data-portal.program-service.xyz Open in urlscan Pro
2a00:1450:4001:802::2013  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response data-portal.program-service.xyz/	117 KB 27 KB	204ms 149ms	Document text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 2989adfe0b5fe5bea9fa0efb0a8b29bb8f8259848e0217425eb8d91a30134849 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private, max-age=0 content-encoding gzip content-length 27349 content-type text/html; charset=UTF-8 date Sat, 26 Nov 2022 03:17:16 GMT etag W/"34b3452e101b105cf20e8ebb43ee35d32083143287aec70d0c0b54182d5c134f" expires Sat, 26 Nov 2022 03:17:16 GMT last-modified Sat, 26 Nov 2022 03:09:17 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	43ms 27ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS content-encoding br cdn-edgestorageid 863 cdn-cachedat 11/18/2022 06:18:41 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:03:59 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"ec3bb52a00e176a7181d454dffaea219" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid ff5a2af74bb25557327dcc6b29d4e2ee timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 76ff785a5f8e927d-FRA cdn-requestpullsuccess True
GET H2	200	css fonts.googleapis.com/	1 KB 955 B	40ms 18ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo&display=swap Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 1612e7c684acc35f3e2676ff3795cc610941fbae855be4c0e07461a6b55933e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 26 Nov 2022 03:17:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 26 Nov 2022 02:16:40 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 26 Nov 2022 03:17:16 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	44ms 7ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 02:16:02 GMT content-encoding gzip x-content-type-options nosniff age 3674 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 26 Nov 2023 02:16:02 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 601 B	57ms 52ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Montserrat Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 26 Nov 2022 03:17:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 26 Nov 2022 02:18:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 26 Nov 2022 03:17:16 GMT
GET H2	200	Tanzania-Independence.jpg nextnationalday.com/wp-content/uploads/2021/12/	42 KB 42 KB	1790ms 201ms	Image image/jpeg	107.161.23.64 RAMNODE
General Check archive.org Show headers Download Go to Show image Full URL https://nextnationalday.com/wp-content/uploads/2021/12/Tanzania-Independence.jpg Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 107.161.23.64 Queens, United States, ASN3842 (RAMNODE, US), Reverse DNS shared1.nawabhost.com Software LiteSpeed / Resource Hash 8b8a678ee1c22753c8f6e029f2c3add9e0e3f03ff319f099599f55b7a103e8df Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:17 GMT last-modified Mon, 06 Dec 2021 14:30:25 GMT server LiteSpeed vary Accept-Encoding content-type image/jpeg cache-control public, max-age=10368000,public accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 43146 expires Sun, 26 Mar 2023 03:17:17 GMT
GET H2	200	ouJgS71.gif i.imgur.com/	49 KB 49 KB	63ms 16ms	Image image/gif	146.75.116.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/ouJgS71.gif Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 3228924 x-cache HIT, HIT content-length 50336 x-served-by cache-iad-kiad7000071-IAD, cache-fra-eddf8230115-FRA last-modified Thu, 22 Oct 2020 22:51:11 GMT server cat factory 1.0 x-timer S1669432637.647193,VS0,VE1 etag "74581d7f057a8880cbf459921bd8bbc9" access-control-allow-methods GET, OPTIONS content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 19954, 1
GET H2	200	flag-of-tanzania.jpg cdn.webshopapp.com/shops/94414/files/52433390/	32 KB 32 KB	44ms 16ms	Image image/jpeg	2606:4700::6811:9c1e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.webshopapp.com/shops/94414/files/52433390/flag-of-tanzania.jpg Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:9c1e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b18a8a0d52e20fc366ebefa0c289550dd14cff27146d819ef9a762178238c95 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT strict-transport-security max-age=15552000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT age 107929 x-resource-id file:11748870 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 32767 x-xss-protection 1; mode=block x-request-id db2386846abcaa1b8d59d22c06cfaa21 x-runtime 0.012823 cf-bgj h2pri last-modified Thu, 21 Dec 2017 22:21:12 GMT server cloudflare vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes cf-ray 76ff785adff09bb0-FRA expires Sun, 26 Nov 2023 03:17:16 GMT
GET H2	200	Vodacom_logo.png upload.wikimedia.org/wikipedia/commons/f/f6/	66 KB 67 KB	216ms 46ms	Image image/png	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/f/f6/Vodacom_logo.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/9.1.3 / Resource Hash 0ab598f29be7f1cdd70942c4bf64b2627e9eac3a64bca0234c1fc2d01fe7fa2c Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:13:43 GMT strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 14613 x-cache-status hit-local x-cache cp3051 hit, cp3063 miss server-timing cache;desc="hit-local", host;desc="cp3063" content-length 67464 x-client-ip 2001:ac8:20:3d00:1012:9044:dc97:d332 x-object-meta-sha1base36 9fugpvix72cc4ngv5eg1vfz8s3ch52k last-modified Wed, 06 Jul 2022 19:35:01 GMT server ATS/9.1.3 accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version etag ec01b95d9965287280ee3dd2312919ff report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ranges bytes timing-allow-origin *
GET H2	200	1200px-Logo_Tigo.svg.png upload.wikimedia.org/wikipedia/commons/thumb/6/69/Logo_Tigo.svg/	54 KB 55 KB	216ms 46ms	Image image/png	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/6/69/Logo_Tigo.svg/1200px-Logo_Tigo.svg.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/9.1.3 / Resource Hash 5c9c517e620396411be0f673c0236771d9d021e2171778b806196a0968e4b4cf Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 00:57:31 GMT strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 8385 x-cache-status hit-local x-cache cp3065 hit, cp3063 miss content-disposition inline;filename*=UTF-8''Logo_Tigo.svg.png server-timing cache;desc="hit-local", host;desc="cp3063" content-length 54858 x-client-ip 2001:ac8:20:3d00:1012:9044:dc97:d332 last-modified Sat, 18 Jun 2022 06:34:35 GMT server ATS/9.1.3 accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version etag dcb2fbd02035e2ed3a49d0b326f33dfe report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ranges bytes timing-allow-origin *
GET H2	200	Airtel-Tanzania-Logo.png halberdbastion.com/sites/default/files/styles/medium/public/2018-07/	10 KB 11 KB	2127ms 561ms	Image image/png	110.173.135.31 HOSTOPIA-AU Hosto...
General Check archive.org Show headers Download Go to Show image Full URL https://halberdbastion.com/sites/default/files/styles/medium/public/2018-07/Airtel-Tanzania-Logo.png?itok=PIf4CEUT Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 110.173.135.31 Sydney, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU), Reverse DNS v95594.dpvps.com.au Software Apache / Resource Hash d4169ec4173ec85ca078017d7c68f4139701c6a7e1d942d20595c545e1de718b Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:18 GMT x-content-type-options nosniff last-modified Wed, 30 Dec 2020 08:17:54 GMT server Apache content-type image/png cache-control max-age=1209600 accept-ranges bytes content-length 10595 expires Sat, 10 Dec 2022 03:17:18 GMT
GET H2	200	WVKvJDS.png i.imgur.com/	6 KB 6 KB	61ms 15ms	Image image/png	146.75.116.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/WVKvJDS.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 4b392d27dbb09781249eaa99538e3ad055cb96cf90ce0097561715b041e29700 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT strict-transport-security max-age=300 x-content-type-options nosniff age 2661169 x-cache HIT, HIT content-length 5877 x-served-by cache-iad-kiad7000146-IAD, cache-fra-eddf8230115-FRA last-modified Fri, 23 Oct 2020 11:26:00 GMT server cat factory 1.0 x-timer S1669432637.647185,VS0,VE1 etag "273ad62178d0fbabc28c076a77ac1cad" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 13335, 1
GET H2	200	FB_IMG_15869730632923052.jpg 1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/	98 KB 98 KB	31ms 7ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-Qhhqa37Fep4/XpdlgxSfpkI/AAAAAAAAAKY/CXFPWnrW4f0zCAAe6K-ZF2fKI2LHyWpdwCLcBGAsYHQ/s1600/FB_IMG_15869730632923052.jpg Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:45:31 GMT x-content-type-options nosniff age 12705 content-disposition inline;filename="FB_IMG_15869730632923052.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100293 x-xss-protection 0 server fife etag "vab" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 16 Nov 2022 04:32:37 GMT
GET H2	200	FB_IMG_15869726679037399.jpg 1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/	151 KB 151 KB	40ms 17ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/--d2BBdGugW8/XpdlXRvB-HI/AAAAAAAAAJ8/xcstaPQkWoszaizR_rkK2Nc5L7xN2o7WACLcBGAsYHQ/s1600/FB_IMG_15869726679037399.jpg Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:45:31 GMT x-content-type-options nosniff age 12705 content-disposition inline;filename="FB_IMG_15869726679037399.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 154558 x-xss-protection 0 server fife etag "va8" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Wed, 16 Nov 2022 04:32:39 GMT
GET H2	200	FB_IMG_15869730921979436.jpg 1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/	80 KB 80 KB	36ms 13ms	Image image/jpeg	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-UQW1DxDR9Ko/XpdlghF8wJI/AAAAAAAAAKU/EXuIMhMGNeED6BwLWbxkGgtBe3HL0RTTACLcBGAsYHQ/s1600/FB_IMG_15869730921979436.jpg Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 23:45:31 GMT x-content-type-options nosniff age 12705 content-disposition inline;filename="FB_IMG_15869730921979436.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 81996 x-xss-protection 0 server fife etag "vaa" vary Origin content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Sat, 15 Oct 2022 09:39:05 GMT
GET H2	200	800px-Flag_of_Tanzania.svg.png upload.wikimedia.org/wikipedia/commons/thumb/3/38/Flag_of_Tanzania.svg/	8 KB 9 KB	162ms 24ms	Image image/png	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/3/38/Flag_of_Tanzania.svg/800px-Flag_of_Tanzania.svg.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/9.1.3 / Resource Hash d42be8159049134117a7b9400cbb1da051b672ce5da01efcb553a7faf06e0b50 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Fri, 25 Nov 2022 13:00:48 GMT strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 51388 x-cache-status hit-front x-cache cp3061 hit, cp3063 hit/1 content-disposition inline;filename*=UTF-8''Flag_of_Tanzania.svg.png server-timing cache;desc="hit-front", host;desc="cp3063" content-length 7744 x-client-ip 2001:ac8:20:3d00:1012:9044:dc97:d332 last-modified Thu, 29 Sep 2022 23:42:31 GMT server ATS/9.1.3 accept-ch Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version etag 152d73db3abadc2acefb338d75540095 report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache permissions-policy interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org") accept-ranges bytes timing-allow-origin *
GET H2	200	cookienotice.js Show response data-portal.program-service.xyz/js/	6 KB 2 KB	15ms 15ms	Script text/javascript	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/js/cookienotice.js Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Fri, 25 Nov 2022 21:51:20 GMT server sffe vary Accept-Encoding report-to {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-type text/javascript cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 2026 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="blogger-tech" expires Sat, 03 Dec 2022 03:17:16 GMT
GET H2	404	yuming.js Show response data-portal.program-service.xyz/	3 KB 1 KB	436ms 435ms	XHR text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/yuming.js?1669432636602&_=1669432636583 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4e09b028097ed50e6ee02f7ea404608a992570859af5556a35f53d8d9381beec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Accept text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01 Referer https://data-portal.program-service.xyz/ X-Requested-With XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:16 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	404	like.png data-portal.program-service.xyz/img/f/	3 KB 3 KB	666ms 665ms	Image text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://data-portal.program-service.xyz/img/f/like.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4e09b028097ed50e6ee02f7ea404608a992570859af5556a35f53d8d9381beec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	404	bubble.png data-portal.program-service.xyz/img/f/	3 KB 3 KB	667ms 665ms	Image text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://data-portal.program-service.xyz/img/f/bubble.png Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 4e09b028097ed50e6ee02f7ea404608a992570859af5556a35f53d8d9381beec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	404	Tahoma-Bold.ttf data-portal.program-service.xyz/fonts/	0 0	665ms 664ms	Font text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/fonts/Tahoma-Bold.ttf Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	free-fa-regular-400.woff2 ka-f.fontawesome.com/releases/v5.15.1/webfonts/	13 KB 14 KB	288ms 253ms	Font font/woff2	2606:4700:e6::ac40:ca1c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.1/webfonts/free-fa-regular-400.woff2 Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e6::ac40:ca1c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2bc9b921ec022706cf67e3d319d79c5787b2342e4c64d10fa2324f2366ca127 Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers date Sat, 26 Nov 2022 03:17:16 GMT via 1.1 8218162abe2cae3ec1ec6855d835c406.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop BOM78-P6 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13576 last-modified Wed, 14 Oct 2020 21:22:07 GMT server cloudflare etag "787f098a53efc4938550773f48056957" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apHoSs8V9K%2F%2FiLAvGpxEYDtzYEYdYN1AAYlu6mTnpoDZe0blO8%2F60jJ3vNqgiaXBDOENeb7g0JcihqD9tZ0WKH2SzUaBYbHguJhNV%2F0AgpoitZI0fRpFBuT9SUQ3oyAK5%2FUmoNw6re2MHAgmt%2BMdVkNXaw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 76ff785b092b9a1d-FRA access-control-allow-headers fa-kit-token x-amz-cf-id j_ahIcGU3WoHmOIQdjlnnAJZE5ls4fqsTaUeopmHn-Q9mW8Gc5oa1Q==
GET H2	404	Tahoma.ttf data-portal.program-service.xyz/fonts/	0 0	666ms 666ms	Font text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/fonts/Tahoma.ttf Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	hm.js Show response hm.baidu.com/	29 KB 12 KB	1872ms 333ms	Script application/javascript	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Full URL https://hm.baidu.com/hm.js?ca8fa2b8983a78f763f13e55ce07f2f4 Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash 19cf576e802785527915ed787a710399739f6db07bca2bff77a3163c2a42976e Security Headers Name Value Strict-Transport-Security max-age=172800 Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Date Sat, 26 Nov 2022 03:17:18 GMT Content-Encoding gzip Strict-Transport-Security max-age=172800 Server apache Etag 36e1f7ede6978915b3342bd6bd1e7aba P3p CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Content-Type application/javascript Cache-Control max-age=0, must-revalidate Content-Length 11255
GET H2	404	Roboto-Regular.ttf data-portal.program-service.xyz/fonts/	0 0	647ms 646ms	Font text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/fonts/Roboto-Regular.ttf Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	404	Roboto-Bold.ttf data-portal.program-service.xyz/fonts/	0 0	647ms 646ms	Font text/html	2a00:1450:4001:802::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://data-portal.program-service.xyz/fonts/Roboto-Bold.ttf Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://data-portal.program-service.xyz/ Origin https://data-portal.program-service.xyz accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers pragma no-cache date Sat, 26 Nov 2022 03:17:17 GMT content-encoding gzip x-content-type-options nosniff server GSE content-type text/html; charset=UTF-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-length 1234 x-xss-protection 1; mode=block expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	hm.gif hm.baidu.com/	43 B 299 B	349ms 349ms	Image image/gif	103.235.46.191 BAIDU Beijing Bai...
General Check archive.org Show headers Download Go to Show image Full URL https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=140639618&si=ca8fa2b8983a78f763f13e55ce07f2f4&v=1.3.0&lv=1&sn=59584&r=0&ww=1600&u=https%3A%2F%2Fdata-portal.program-service.xyz%2F%231669432637123&tt=INDPENDENCE%20DAY%20OFFER Requested by Host: data-portal.program-service.xyz URL: https://data-portal.program-service.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN), Reverse DNS Software apache / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://data-portal.program-service.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36 Response headers Pragma no-cache Date Sat, 26 Nov 2022 03:17:19 GMT Strict-Transport-Security max-age=172800 X-Content-Type-Options nosniff Server apache Content-Type image/gif Cache-Control private, max-age=0, no-cache Content-Length 43

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| adsbygoogle number| timer_start string| redirectURL string| WhatsApp_share_message string| Share_link string| alert_text number| total number| ii number| iy function| hidepop function| incrementValue1 function| incrementValue_i boolean| spin2enabled number| ob string| _0xodL object| _0x44bf function| _0x17b0 function| fn1_i function| incrementValue_a function| fn1_a function| tipn function| set_Cookie function| get_Cookie function| getQueryString function| lasthtml function| dapp function| dappp function| record string| banner string| j function| hh1 function| jp function| fh object| _hmt object| cookieChoices boolean| _bdhm_loaded_ca8fa2b8983a78f763f13e55ce07f2f4 object| mini_tangram_log_92r9cj

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hm.baidu.com/	1970-01-20 17:19:52	Name: HMACCOUNT_BFESS Value: 15E4D0E06A69EEAC
			.data-portal.program-service.xyz/	1970-01-20 16:29:28	Name: Hm_lvt_ca8fa2b8983a78f763f13e55ce07f2f4 Value: 1669432639
			.data-portal.program-service.xyz/	1969-12-31 23:59:59	Name: Hm_lpvt_ca8fa2b8983a78f763f13e55ce07f2f4 Value: 1669432639

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://data-portal.program-service.xyz/yuming.js?1669432636602&_=1669432636583 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/fonts/Tahoma-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/img/f/like.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/img/f/bubble.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/fonts/Tahoma.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/fonts/Roboto-Bold.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://data-portal.program-service.xyz/fonts/Roboto-Regular.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
ajax.googleapis.com
cdn.webshopapp.com
data-portal.program-service.xyz
fonts.googleapis.com
halberdbastion.com
hm.baidu.com
i.imgur.com
ka-f.fontawesome.com
maxcdn.bootstrapcdn.com
nextnationalday.com
upload.wikimedia.org
103.235.46.191
107.161.23.64
110.173.135.31
146.75.116.193
2606:4700::6811:9c1e
2606:4700::6812:acf
2606:4700:e6::ac40:ca1c
2620:0:862:ed1a::2:b
2a00:1450:4001:802::2013
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
0ab598f29be7f1cdd70942c4bf64b2627e9eac3a64bca0234c1fc2d01fe7fa2c
1612e7c684acc35f3e2676ff3795cc610941fbae855be4c0e07461a6b55933e0
19cf576e802785527915ed787a710399739f6db07bca2bff77a3163c2a42976e
2989adfe0b5fe5bea9fa0efb0a8b29bb8f8259848e0217425eb8d91a30134849
2ba145e9b3860210b8f8cdf7960ae1dd0e7b70e5cdc7e8faa288f313bd383e91
4b392d27dbb09781249eaa99538e3ad055cb96cf90ce0097561715b041e29700
4e09b028097ed50e6ee02f7ea404608a992570859af5556a35f53d8d9381beec
5c9c517e620396411be0f673c0236771d9d021e2171778b806196a0968e4b4cf
8b8a678ee1c22753c8f6e029f2c3add9e0e3f03ff319f099599f55b7a103e8df
9b18a8a0d52e20fc366ebefa0c289550dd14cff27146d819ef9a762178238c95
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
c2bc9b921ec022706cf67e3d319d79c5787b2342e4c64d10fa2324f2366ca127
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4169ec4173ec85ca078017d7c68f4139701c6a7e1d942d20595c545e1de718b
d42be8159049134117a7b9400cbb1da051b672ce5da01efcb553a7faf06e0b50
d4b1b95544a98a46c0b587e7c321de6fb660675195cb5de21b2e31d355ed057a
e2510964c1e902cb23352128bac09d69f9a277d9d5b3fcdd30395a9696cc4480
e94a2e599af3383db4e702b6813463319e93a14afdf1c442f9876f45c497a8a2
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c