followthemoney.net Open in urlscan Pro
2606:4700:3030::ac43:aab8 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://followthemoney.net/
Submission: On July 12 via automatic, source certstream-suspicious (July 12th 2021, 1:03:16 pm UTC)

Summary HTTP 36 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 36 HTTP transactions. The main IP is 2606:4700:3030::ac43:aab8, located in United States and belongs to CLOUDFLARENET, US. The main domain is followthemoney.net.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 12th 2021. Valid for: a year.

This is the only time followthemoney.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	2606:4700:303... 2606:4700:3030::ac43:aab8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:20:... 2606:4700:20::681a:86f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.222.82 172.67.222.82	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.252.149.47 192.252.149.47	3561 (CENTURYLI...) (CENTURYLINK-LEGACY-SAVVIS)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
36	6

28 2606:4700:3030::ac43:aab8 (United States)

ASN13335 (CLOUDFLARENET, US)

followthemoney.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:86f (United States)

ASN13335 (CLOUDFLARENET, US)

a.okfn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.222.82 (United States)

ASN13335 (CLOUDFLARENET, US)

internationalbudget.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.252.149.47 (United States)

ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US)

africanmediainitiative.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	followthemoney.net followthemoney.net	391 KB
4	okfn.org a.okfn.org	18 KB
1	googleapis.com ajax.googleapis.com fonts.googleapis.com Failed	32 KB
1	africanmediainitiative.org africanmediainitiative.org
1	internationalbudget.org internationalbudget.org	20 KB
36	5

	Domain	Requested by
28	followthemoney.net	followthemoney.net
4	a.okfn.org	followthemoney.net a.okfn.org
1	ajax.googleapis.com	followthemoney.net
1	africanmediainitiative.org	followthemoney.net
1	internationalbudget.org	followthemoney.net
0	fonts.googleapis.com Failed	followthemoney.net
36	6

This site contains links to these domains. Also see Links.

Domain
okfn.org
twitter.com
www.google.com
www.one.org
www.globalintegrity.org
www.integrityaction.org
devinit.org
sunlightfoundation.com
www.publishwhatyoufund.org
www.resourcegovernance.org
www.taxjustice.net
www.globalwitness.org
www.tearfund.org
www.transparency.org
publishwhatyoupay.org
internationalbudget.org
africanmediainitiative.org
investigativecenters.org
aiddata.org
www.developmentgateway.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-12` - `2022-07-11`	a year	crt.sh
africanmediainitiative.org ZeroSSL RSA Domain Secure Site CA	`2021-04-18` - `2021-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://followthemoney.net/
Frame ID: 1225186CA1722C5599E1E45CFA021054
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

36
Requests

97 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

461 kB
Transfer

584 kB
Size

0
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://okfn.org/privacy-policy/
Title: See privacy policy

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%23followthemoney&src=hash
Title: #followthemoney

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=http%3A%2F%2Fwww.one.org%2Fus%2Fprivacy&sa=D&sntz=1&usg=AFQjCNFpLC3osn-hQSRH9BynpjAPOimcHQ
Title: www.one.org/us/privacy

Search URL Search Domain Scan URL

URL: https://www.one.org/

Search URL Search Domain Scan URL

URL: https://okfn.org/

Search URL Search Domain Scan URL

URL: https://www.globalintegrity.org/

Search URL Search Domain Scan URL

URL: http://www.integrityaction.org/

Search URL Search Domain Scan URL

URL: http://devinit.org/

Search URL Search Domain Scan URL

URL: http://sunlightfoundation.com/

Search URL Search Domain Scan URL

URL: http://www.publishwhatyoufund.org/

Search URL Search Domain Scan URL

URL: http://www.resourcegovernance.org/

Search URL Search Domain Scan URL

URL: http://www.taxjustice.net/

Search URL Search Domain Scan URL

URL: https://www.globalwitness.org/

Search URL Search Domain Scan URL

URL: http://www.tearfund.org/

Search URL Search Domain Scan URL

URL: https://www.transparency.org/

Search URL Search Domain Scan URL

URL: http://publishwhatyoupay.org/

Search URL Search Domain Scan URL

URL: http://internationalbudget.org/

Search URL Search Domain Scan URL

URL: http://africanmediainitiative.org/

Search URL Search Domain Scan URL

URL: http://investigativecenters.org/

Search URL Search Domain Scan URL

URL: http://aiddata.org/

Search URL Search Domain Scan URL

URL: http://www.developmentgateway.org/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
followthemoney.net/ 39 KB
6 KB 58ms
32ms Document
text/html 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614c3c7d20120ae834b685767615e40d7498537eb821537268e236dc2528826f

Request headers

:method: GET
:authority: followthemoney.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 22 May 2018 16:23:04 GMT
access-control-allow-origin: *
expires: Mon, 12 Jul 2021 10:05:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 977C:10491:14DAADB:15A55ED:60EC11AC
via: 1.1 varnish
age: 0
x-served-by: cache-fra19134-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1626094975.294601,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 8732fdecf47ccae893b8ae0b7e6373cf3bf90e6e
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=2yJ%2BWSvfjsSG8kTQEkjYSKI1CA6vpWkE%2F8kpk8saV8qvt%2BlcLaEqtcQkUq32rl%2Fq2O1AcnrsulYbP7CtgDNNH6JWdU62puxG03Ugl%2BriCY64IwOuzOoTIT8%2B3Xgavy08g6xCi68hb9j6NZrc"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 66da77fb78a24e92-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 main.css
followthemoney.net/css/ 22 KB
6 KB 143ms
128ms Stylesheet
text/css 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/css/main.css
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27ab370d1120e3f974727b69d4ebbd5396f26c723df71ab84d1585bf9b9861ce

Request headers

:path: /css/main.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4a079db001abf7cfe2e0825aaeaad5bcc76536f1
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19131-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: AC28:71F7:124A386:13369C0:60EC3D7F
x-timer: S1626094975.354355,VS0,VE89
etag: W/"5b0443e8-5644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sz5sPsZG7ovfl5VtoXoWG8nJ9ThWOjvN866jUnZJGZimONRsHsNPSwnK8T6ptyagvdjTbGvQ4RrU4kXct5sU9yDRFZwy2pnb4pcDprfyZ%2FkZSeei4Y7p4LQQomUFmXYMtJJloQWVvDCY%2FsXa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 66da77fbc822324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 modernizr-2.6.2.min.js Show response
followthemoney.net/js/vendor/ 15 KB
6 KB 158ms
143ms Script
application/javascript 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/js/vendor/modernizr-2.6.2.min.js
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Request headers

:path: /js/vendor/modernizr-2.6.2.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 4ee307da48ff36f3b57f83420e80feefe65d010d
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19138-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 2DFC:1800:1445B48:150AFF0:60EC3D7F
x-timer: S1626094975.364419,VS0,VE88
etag: W/"5b0443e8-3c36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Dgrm3MUmL3stnyR%2BAux4%2BHSw8EVJzw2J6hI9R%2B69GhKL2heQB3N7tFQEjnlhRTxMyaFDxAl2TFHlJeNh0whsjt6npCVHTx78sW4kYY5r4OZMvN5wqNpJM7%2BxbY0ZR%2FtxHCOP4A5I3XSDkXEH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 66da77fbc81e324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H2 200 consent.js Show response
a.okfn.org/html/oki/consent/assets/js/ 3 KB
2 KB 53ms
24ms Script
application/javascript 2606:4700:20::681a:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.okfn.org/html/oki/consent/assets/js/consent.js
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8a59017b1ff7e3cbd6be16561f8e415f51bad323638c4cdfdbcbfca390630dc

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 500
cf-polished: origSize=3715
x-amz-request-id: N3CR9MHG2VTSTPAW
x-amz-id-2: DY97rHmzhHOApt5qNoQBem/bvvOuY6ehKoqLEdz2K1W3zGDMq8PFAwERq7VNsHzZQg9XUIN0O2I=
last-modified: Tue, 08 Sep 2020 10:49:53 GMT
server: cloudflare
etag: W/"5c916905485806834abd9405d3ea0357"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Svkv7nrSlkh84W%2FEGQchajXNTnptGDXUCV55Kc8bpUmNpC7q5KnGWVXZSmf5gv3wUzbeCezVr0AoPxUSryhJDbkSvXgsO%2F3xyoUoyGlfB%2FMkW%2BO6fyigx6NPkOY1Xvva8q%2Fy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 66da77fbed2a16e6-FRA
cf-bgj: minify

GET
H3-29 200 one.png
followthemoney.net/img/ 3 KB
4 KB 117ms
112ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/one.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 587e2675503d616f3f02159ce850e546ef84e34c8a0d3389c7ff015939e8e780

Request headers

:path: /img/one.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 11b786cf8fb275f7867fd1ec9fcc5c9e1c394732
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3214
x-served-by: cache-fra19161-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 3EFA:5054:1235051:12DB3D5:60EC3D7F
x-timer: S1626094976.523287,VS0,VE86
etag: "5b0443e8-c8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NMzJL4OWS6TAzFfIM4%2BAIbYb%2FkWloYJTycT%2F5zCXp5Tk4bQEfxQIEBdp5pMHzsrCzfSFPItMMHX6i7dAcgNBbSJ4nArwpoPCtoYpzKy7VtV9RvJNv6qc0rqfk51Kxxv8opsAmkUlyiwSrhXJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66da77fceb11324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H2 200 landscape-rgb-234x61.png
a.okfn.org/img/oki/ 8 KB
9 KB 109ms
102ms Image
image/png 2606:4700:20::681a:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.okfn.org/img/oki/landscape-rgb-234x61.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc33bee44ea540ce52dc7a2370aa3990b1f827da1df6e24c012a438a6ad6a45

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1RRHSANF652PA4SB
content-length: 8436
x-amz-id-2: uYmuQaD5WHrF2/9EOr6G7O2T79Ug2oQFA303WTkUYg5y3zOJotdI4Vg1Rk0fi3kzNnaFZrquBeY=
last-modified: Tue, 08 Sep 2020 10:49:54 GMT
server: cloudflare
etag: "4e774cd13e9fec0d7594f5b7a283a8af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vYQmQ3sJdEz4kWr019RYK8dAaTgXXzWGE6hdo5ELduaXnqKhHJd98vMnMr2GYrtKBAmfQ8G%2FYHbJbEyg6wkIVVyj7akjHptwh%2F7fLQWt3ueeKVQYcGYmQ%2FJBApF2AoCBlA%2F2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 66da77fcef2816e6-FRA

GET
H3-29 200 global-integrity.png
followthemoney.net/img/ 8 KB
8 KB 154ms
149ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/global-integrity.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35476df2489316ba2ccf2621388158ef6792a0e150aad408670a9d380567005e

Request headers

:path: /img/global-integrity.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 76040f45997efeda0675a0d2f6bf7678cb748f5c
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 7806
x-served-by: cache-fra19160-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: D17C:5054:1235051:12DB3D8:60EC3D7F
x-timer: S1626094976.539455,VS0,VE84
etag: "5b0443e8-1e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=lBUn8LJPuJ7HpJ0Z5ECrywEzd%2B%2Bpd9TLF3T6tXPvj4Db0jCuT%2FXZsRK%2BrMnBkeHGTV6erjB3LlT8VQPDlg4ZxZMqGVmDTlgphMypFzrJqP3AdU4TFl36vF0l2goeNM6MmN6MIrzmpjbZfSrZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb16324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 integrity-action.png
followthemoney.net/img/partners/ 5 KB
6 KB 154ms
148ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/integrity-action.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee168154b7a3b1c931b83e314946fc25f52ee004d9ce2aaad618234dc713c0f2

Request headers

:path: /img/partners/integrity-action.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: e627002349a0ac62755fdebff437b126a25761d2
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5546
x-served-by: cache-fra19155-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 357E:1800:1445B51:150B000:60EC3D7F
x-timer: S1626094976.533056,VS0,VE87
etag: "5b0443e8-15aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=z23mu8tGtSzbtEPlwn4GpFnoIzl8mAPaoc8QbeLRyjEDTsDgAPIiPD5VOS5QaIpdfW5gdzHii9sDyt8shQWa94NM6sZOZD8UR5HCX4f3eKEuCZN4kbbGHqGyHqoP9lE1a9dTO8Q2WwAeDucf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66da77fceb1d324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 development-initiatives.png
followthemoney.net/img/partners/ 13 KB
14 KB 154ms
148ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/development-initiatives.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f75a65732cdd0a7c56b332435632ae37a611384f2aff74250d8debbb8791d4

Request headers

:path: /img/partners/development-initiatives.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: cca76a35bab37cfb2b48776943293ffd54c30069
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13813
x-served-by: cache-fra19147-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 670C:12254:386A61:3EE20C:60EC3D7F
x-timer: S1626094976.534085,VS0,VE86
etag: "5b0443e8-35f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=sIUwh0jMv45hTpegE3u38%2BbvxtNBHT02duwy7MYM0MpiXf2twInt4EyqlOfJQEbmeEhCxJWIzWyTdvjVx%2FxPeE7sP4HT6VbWd39gtZdj1TPqZA3nY0cnwvV7cHeb6JvhfObDfXypKOagrSDO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb22324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 sunlight-foundation.png
followthemoney.net/img/partners/ 7 KB
8 KB 163ms
157ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/sunlight-foundation.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c951c96736be136516bfc4e481b905330ce25008c2ef41f241c143b96b2634d

Request headers

:path: /img/partners/sunlight-foundation.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 12659e05a4cfa9b8fa08a38d7f74ef71b2a1bd8b
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6861
x-served-by: cache-fra19156-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 4926:29C0:203C51B:2156B40:60EC3D7F
x-timer: S1626094976.538649,VS0,VE85
etag: "5b0443e8-1acd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=c04h%2BozHgvw%2Bftg3s3DdNqXmHp9LknvZIQjNF1SpzMV%2BP%2BjKIPWzoQvH5u9%2BB3vuv%2FKq7VDxAdiJIOQgVONbZN6%2Bjn7K%2BRI2r0HD50f%2F%2BT5QlJt43QQ%2BF6EcnkVk1P1GjwfGY7zzG3oZDZ10"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb26324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 publish-what-you-fund.png
followthemoney.net/img/partners/ 10 KB
11 KB 164ms
159ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/publish-what-you-fund.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe4772c6b14ea55fd0afd1182d6029ef7ad3576996af97e2e7153c861e89302

Request headers

:path: /img/partners/publish-what-you-fund.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 60f0dd452829f18212fa06935a40899b91340fbc
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10499
x-served-by: cache-fra19169-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 2702:3C41:18190D:1FE1A3:60EC3D7F
x-timer: S1626094976.532277,VS0,VE88
etag: "5b0443e8-2903"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=27K74o4NmSTp%2FuFMaYvEpP8wR2LYykGh7Rfj8PxLkldYJ5EQJVdiDFPP4TeNpz7tNiSU71XX9WAC5%2BHqdFzrhW0%2BIvdZZJpemn5H8eQSsn8l6tRj7Rcgh8Ym6c28Cg9q5RGeR9fKOAa5RqGP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66da77fceb28324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 nrgi.png
followthemoney.net/img/partners/ 7 KB
7 KB 165ms
159ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/nrgi.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8099bc9a5a180797267b160194786964366b1f9847f5cc394be702a210b57a9a

Request headers

:path: /img/partners/nrgi.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: fd9a8f661badf1768aa89cf0084e1173e079aa31
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 6855
x-served-by: cache-fra19154-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: CB6C:1492:1086C6C:1127147:60EC3D7F
x-timer: S1626094976.543136,VS0,VE84
etag: "5b0443e8-1ac7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=HP0oHp6exzBMToo%2Fxt0g2lmG96evfQMfR5%2BUBTZ1ExZBNxpnvOWhbXEqMn5Spc14lnpeuipsOcJb8Cc8qu6TLkVU1FKEmgVctGfNGfXFrsoKca0CZN6LfZrowiajv1cevHclKbOlgrhYCP54"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb2b324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 tax-justice-network.png
followthemoney.net/img/partners/ 13 KB
14 KB 165ms
160ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/tax-justice-network.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37bd43f8bcae210d3c8ee06d2d5ef31f812dfd7d32c8a2b187b69043c74f0ee3

Request headers

:path: /img/partners/tax-justice-network.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 76934e5735e2de0d9278b47172bffabc42c57de0
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13062
x-served-by: cache-fra19170-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 5FB8:FD28:A2FEAE:AC6E96:60EC3D7F
x-timer: S1626094976.540583,VS0,VE84
etag: "5b0443e8-3306"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=RgrorcxaiaShjTHR%2FjJ4%2FTb%2FsBMYmXVCFgHeweWAt1mpWeC%2BwMgLABKaESteUa%2F%2FnLkXfOjnqVF9bydTr5Csl4BQrVO3mPOCRBbtRHeT4PfYVQWjOlCMZKGnpNVUN%2B5xslMlQPqWjkBeApNL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb2d324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 global-witness.png
followthemoney.net/img/partners/ 8 KB
9 KB 169ms
164ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/global-witness.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa90b7c18c39b5fd07eeb1a05ac604e07c8a2a0180e5f3b1eb9fbcfd00c061d

Request headers

:path: /img/partners/global-witness.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 497906fdac4c341fff3a163f5a90d272120caf26
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8223
x-served-by: cache-fra19172-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: D32A:1492:1086C6C:1127145:60EC3D7F
x-timer: S1626094976.536656,VS0,VE84
etag: "5b0443e8-201f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1l98RgsRpq9I6K0xNHXlOEXX2FulFq7zpfvgE4N03XHzNRLXDWF2duk3kGIbkru6PLaDwYEh%2B2nEDdv9RUrW%2FmKeGcsxYgKREH9PHWPUvvk%2BZGIb2g4%2BRjGzhzPVCCud2uM3200M8dheAVii"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb2f324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 tearfund.png
followthemoney.net/img/partners/ 14 KB
15 KB 170ms
164ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/tearfund.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1c9664abf1c86f87c59ad53fffa1e501c86a1d7a4352f9891919011e2bfa5b4

Request headers

:path: /img/partners/tearfund.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: efc37b232ea04fce55249dcbd93e382e65c8d976
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 14225
x-served-by: cache-fra19136-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: C500:12256:12A817E:1354CA6:60EC3D7F
x-timer: S1626094976.539812,VS0,VE88
etag: "5b0443e8-3791"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=qaiBoTYuNuQrxZGYjPAifsZJBOp4pHST72m4xZODt7I7QsP6vkIkN4RZJeztojBl5WbtzuMMWKNRr4Y9awVb9Xnat7pK37gq8a1I0DJM%2BfcSWuZ%2FDnQKj61TMGOiy8ew8oKAXhgHy9Kd01pY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 66da77fceb30324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 transparency-international.png
followthemoney.net/img/partners/ 15 KB
16 KB 133ms
128ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/transparency-international.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b00e0344ff986a4077b7a03354ee9174a1056db295d84b335defce55f5769c7

Request headers

:path: /img/partners/transparency-international.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: bead24a2277d0e7ad74ff2cb2a83156b9ea27f2c
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 15389
x-served-by: cache-fra19138-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 3EEE:12256:12A817E:1354CA5:60EC3D7F
x-timer: S1626094976.536406,VS0,VE84
etag: "5b0443e8-3c1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8lrx5vUrM6heCTQdRLjFpg4kHg8rS4m52F0EbiUC5WVqV0V6jXn3cTA7ODdeUzqeXjzLaTG11HCOyXQrb7WkFb8a%2B3irdJvQs0gSj1W7l%2B6IGuKY6CwUyJit1pFcSeCJga0Ql2jVMuikNw%2BY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb35324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 publish-what-you-pay.png
followthemoney.net/img/partners/ 6 KB
6 KB 170ms
165ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/publish-what-you-pay.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11e92066440c9a1656ad238785ca475cef187895862a5184dd1c429e68ccf42d

Request headers

:path: /img/partners/publish-what-you-pay.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 08a37d64abfca2609401fe1d005a7f736b3c921d
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5785
x-served-by: cache-fra19124-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: F6CA:E2E8:57DA1D:5B015E:60EC3D7F
x-timer: S1626094976.537824,VS0,VE95
etag: "5b0443e8-1699"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=twMU%2BFWdX13Nuu%2FyAPEs4PEwkExXEqfEnc2p5YWd0cZjjWaj%2FpDX8n1yRTaPh2%2FvflKSdap0kgfnM8VhCstZN%2BHKnMQU83VbsaJOaJ6zzMWPF0thTxNDBKhskEpKgABhmAYnA3wvzc5rd%2FCZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb38324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H2 200 ibp-logo.jpg
internationalbudget.org/wp-content/themes/obi-2010/images/template/ 19 KB
20 KB 851ms
818ms Image
image/jpeg 172.67.222.82
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://internationalbudget.org/wp-content/themes/obi-2010/images/template/ibp-logo.jpg

Requested by

Host: followthemoney.net
URL: https://followthemoney.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.222.82 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2dbe28153cb304adb3b861c059a0f5ca6646cca0419084ce1c1e0be065e7a09a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests;
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=63072000
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 19776
referrer-policy
last-modified: Thu, 18 Jun 2015 22:05:11 GMT
server: cloudflare
date: Mon, 12 Jul 2021 13:02:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Sv4HmSRIAZFh2bpB0MyCkPBGEgHHBu2T%2FJA%2Bd%2BU%2FDoJXdgDMSQXEGDSrgFw0QI4S2BVLwwW%2FhM4u2XqHJ4E5tpjSPqgMS5HgjObv0d4j7LKSeYExIWCkdaRCOlE0LBQA%2B47gsgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 66da77fd18eb3240-FRA

GET
H2 404 ami_black.png
africanmediainitiative.org/resources/images/ 0
0 787ms
493ms Image
text/html 192.252.149.47
CENTURYLINK-LEGAC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://africanmediainitiative.org/resources/images/ami_black.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.252.149.47 , United States, ASN3561 (CENTURYLINK-LEGACY-SAVVIS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ancir.png
followthemoney.net/img/partners/ 8 KB
9 KB 170ms
165ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/ancir.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b932e11a824a288a9f07e620dcbd8040fbd6a7fad0ef56a7709441d9f26c11

Request headers

:path: /img/partners/ancir.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 0537d662a3b6b4d295fc639992257e8568dbfc3b
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 8020
x-served-by: cache-fra19130-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 7C66:71F9:26B0509:27F3A13:60EC3D7F
x-timer: S1626094976.565634,VS0,VE84
etag: "5b0443e8-1f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=xwvswsFDqGysR%2FCgnxanqh9L1g4DFWSC98IyRg9y6h42SbORstBT0tiyt3k915CH17jfWKvVpi7ZaCG7HDrfdZFuBOIqsSwehNX%2BJY%2FzbmztUrbuqgvAGxxQByiLE8DC5izHXJFtQakP1ySB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb49324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 aiddata.png
followthemoney.net/img/partners/ 195 KB
196 KB 170ms
166ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/aiddata.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07871664d6fe1750c3ba55fecdddc53c68ecdb34389b2e5df5d24461d6a1d539

Request headers

:path: /img/partners/aiddata.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: c4e3b5d7972f6ed5b63c0f305c0addaca985f40f
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 199868
x-served-by: cache-fra19128-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 7206:E2E7:2B586B:2DB121:60EC3D7F
x-timer: S1626094976.537402,VS0,VE89
etag: "5b0443e8-30cbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3iYv8Y5Yo4t4M2LqgvpNpGaw8K1wsF3f4%2B%2B%2F7%2FHCGxR6NiDROenu%2Fua%2B8RbuHDsnegoNKjZsn8dz4lNA8kk4e0KBUQ0kJbCXrlpJHO0%2FrXWrlKA2DpdUtY0lUHh5YHogOxJbHmVOTgLnCYuU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb4d324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 development-gateway.png
followthemoney.net/img/partners/ 34 KB
35 KB 175ms
170ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/partners/development-gateway.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d385c1bef6a5ae313c3861b2b23c1e8b7e4a8d8ee7f0151dd8b8d8e28e7e083

Request headers

:path: /img/partners/development-gateway.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: fdad50aaf5f0656dfa6f736ae9da95152660118a
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 34694
x-served-by: cache-fra19146-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: D6FC:FD29:174F76E:1824D4B:60EC3D7F
x-timer: S1626094976.550129,VS0,VE84
etag: "5b0443e8-8786"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Zr4M0ooGkzGO9%2BNsTCud0%2BDL%2FpzV3PNdeAAUzRvQqeM5uyAbuSEiosmI2Mn0M%2BYQonEJXCl8erOjBxImo6QKiuV%2FIDeWfpTVnqr5511nu8obb7vaxaGddyz%2BVn2Sgb40XXsQ5fo7mSoyKX1j"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb4e324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 email-decode.min.js Show response
followthemoney.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://followthemoney.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: followthemoney.net
URL: https://followthemoney.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 0b3c6951e20000324cf98a3000000001
last-modified: Wed, 07 Jul 2021 15:32:55 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60e5c927-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ea1eHcydjZKoALoO1MhlWxOCOIOhZGxVWxfoG14Z79zK%2B5KPlw5kH7OfodqUhR53fsliYcVQnhjJZH%2FZsinmZaW63WA37Vj%2F5K8A11VXk8PEKmC5cRKBLIvk3nMxfP3rZHuVsC0%2BUK631%2FWp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 66da77fc9a13324c-FRA
expires: Wed, 14 Jul 2021 13:02:55 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: followthemoney.net
URL: https://followthemoney.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 12:37:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Jul 2022 12:37:48 GMT

GET
H3-29 200 plugins.js Show response
followthemoney.net/js/ 805 B
1 KB 131ms
130ms Script
application/javascript 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/js/plugins.js
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd26775d738915ab4763e04b09182f85e4c224ebc1ff3e1f40c9408c667607c8

Request headers

:path: /js/plugins.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 120df5aba6b8716e20032b366823f5fe03df66ed
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19181-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 2EA2:D432:287637A:29D2911:60EC3D7F
x-timer: S1626094976.502994,VS0,VE89
etag: W/"5b0443e8-325"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=IybOMyta28d8Eo8vxJTCrZHIDHMetlKgEUf1rJluE7gxcDmJxN87uuiba0vdMSP%2Fq4cLVq5cy%2Fw7pYvatIpGdJoOy0dvneEBmW%2Fs2JFaAiTpJqzqe0yJlmq8%2FIWqNQ9G6b6I2fbKZCdyMFs1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 66da77fcba8f324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 main.js Show response
followthemoney.net/js/ 1 B
835 B 152ms
148ms Script
application/javascript 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/js/main.js
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

:path: /js/main.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 12ff2fd264dc5e5a70dcbabf9b26c9fbe65ccfa7
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1
x-served-by: cache-fra19179-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: F5FE:7923:10C317C:11640F7:60EC3D7F
x-timer: S1626094976.540274,VS0,VE85
etag: "5b0443e8-1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=M1BpgOXjXyUYUK%2FNXNv9NFl6cft2%2BgGxU0HG7lM3lfo1WEjuhhwGVHXIVrfefbCba3r8Qr3kWFDdvYxNzxim2PzJiFPtz9MK%2F7vluOpMLpxrMndNAELz%2FmY6vmMVvVmOYeFLlSH%2Fw898x%2F1F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb08324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 prettyCheckable.js Show response
followthemoney.net/js/vendor/ 4 KB
2 KB 154ms
149ms Script
application/javascript 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://followthemoney.net/js/vendor/prettyCheckable.js
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 318f10c469a0a49ba51945097cf153925d8952a9374558d70b44530992cd4543

Request headers

:path: /js/vendor/prettyCheckable.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: followthemoney.net
referer: https://followthemoney.net/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 7f56010fcac5a39f1caf98f0b78e2f6457632123
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19128-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 28D6:71F9:26B0504:27F3A0B:60EC3D7F
x-timer: S1626094976.527442,VS0,VE91
etag: W/"5b0443e8-11dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=GqnDBooy1xA0a8PKVJqK5wQ6mvZmbw%2FICzgmyRH1kj9811iVvy3pnVGMEvMK7QGfGzv36PtJs%2BVNoXpgTxeZ9m42X9x2OaTxRBrmGepA2ErVn%2BE2SsBVecqAOjq%2F5oF34xSW9u4S%2BUb%2Bvu0h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 66da77fceb0b324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET css
fonts.googleapis.com/ 0
0

GET
H3-29 200 pattern.png
followthemoney.net/img/ 1 KB
2 KB 177ms
172ms Image
image/png 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/pattern.png
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad53915084f5c598d2c292ca4742555770b2652057ea73b59292fe45eaadcf9d

Request headers

:path: /img/pattern.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d46d4dfa5e5ccf7f3a1f41f6137c2cb2943f792d
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 1360
x-served-by: cache-fra19165-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 251E:D431:1411774:15111DF:60EC3D7F
x-timer: S1626094976.548660,VS0,VE85
etag: "5b0443e8-550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=3v492S%2BlmRY6oCznihjFH8bSN56NDxJYWsN8oWl3NXKTR%2FUdnjH03Yr7adg7Pz%2FecWOk88biMXwWbK2XvWDGNs5%2Fx9IcfaobHja8v5lEynCOSTQK5Dt59f9yuj1pjfyKuUsajla4sS80Npsr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
accept-ranges: bytes
cf-ray: 66da77fceb51324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 wave.svg
followthemoney.net/img/ 708 B
1 KB 178ms
173ms Image
image/svg+xml 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/wave.svg
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82635b44d5aec093ad7fad06fb2c648d50f6e8322c351d8f6702c2920e23dafe

Request headers

:path: /img/wave.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 88a238d896ece0fdde622ce1562acaaa69c32504
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19151-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: AC28:71F7:124A38B:13369C5:60EC3D7F
x-timer: S1626094976.555362,VS0,VE86
etag: W/"5b0443e8-2c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=9uHBB7fF4QhRKSVRD1D4p0vS0sxxP2qhYjBUBEXIGWhATRjBTI4LyKhzV97ROXPF0wflZO0SjXl5PEf3PkGKOvHTCUobYNh7ftwh44CkwWUenukWQcPFXaE3eOt1PMzb9V%2B%2FNrVGP1WJieoD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 66da77fceb53324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 icon.svg
followthemoney.net/img/ 2 KB
2 KB 178ms
173ms Image
image/svg+xml 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/icon.svg
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbc845b5ca6d0894d5038b0246dab1f0ce1173523e2c1be32d57dba0cd622d78

Request headers

:path: /img/icon.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: a25c268274aacc96c062a672c8cb89dd9bf3df09
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19172-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: EEA6:29C0:203C51B:2156B42:60EC3D7F
x-timer: S1626094976.541405,VS0,VE86
etag: W/"5b0443e8-641"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Il1eP%2BBpErqZf848Pwcm5pXB2jDMECUBXW%2F6GLOdw%2FT1pY%2F7k1E3h9vv4fptyOngxvg7gCacxFGnmfYOKSMueDfckcVgPG7DL%2Bhlr%2Bt914nAWUOsjGljRpfdhEvtVk6uFlyi2Pl3T3frVdXn"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 66da77fceb55324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 arrow.svg
followthemoney.net/img/ 722 B
1 KB 178ms
174ms Image
image/svg+xml 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/arrow.svg
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dabe4e4507fc72ef76de28680aeb80debc90384256287fa56c1628c6efce8b2c

Request headers

:path: /img/arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: d5d271aea5e2ee71606fa04b1488b7dbce1e0f97
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19140-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 541E:10491:1606313:16D7F32:60EC3D7F
x-timer: S1626094976.542976,VS0,VE87
etag: W/"5b0443e8-2d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=zh4WGLzzzYSMwLkhXkUitaHufdjem9oC3HwJbKY6NshQEsOizKS4tYrT7Wm4vceFh9srVAYGtwhI2TRqJdz9asqdrNAl7e1IpLzo6AngBcCp9rAKMONbqrLAOXFHxIA21biuiQR5V99PLgYJ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
cf-ray: 66da77fceb58324c-FRA
x-proxy-cache: MISS
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H3-29 200 select-arrow.svg
followthemoney.net/img/ 534 B
1 KB 167ms
166ms Image
image/svg+xml 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/select-arrow.svg
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee047d11d958aa886a98e512e7ae60010415de44754efe7f529f36ead9b9dea9

Request headers

:path: /img/select-arrow.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: 1748f312e1912b106a2db2f18b55161a0b777989
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19160-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 490C:29C0:203C51B:2156B44:60EC3D7F
x-timer: S1626094976.546439,VS0,VE86
etag: W/"5b0443e8-216"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=7tnzyzGEcnMk3Ouf3EKQzjvnkrLhCH2K8rHk8k8GyILoDK00AS%2FB9%2BeA59cw8uAfBpoPXszxDy5vnJ3eJBc9FomHdVY2FhLrIIJcaWt7bBMfWvrAptoTclGtLKA5jHvTjtwj8pRG2bDbDheZ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 66da77fceb59324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

GET
H2 200 cookieconsent.min.css
a.okfn.org/html/oki/consent/assets/css/ 4 KB
1 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.okfn.org/html/oki/consent/assets/css/cookieconsent.min.css
Requested by: Host: a.okfn.org
URL: https://a.okfn.org/html/oki/consent/assets/js/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d349061cecfd45d285dd432decedcea246e0fe0cef3b8d13d339c8e1ac289fb0

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 594
x-amz-request-id: R8HWNZXY26EZMTK9
x-amz-id-2: o5GtMnGbJDClr6WZN7cek3WJxJ8Vfbc04X/URH9BU5BP0PYnaTMuqP+8O5KIiw/WgXUHQ7sD0b4=
last-modified: Tue, 08 Sep 2020 10:49:53 GMT
server: cloudflare
etag: W/"e5b988113d304b1947d4d9ee6e7bb5f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=H13qiSMbRBNXyGQABic3fExSzyE%2BzHEGBcNOSKoH3FJSJMYzr6WSr1438j8YDEXwf5m5A5sfmtIaILt3w9nXiiagbgHe7Ro6oXqVoy3X%2Bs9zs0CHGvP8Z9J0sLDfMp7P6Zmb"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=7200
cf-ray: 66da77fdd8ee16e6-FRA

GET
H2 200 cookieconsent.min.js Show response
a.okfn.org/html/oki/consent/assets/js/ 19 KB
6 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:86f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.okfn.org/html/oki/consent/assets/js/cookieconsent.min.js
Requested by: Host: a.okfn.org
URL: https://a.okfn.org/html/oki/consent/assets/js/consent.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:86f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf39def463ca2129ab469a32fab6ccddbdea696190ae9ec51f2ceabbbfc241c

Request headers

Referer: https://followthemoney.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 13:02:55 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3436
x-amz-request-id: R8HPH79908ZG6P41
x-amz-id-2: Wv0BsbCeZh7cag89pLLEe4GBKMTSbQHWUczIGgkUL8Tv4737bB1nEIqlbTQoZUyO/VBJL9EKMkw=
last-modified: Tue, 08 Sep 2020 10:49:53 GMT
server: cloudflare
etag: W/"43209a53b3b2bcd2bfe7f225235c8bea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=NLWE6HC8GYfgONHLGkUsGmy4X8AWCuB5WydtkPs75rcTYRk1mIaNCwm%2BweCSKVpc3txhoKiefVkDoZAzCnZtCN7kJkMnosMI7%2FY7q8wbkTBXqtjkI1cFcklzlrd5MOwbp4uB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=7200
cf-ray: 66da77fde8f716e6-FRA

GET
H3-29 200 check.svg
followthemoney.net/img/ 6 KB
2 KB 122ms
121ms Image
image/svg+xml 2606:4700:3030::ac43:aab8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://followthemoney.net/img/check.svg
Requested by: Host: followthemoney.net
URL: https://followthemoney.net/css/main.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:aab8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7df38ff8baa6fb00bd66dc3ca666584c2f371e103713bef977550d3c8e34caf2

Request headers

:path: /img/check.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: followthemoney.net
referer: https://followthemoney.net/css/main.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://followthemoney.net/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fastly-request-id: c886a03b8a03fb9a799eaa632c4ea76d46a11b43
date: Mon, 12 Jul 2021 13:02:55 GMT
via: 1.1 varnish
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-cache: MISS
x-cache-hits: 0
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-served-by: cache-fra19181-FRA
last-modified: Tue, 22 May 2018 16:23:04 GMT
server: cloudflare
x-github-request-id: 197A:5051:175173:1D1EEF:60EC3D7F
x-timer: S1626094976.703613,VS0,VE86
etag: W/"5b0443e8-1989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=JigiYAg8L8jExRIzxCbhJYA0YLhoiPy6vQR5vD%2BB7i2zyv3EY9mHrOEoHnaT4zYqSnYFakm326UGXrz55kOJykw9gwYrBnYb8E6j5WJRSDj3wcmxvGV7jSk1m4vraOfJwdqf1UHg1mwnuga0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=14400
x-proxy-cache: MISS
cf-ray: 66da77fe0d7e324c-FRA
x-origin-cache: HIT
expires: Mon, 12 Jul 2021 13:12:55 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Merriweather+Sans:400,700,400italic,700italic,300italic,300

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.okfn.org
africanmediainitiative.org
ajax.googleapis.com
followthemoney.net
fonts.googleapis.com
internationalbudget.org
fonts.googleapis.com
172.67.222.82
192.252.149.47
2606:4700:20::681a:86f
2606:4700:3030::ac43:aab8
2a00:1450:4001:829::200a
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
06b932e11a824a288a9f07e620dcbd8040fbd6a7fad0ef56a7709441d9f26c11
07871664d6fe1750c3ba55fecdddc53c68ecdb34389b2e5df5d24461d6a1d539
0d385c1bef6a5ae313c3861b2b23c1e8b7e4a8d8ee7f0151dd8b8d8e28e7e083
11e92066440c9a1656ad238785ca475cef187895862a5184dd1c429e68ccf42d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27ab370d1120e3f974727b69d4ebbd5396f26c723df71ab84d1585bf9b9861ce
2dbe28153cb304adb3b861c059a0f5ca6646cca0419084ce1c1e0be065e7a09a
318f10c469a0a49ba51945097cf153925d8952a9374558d70b44530992cd4543
35476df2489316ba2ccf2621388158ef6792a0e150aad408670a9d380567005e
37bd43f8bcae210d3c8ee06d2d5ef31f812dfd7d32c8a2b187b69043c74f0ee3
587e2675503d616f3f02159ce850e546ef84e34c8a0d3389c7ff015939e8e780
5c951c96736be136516bfc4e481b905330ce25008c2ef41f241c143b96b2634d
614c3c7d20120ae834b685767615e40d7498537eb821537268e236dc2528826f
6b00e0344ff986a4077b7a03354ee9174a1056db295d84b335defce55f5769c7
6cf39def463ca2129ab469a32fab6ccddbdea696190ae9ec51f2ceabbbfc241c
7df38ff8baa6fb00bd66dc3ca666584c2f371e103713bef977550d3c8e34caf2
8099bc9a5a180797267b160194786964366b1f9847f5cc394be702a210b57a9a
82635b44d5aec093ad7fad06fb2c648d50f6e8322c351d8f6702c2920e23dafe
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
90f75a65732cdd0a7c56b332435632ae37a611384f2aff74250d8debbb8791d4
abc33bee44ea540ce52dc7a2370aa3990b1f827da1df6e24c012a438a6ad6a45
abe4772c6b14ea55fd0afd1182d6029ef7ad3576996af97e2e7153c861e89302
ad53915084f5c598d2c292ca4742555770b2652057ea73b59292fe45eaadcf9d
c1c9664abf1c86f87c59ad53fffa1e501c86a1d7a4352f9891919011e2bfa5b4
cbc845b5ca6d0894d5038b0246dab1f0ce1173523e2c1be32d57dba0cd622d78
cd26775d738915ab4763e04b09182f85e4c224ebc1ff3e1f40c9408c667607c8
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
d349061cecfd45d285dd432decedcea246e0fe0cef3b8d13d339c8e1ac289fb0
d8a59017b1ff7e3cbd6be16561f8e415f51bad323638c4cdfdbcbfca390630dc
dabe4e4507fc72ef76de28680aeb80debc90384256287fa56c1628c6efce8b2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee047d11d958aa886a98e512e7ae60010415de44754efe7f529f36ead9b9dea9
ee168154b7a3b1c931b83e314946fc25f52ee004d9ce2aaad618234dc713c0f2
faa90b7c18c39b5fd07eeb1a05ac604e07c8a2a0180e5f3b1eb9fbcfd00c061d

followthemoney.net Open in urlscan Pro 2606:4700:3030::ac43:aab8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

36 Requests

97 %HTTPS

60 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

461 kBTransfer

584 kBSize

0 Cookies

21 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

followthemoney.net Open in urlscan Pro
2606:4700:3030::ac43:aab8 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

97 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

461 kB
Transfer

584 kB
Size

0
Cookies

36 HTTP transactions
0 data transactions