMO%20Harris%20Bank%2C%20N.A.%20%7C%20Eye%20on%20the%20Bailout%20%7C%20ProPublica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=newsletter&ea=view&el=right%20rail&_u=YGDACEABBAAAAG~&jid=294345696&gjid=434802589&cid=2021416678.1624031586&tid=UA-3742720-1&_gid=1273476226.1624031586&_r=1&gtm=2wg6g0M4BNWZ&z=1057153946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://projects.propublica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=414597974&t=pageview&_s=1&dl=https%3A%2F%2Fprojects.propublica.org%2Fbailout%2Fentities%2F1025-bmo-harris-bank-n-a&ul=en-us&de=UTF-8&dt=BMO%20Harris%20Bank%2C%20N.A.%20%7C%20Eye%20on%20the%20Bailout%20%7C%20ProPublica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1778314348&gjid=2035144463&cid=2021416678.1624031586&tid=UA-3742720-1&_gid=1273476226.1624031586&gtm=2wg6g0M4BNWZ&cg1=App&cd1=&cd2=&cd3=&cd4=&cd5=True&cd8=&cd9=%27site%27&z=1345226585

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=414597974&t=event&ni=1&_s=1&dl=https%3A%2F%2Fprojects.propublica.org%2Fbailout%2Fentities%2F1025-bmo-harris-bank-n-a&ul=en-us&de=UTF-8&dt=BMO%20Harris%20Bank%2C%20N.A.%20%7C%20Eye%20on%20the%20Bailout%20%7C%20ProPublica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=donation&ea=view&el=masthead&_u=YGDACEABBAAAAG~&jid=&gjid=&cid=2021416678.1624031586&tid=UA-3742720-1&_gid=1273476226.1624031586&gtm=2wg6g0M4BNWZ&z=2117893955

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=414597974&t=event&ni=0&_s=1&dl=https%3A%2F%2Fprojects.propublica.org%2Fbailout%2Fentities%2F1025-bmo-harris-bank-n-a&ul=en-us&de=UTF-8&dt=BMO%20Harris%20Bank%2C%20N.A.%20%7C%20Eye%20on%20the%20Bailout%20%7C%20ProPublica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=newsletter-landing&ea=view&el=masthead&_u=YGDACEABBAAAAG~&jid=&gjid=&cid=2021416678.1624031586&tid=UA-3742720-1&_gid=1273476226.1624031586&gtm=2wg6g0M4BNWZ&z=2053544136

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 10585
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 syndicated-newsletter.css
assets.propublica.org/static/v4/css/deploy/ Frame E498 4 KB
2 KB 167ms
165ms Stylesheet
text/css 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/prod/v3/js/deploy/syndicated-newsletter-v1.0.0.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2982511f070d9e7de67a1c751f1ad024304e697c67b220af3138b3256c4375c6

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 0F84W6T0FQAA0JZK
cf-polished: origSize=4539
last-modified: Tue, 12 Jan 2021 18:09:40 GMT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: 8bbBDcgw9RCJV4MNk5mnxsxJ5JhhPx5OZMwLaZdNUcjrls6oepsRnn1kb+9P94oNFMCiykT84k4=
cf-bgj: minify
server: cloudflare
etag: W/"7b537e32d9865a40bd84d94c3d79e006"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-request-id: 0ac16c7fa000004a79379b6000000001
cf-ray: 6615b045cb294a79-FRA
expires: Sat, 19 Jun 2021 15:53:06 GMT

GET
H3-29 200 api.js Show response
www.google.com/recaptcha/ Frame E498 943 B
627 B 19ms
17ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: assets.propublica.org
URL: https://assets.propublica.org/prod/v3/js/deploy/syndicated-newsletter-v1.0.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1def2142a1c9266080bc4504e4f728931411853d3612b0b863146983d55419ab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 606
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:06 GMT

GET
H3-29 200 recaptcha-init.js Show response
assets.propublica.org/static/v4/js/ Frame E498 954 B
876 B 166ms
165ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/v4/js/recaptcha-init.js
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/prod/v3/js/deploy/syndicated-newsletter-v1.0.0.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a525131e0b21b4d76f0a1c6160b23952e78352433655b692460cb554baedd7cd

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: MD543V70ZC0EWVFW
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2: C3kSMQqJjYoLgVlA5pOgkvXNhYo4agBaRvl3vhT9kDHFCbNMHDz6i97DYJzQy0r8sdYPzDlUAio=
last-modified: Tue, 14 Apr 2020 15:55:04 GMT
server: cloudflare
etag: W/"0de68e88441d5522ebc9fe97fe7e36c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-request-id: 0ac16c7fa000004a793d154000000001
cf-ray: 6615b045cb2a4a79-FRA
expires: Sat, 19 Jun 2021 15:53:06 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=1778314348&_u=YGBAgAABAAAAAE~&z=1176281102

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=1778314348&_u=YGBAgAABAAAAAE~&z=1176281102

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 32ms
16ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=294345696&gjid=434802589&_gid=1273476226.1624031586&_u=YGDACEABBAAAAG~&z=1830227146

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 18 Jun 2021 15:53:06 GMT
content-type: text/plain
access-control-allow-origin: https://projects.propublica.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E498 241 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dcf6056b56eba6e8541d8441d30ea1b08e662ebd2a98addca3493a403cf8ae2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 TiemposHeadlineWeb-Black.woff2
assets.propublica.org/static/v4/fonts/ Frame E498 35 KB
36 KB 169ms
169ms Font
font/woff2 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/v4/fonts/TiemposHeadlineWeb-Black.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85480f83cd66d9c8abb804d9b8d05b69cc38070fcc8b761499099e66c003aee0

Request headers

Origin: https://projects.propublica.org
Referer: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: ATZR79Q3ECRRK550
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 36125
x-amz-id-2: 2YlLWVZ4jl8XTMKicl6uFW+Hb4VBqW9bxEwD53pn8PYV57rrxqoG1gDeCDcMM50m/ZbTucavYXY=
last-modified: Tue, 12 Jan 2021 18:09:41 GMT
server: cloudflare
etag: "1e547434d515975d10fc9bb1f7d270bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-request-id: 0ac16c804900004e9203899000000001
accept-ranges: bytes
cf-ray: 6615b046dd734e92-FRA
expires: Sat, 19 Jun 2021 15:53:06 GMT

GET
H3-29 200 Graphik-Regular-Web.woff2
assets.propublica.org/static/v4/fonts/ Frame E498 30 KB
31 KB 235ms
233ms Font
font/woff2 2606:4700::6810:fc33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/v4/fonts/Graphik-Regular-Web.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:fc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2

Request headers

Origin: https://projects.propublica.org
Referer: https://assets.propublica.org/static/v4/css/deploy/syndicated-newsletter.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:06 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-request-id: 4TWZPK88AY6RR1V6
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 30953
x-amz-id-2: 80ccuc5ov+WPyWfMkvY9GwAyjZEk47qp65TlvP6KpHp2t7Ovka0NAd7sKW+0jYMdkTQs8h5m1ys=
last-modified: Tue, 12 Jan 2021 18:09:41 GMT
server: cloudflare
etag: "1f3881c410d658f75566379cd744c4af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
cf-request-id: 0ac16c804a00004e92f618a000000001
accept-ranges: bytes
cf-ray: 6615b046dd774e92-FRA
expires: Sat, 19 Jun 2021 15:53:06 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame E498 343 KB
134 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://projects.propublica.org
Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 07:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136998
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 07:58:17 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame F2BE 52 KB
25 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 15:41:03 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame F2BE 343 KB
134 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 07:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136998
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 07:58:17 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 38ms
37ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=294345696&_u=YGDACEABBAAAAG~&z=1317861236

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 40ms
30ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-3742720-1&cid=2021416678.1624031586&jid=294345696&_u=YGDACEABBAAAAG~&z=1317861236

Requested by

Host: projects.propublica.org
URL: https://projects.propublica.org/bailout/entities/1025-bmo-harris-bank-n-a

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9C72 38 KB
19 KB 27ms
26ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46e519dcf35ee6a0112a00218cd4d67c8b0ef03c267f1a3294c48161043ce783

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lLZ04OVN1/YD3Ggp7ZGI8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=3v8ak9vly6ue
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://projects.propublica.org/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://projects.propublica.org/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 18 Jun 2021 15:53:07 GMT
content-security-policy: script-src 'report-sample' 'nonce-lLZ04OVN1/YD3Ggp7ZGI8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 19742
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F2BE 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 534453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Sat, 19 Jun 2021 11:25:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2BE 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 04:48:34 GMT
x-content-type-options: nosniff
age: 558273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 04:48:34 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F2BE 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:55:14 GMT
x-content-type-options: nosniff
age: 536273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:55:14 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame F2BE 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:07 GMT

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 9C72 52 KB
25 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:41:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 724
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 15:41:03 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/ Frame 9C72 343 KB
134 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 07:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136998
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 22:05:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 07:58:17 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame F2BE 28 KB
16 KB 40ms
40ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5e9539c2da86dcd1453b9d6e5fd773c101a0e08f6397c53801efccd8ee783df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=m24es167jkpp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 18 Jun 2021 15:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:07 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9C72 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:25:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 534453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Sat, 19 Jun 2021 11:25:34 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C72 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:43 GMT
x-content-type-options: nosniff
age: 550164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:43 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C72 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:39:55 GMT
x-content-type-options: nosniff
age: 522792
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:39:55 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9C72 102 B
132 B 15ms
14ms Other
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=3v8ak9vly6ue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:07 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 57ms
20ms Script
application/x-javascript 2600:9000:2104:ba00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.propublica.org
URL: https://www.propublica.org/js/public/assets/beacons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:ba00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 09:36:23 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 22604
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 83bc0649a33d85c1cf516bf48779a390.cloudfront.net (CloudFront)
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: uJn4RVlPEF-cJZq1-Hrrn9H3Ohe41pN0WgSNXgJQeIUV1fGYscnLFA==
expires: Sat, 19 Jun 2021 09:36:23 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 121 KB
43 KB 55ms
18ms Script
application/javascript 65.9.77.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.propublica.org
URL: https://www.propublica.org/js/public/assets/beacons.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 15:53:01 GMT
content-encoding: gzip
last-modified: Tue, 08 Jun 2021 04:22:34 GMT
server: AmazonS3
age: 7
etag: W/"b22b4f4738e8722be1636447be239da2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8dfd7af0583283ff28c8cd8eea759112.cloudfront.net (CloudFront)
cache-control: max-age=600; must-revalidate
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: eHaaYLocPeWQfYnjHsNfztnZWW7kon0Xb7oCFanBG8GAmu4uP4ifYw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 301ms
99ms Image
image/gif 35.171.219.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=propublica.org&p=%2Fbailout%2Fentities%2F1025-bmo-harris-bank-n-a&u=4a5KyC8v1iBBH5wqG&d=projects.propublica.org&g0=news%20apps&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1605&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3208&t=BAoWTOCN6hfXCx47vkC_CMIgDU4UZC&V=126&i=BMO%20Harris%20Bank%2C%20N.A.%20%7C%20Eye%20on%20the%20Bailout%20%7C%20ProPublica&tz=-120&sn=1&sv=kcW664SZ6CgqnFZC_ynKLCHdtfN&sd=1&im=06130c70&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.219.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://projects.propublica.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 15:53:08 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9C72 29 KB
16 KB 56ms
56ms XHR
application/json 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/6OAif-f8nYV0qSFmq-D6Qssr/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d670e53f2ec693181f9280614268b0bbc42669bf45e4cf5e430c61e47d1b4497

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9wcm9qZWN0cy5wcm9wdWJsaWNhLm9yZzo0NDM.&hl=en&v=6OAif-f8nYV0qSFmq-D6Qssr&size=invisible&cb=3v8ak9vly6ue
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 18 Jun 2021 15:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16264
x-xss-protection: 1; mode=block
expires: Fri, 18 Jun 2021 15:53:08 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.propublica.org/	1970-01-20 03:52:47	Name: pp_page_count Value: 1
.propublica.org/	1970-01-20 03:52:47	Name: pp_newsletter_interstitial_display Value: true
.propublica.org/	1970-01-19 19:07:11	Name: _gat_UA-3742720-1 Value: 1
.google.com/recaptcha	1970-01-19 23:26:23	Name: _GRECAPTCHA Value: 09AEMli-MtJALPtIY3EyVTKYfX3s4FFO0NcFWoVujOhH_rXYO1sxbM60Gilrss0QPZMtAXwJgw4vA8vZg507W_GQE
.propublica.org/	1970-01-19 19:07:11	Name: _dc_gtm_UA-3742720-1 Value: 1
.propublica.org/	1970-01-19 19:08:37	Name: _gid Value: GA1.2.1273476226.1624031586
projects.propublica.org/	1970-01-20 03:52:47	Name: pp-tracking Value: {"pageCount":0}
.propublica.org/	1970-01-20 12:38:23	Name: _ga Value: GA1.2.2021416678.1624031586
projects.propublica.org/	1969-12-31 23:59:59	Name: _bailoutgit_session Value: T3lMUUJJMUlMbVFiN2NLR000ay9nVjRRbzQwOVQ1VlBUbTdDd2dOL0xkS054anNhMHFrYVBzbFEwa0VYaU5nRENBb0M3ZUg4YkZyQWRXYzR1d0c1eGVpaElPOHFjSmFUdXZFOS9Fc2pUdGRIcXVSL2tUT2E4RXc0YzFzUTBuaWkyeXRWYSsycE42Rmc2cUppS0RNcWNmYWRQQnV6Wnl0RlpRRUsveVBQN1hNZEpJL1ZTc0p6bGFJSjJRUmJleGVWLS11Uk9Nc2VaQk1TemVHbGdHVnNFM01BPT0%3D--35d0e4f00a339badc362aee5d664d4685e4331bc

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.propublica.org/js/public/assets/all.js(Line 645) Message: JQMIGRATE: Logging is active
console-api	warning	URL: https://www.propublica.org/js/public/assets/all.js(Line 647) Message: JQMIGRATE: jQuery.browser is deprecated
console-api	log	URL: https://www.propublica.org/js/public/assets/all.js(Line 647) Message: console.trace

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ak.sail-horizon.com
assets.propublica.org
fonts.gstatic.com
p.typekit.net
ping.chartbeat.net
projects.propublica.org
securepubads.g.doubleclick.net
static.chartbeat.com
static.propublica.org
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.propublica.org
142.250.186.34
2600:9000:2104:ba00:18:1fcd:34f:cdc1
2606:4700::6810:fb33
2606:4700::6810:fc33
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:810::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c03::9c
2a00:1450:400c:c07::9d
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
35.171.219.207
65.9.77.57
0099f3a512487f122e22ab0e10e3f5dff293708dbb2c35183abfd0d71d997e72
09c162769cb9779dc01e08dd0cf6e837c72225cef171202eda69ca3b7d9c45f2
1446ecce1908c724bb1bd56bf0af14145ff4c4c58cc759a8db653236d80e5ad2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1dd1bb70981fb5553d49ff571ff90c1a342c46f280a0fc06d8ff851fd66ec6be
1def2142a1c9266080bc4504e4f728931411853d3612b0b863146983d55419ab
20dc0d6ecda65ffd54bf3661d02e238bc36a212671102167cd7501e8c8982163
218b0452ac5d3eeb36f3449d4b919a9dbb15b0420398ed7e8ba5f4bedfeb99cb
245a63d4531e6a57a59b542bab7468b771eb3b47081be2e8caa976920816f69d
2982511f070d9e7de67a1c751f1ad024304e697c67b220af3138b3256c4375c6
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2ee983ccfb87811e8e53c1526050e9e4c5eb6fa8e1bc416225fb96ed14d994f1
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
40c19fd6be3b96057272c51011f08b2eff1d0dafff48038c2eef9d264dc99c56
457a24764c4e5efb7b6de9b07cd544165b996f07310f9626d3571a02bd250d51
46e519dcf35ee6a0112a00218cd4d67c8b0ef03c267f1a3294c48161043ce783
47d813c7848508603cec7d6dddbe89ad69d05fff32d61c64f6b5f8e89e77345b
4d02af1ceb963cabaf7cf8ab5cbb58f97066cead2aab35db24f72df17c93e8f6
52c07848daa5a8b32e27e09e8bebc6c2fa8fb34c9942bf5f05e24e12bcd501c4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
7dad042684ea3d02d9961f8cd4885047c1128ae9f7d5ef9fa2e8568c6514b11b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85480f83cd66d9c8abb804d9b8d05b69cc38070fcc8b761499099e66c003aee0
8b807aae826c9a18d4ac1d0198b4fc44e043b57488106b3163602b4d16156f8e
8dcf6056b56eba6e8541d8441d30ea1b08e662ebd2a98addca3493a403cf8ae2
94fa7c754bea698990285dcc2999a73f0588d3919df249810c013ba2c23ce574
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c7012f236407e46f55c55348e108ab86a909b812a17fe99b4729bb4ea81efa8
a525131e0b21b4d76f0a1c6160b23952e78352433655b692460cb554baedd7cd
b35ff88a110552f101c936a16170c023131138beb6d48ddf556ce810002a265e
b85918584d7a87585bd579dd207b246fd6656fe55eb3e5ecf605cfd9e832bb3a
bf055d5f978d1b3f7a2553ee076858e7097305763ed7f453a6c1e5c914dcffd1
bff31c341abbb5097e3e04d5e1ef38baf97e249026e0b26aa9fda64575863bfb
c6efe45f4a692895ee2e16ad21c0bc523b73511c98ac097d46997a72ee35a335
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0ce47f5019a8ca7bc6b4072739b1808c2e0c5bf093f2122e990f6e1cd9bf204
d670e53f2ec693181f9280614268b0bbc42669bf45e4cf5e430c61e47d1b4497
d82078011327e81c5f8172b3aace11300cf199adce99866f195504974d0caa8a
dd92f6c93e22ac7c4a2d92489ee5cd1e931122b449588453e4366f99d106faed
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1be5c048005664a67b8850f92b064a4efc85bec5a6c883b697717beccbce0e1
e8f05752862160fa1888c91060a324c84870cd4bca2acee125713d11147fde5d
ebc8a58b5368a8871758e6d5fd8628fd037f3d78a04f91ef670daa3e785a619a
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e9539c2da86dcd1453b9d6e5fd773c101a0e08f6397c53801efccd8ee783df
fd5fc4e73e506c00b0b70b80867ce34207e5f443fa24808d33f8c076b8de0bc6

projects.propublica.org Open in urlscan Pro 2606:4700::6810:fb33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

85 %IPv6

12 Domains

18 Subdomains

21 IPs

3 Countries

1849 kBTransfer

4087 kBSize

9 Cookies

37 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

projects.propublica.org Open in urlscan Pro
2606:4700::6810:fb33 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

85 %
IPv6

12
Domains

18
Subdomains

21
IPs

3
Countries

1849 kB
Transfer

4087 kB
Size

9
Cookies

67 HTTP transactions
1 data transactions