admin3us.mypanel2.ir Open in urlscan Pro
188.114.97.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://admin3us.mypanel2.ir/
Submission: On June 07 via api (June 7th 2024, 5:36:43 pm UTC) from US — Scanned from NL

Summary HTTP 77 Redirects Links 100 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 18 domains to perform 77 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is admin3us.mypanel2.ir.
TLS certificate: Issued by GTS CA 1P5 on May 5th 2024. Valid for: 3 months.

This is the only time admin3us.mypanel2.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:fb33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	104.16.252.51 104.16.252.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ab0... 2a02:26f0:ab00:39e::14a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	104.16.251.51 104.16.251.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.112.95 18.66.112.95	16509 (AMAZON-02) (AMAZON-02)
1	3.161.77.50 3.161.77.50	16509 (AMAZON-02) (AMAZON-02)
3	142.250.74.196 142.250.74.196	15169 (GOOGLE) (GOOGLE)
1	18.66.102.53 18.66.102.53	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	172.67.72.135 172.67.72.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	75.2.40.13 75.2.40.13	16509 (AMAZON-02) (AMAZON-02)
3	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	18.245.31.92 18.245.31.92	16509 (AMAZON-02) (AMAZON-02)
1	13.32.121.46 13.32.121.46	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.6.136 108.138.6.136	16509 (AMAZON-02) (AMAZON-02)
1	52.216.212.121 52.216.212.121	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:20:... 2606:4700:20::ac43:479c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
77	27

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

admin3us.mypanel2.ir	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:fb33 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.16.252.51 (None, )

ASN13335 (CLOUDFLARENET, US)

img.assets-d.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ab00:39e::14a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn-4.convertexperiments.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.251.51 (None, )

ASN13335 (CLOUDFLARENET, US)

assets-c3.propublica.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-95.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.77.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-77-50.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.74.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.72.135 (United States)

ASN13335 (CLOUDFLARENET, US)

static.trueanthem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-92.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-46.fra60.r.cloudfront.net

client.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.6.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-6-136.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.212.121 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:479c (United States)

ASN13335 (CLOUDFLARENET, US)

platform.iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
iteratehq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	propublica.org assets.propublica.org — Cisco Umbrella Rank: 101564 img.assets-d.propublica.org — Cisco Umbrella Rank: 156212 assets-c3.propublica.org — Cisco Umbrella Rank: 203440 www.propublica.org Failed	1 MB
5	iteratehq.com platform.iteratehq.com — Cisco Umbrella Rank: 7831 iteratehq.com — Cisco Umbrella Rank: 6643	28 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 236 stats.g.doubleclick.net — Cisco Umbrella Rank: 130	175 KB
5	google.com www.google.com — Cisco Umbrella Rank: 5 region1.analytics.google.com — Cisco Umbrella Rank: 3163	1 KB
3	amazon-adsystem.com config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 731 client.aps.amazon-adsystem.com — Cisco Umbrella Rank: 13900 c.amazon-adsystem.com — Cisco Umbrella Rank: 356	68 KB
2	google.nl www.google.nl — Cisco Umbrella Rank: 10670	516 B
2	sail-personalize.com api.sail-personalize.com — Cisco Umbrella Rank: 4192	498 B
2	trueanthem.com static.trueanthem.com — Cisco Umbrella Rank: 25245	12 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 65	21 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 887 script.hotjar.com — Cisco Umbrella Rank: 1282	59 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3850 p1.parsely.com — Cisco Umbrella Rank: 2743	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	192 KB
2	mypanel2.ir admin3us.mypanel2.ir	34 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 11089	448 B
1	gstatic.com www.gstatic.com	205 KB
1	htlbid.com htlbid.com — Cisco Umbrella Rank: 9246	122 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 4511	34 KB
1	convertexperiments.com cdn-4.convertexperiments.com — Cisco Umbrella Rank: 9879	66 KB
77	18

	Domain	Requested by
19	img.assets-d.propublica.org	admin3us.mypanel2.ir
15	assets.propublica.org	admin3us.mypanel2.ir assets.propublica.org
3	iteratehq.com	platform.iteratehq.com
3	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
3	www.google.com	admin3us.mypanel2.ir www.gstatic.com
3	assets-c3.propublica.org	admin3us.mypanel2.ir
2	platform.iteratehq.com	admin3us.mypanel2.ir platform.iteratehq.com
2	www.google.nl	admin3us.mypanel2.ir
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	api.sail-personalize.com	ak.sail-horizon.com
2	static.trueanthem.com	www.googletagmanager.com static.trueanthem.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	admin3us.mypanel2.ir www.googletagmanager.com
2	admin3us.mypanel2.ir	admin3us.mypanel2.ir
1	ams-pageview-public.s3.amazonaws.com	admin3us.mypanel2.ir
1	c.amazon-adsystem.com	client.aps.amazon-adsystem.com
1	client.aps.amazon-adsystem.com	htlbid.com
1	config.aps.amazon-adsystem.com	htlbid.com
1	script.hotjar.com	static.hotjar.com
1	p1.parsely.com	admin3us.mypanel2.ir
1	www.gstatic.com	www.google.com
1	htlbid.com	admin3us.mypanel2.ir
1	static.hotjar.com	admin3us.mypanel2.ir
1	cdn.parsely.com	admin3us.mypanel2.ir
1	ak.sail-horizon.com	admin3us.mypanel2.ir
1	cdn-4.convertexperiments.com	admin3us.mypanel2.ir
0	www.propublica.org Failed	assets.propublica.org
77	28

This site contains links to these domains. Also see Links.

Domain
give.propublica.org
www.propublica.org
projects.propublica.org
www.facebook.com
twitter.com
www.instagram.com
capitolnewsillinois.com
www.nytimes.com
mississippitoday.org
www.themainemonitor.org
www.idahostatesman.com
www.youtube.com
policies.google.com

Subject Issuer	Validity	Valid
mypanel2.ir GTS CA 1P5	`2024-05-05` - `2024-08-03`	3 months	crt.sh
assets.propublica.org E1	`2024-04-17` - `2024-07-16`	3 months	crt.sh
img.assets-d.propublica.org Cloudflare Inc ECC CA-3	`2023-10-28` - `2024-10-27`	a year	crt.sh
*.convertexperiments.com DigiCert TLS RSA SHA256 2020 CA1	`2023-11-09` - `2024-11-09`	a year	crt.sh
assets-c3.propublica.org E1	`2024-04-10` - `2024-07-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
ak.sail-horizon.com Amazon RSA 2048 M02	`2023-12-04` - `2024-12-30`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M03	`2024-04-05` - `2025-05-04`	a year	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
trueanthem.com E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
api.sail-personalize.com Amazon RSA 2048 M02	`2024-03-25` - `2025-04-22`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
client.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2023-12-20` - `2025-01-18`	a year	crt.sh
*.google.nl WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
iteratehq.com E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://admin3us.mypanel2.ir/
Frame ID: 9307901DC6411797832EE261DFF617F6
Requests: 79 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9hZG1pbjN1cy5teXBhbmVsMi5pcjo0NDM.&hl=nl&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=fyukhft6958w
Frame ID: F7EE75FC756E7EB0BA42520D9BC69B51
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ProPublica — Investigative Journalism and News in the Public Interest

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

77
Requests

99 %
HTTPS

35 %
IPv6

18
Domains

28
Subdomains

27
IPs

6
Countries

2204 kB
Transfer

4892 kB
Size

14
Cookies

100 Outgoing links

These are links going to different origins than the main page.

URL: https://give.propublica.org/give/346423/#!/donation/checkout?c_src=PB
Title: Summer Member Drive Protect journalism that holds power to account. Donate Now

Search URL Search Domain Scan URL

URL: https://www.propublica.org/
Title: ProPublica

Search URL Search Domain Scan URL

URL: https://give.propublica.org/give/346423/#!/donation/checkout?c_src=UpRed
Title: Donate

Search URL Search Domain Scan URL

URL: https://projects.propublica.org/nonprofits/
Title: Nonprofit Explorer

Search URL Search Domain Scan URL

URL: https://www.propublica.org/local-initiatives/
Title: Local Initiatives

Search URL Search Domain Scan URL

URL: https://www.propublica.org/newsletters/
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.propublica.org/about/
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/racial-justice
Title: Racial Justice

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/health-care
Title: Health Care

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/politics
Title: Politics

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/criminal-justice
Title: Criminal Justice

Search URL Search Domain Scan URL

URL: https://www.propublica.org/topics/
Title: more…

Search URL Search Domain Scan URL

URL: https://www.propublica.org/midwest/
Title: Midwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/northwest/
Title: Northwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/south/
Title: South

Search URL Search Domain Scan URL

URL: https://www.propublica.org/southwest/
Title: Southwest

Search URL Search Domain Scan URL

URL: https://www.propublica.org/texas/
Title: Texas

Search URL Search Domain Scan URL

URL: https://www.propublica.org/newsapps/
Title: Graphics & Data

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/
Title: Series

Search URL Search Domain Scan URL

URL: https://www.propublica.org/video/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.propublica.org/local-reporting-network/
Title: Local Reporting Network

Search URL Search Domain Scan URL

URL: https://www.propublica.org/electionland/
Title: Electionland

Search URL Search Domain Scan URL

URL: https://www.propublica.org/datastore/
Title: Data Store

Search URL Search Domain Scan URL

URL: https://www.propublica.org/impact/
Title: Impact

Search URL Search Domain Scan URL

URL: https://www.propublica.org/jobs/
Title: Jobs & Fellowships

Search URL Search Domain Scan URL

URL: https://www.propublica.org/contact/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica
Title: Facebook Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/propublica
Title: Twitter Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/propublica/
Title: Instagram Instagram

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/michigan-bottled-water-whitmer-flint

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/anna-clark
Title: Anna Clark

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/sarahbeth-maney
Title: Sarahbeth Maney

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/illinois-homeschool-education-regulations

Search URL Search Domain Scan URL

URL: https://capitolnewsillinois.com/
Title: Capitol News Illinois

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/donald-trump-criminal-trial-second-term

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/a-closer-look
Title: A Closer Look

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/andrea-bernstein
Title: Andrea Bernstein

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/idaho-republican-primary-election-culture-wars

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/audrey-dutton
Title: Audrey Dutton

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/the-secret-irs-files

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/trump-irs-audit-chicago-hotel-taxes

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/paul-kiel
Title: Paul Kiel

Search URL Search Domain Scan URL

URL: https://www.nytimes.com/
Title: The New York Times

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/clarence-thomas-gift-disclosures-harlan-crow

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/supreme-court-scotus
Title: Friends of the Court

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/joshua-kaplan
Title: Joshua Kaplan

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/justin-elliott
Title: Justin Elliott

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/alex-mierjeski
Title: Alex Mierjeski

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/uprooted
Title: Uprooted

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/uprooted-wins-top-award-from-the-education-writers-association
Title: “Uprooted” Wins Top Award from the Education Writers Association

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/propublica
Title: ProPublica

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/federal-civil-rights-complaint-rockford-illinois-schools

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/the-price-kids-pay
Title: The Price Kids Pay

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jennifer-smith-richards
Title: Jennifer Smith Richards

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jodi-cohen
Title: Jodi S. Cohen

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/ginger-thompson-named-managing-editor
Title: Ginger Thompson Named Managing Editor

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/donald-trump-criminal-cases-witnesses-financial-benefits

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/robert-faturechi
Title: Robert Faturechi

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/lesion-trabajo-rancho-granja-wisconsin-ayuda

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/peligro-en-las-granjas
Title: Peligro en las granjas

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/maryam-jameel
Title: Maryam Jameel

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/melissa-sanchez
Title: Melissa Sanchez

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/what-to-know-hurt-working-wisconsin-dairy-farm

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/americas-dairyland
Title: America’s Dairyland

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/ny-education-department-abuse-investigation-shrub-oak-international-school

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/texas-ken-paxton-consumer-protection-law-investigations

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/vianna-davila
Title: Vianna Davila

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/ken-paxton-consumer-protection-laws-political-targets

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/thomasville-alabama-segregation-academies

Search URL Search Domain Scan URL

URL: https://www.propublica.org/people/jennifer-berry-hawes
Title: Jennifer Berry Hawes

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/americas-dairyland-wins-peter-lisagor-award
Title: “America’s Dairyland” Wins Peter Lisagor Award

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/baptist-desoto-hospital-civil-commitment-jail

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/committed-to-jail
Title: Committed to Jail

Search URL Search Domain Scan URL

URL: https://mississippitoday.org/author/itaft/
Title: Isabelle Taft

Search URL Search Domain Scan URL

URL: https://mississippitoday.org/
Title: Mississippi Today

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/maine-health-department-care-facilities-elopement

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/long-term-challenge
Title: Long-Term Challenge

Search URL Search Domain Scan URL

URL: https://www.themainemonitor.org/
Title: The Maine Monitor

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/idaho-salmon-school-district-bond-approved

Search URL Search Domain Scan URL

URL: https://www.propublica.org/series/state-of-disrepair
Title: State of Disrepair

Search URL Search Domain Scan URL

URL: https://www.idahostatesman.com/
Title: Idaho Statesman

Search URL Search Domain Scan URL

URL: https://www.facebook.com/propublica/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/propublica
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.propublica.org/feeds/propublica/main
Title: RSS

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://give.propublica.org/give/346423/#!/donation/checkout?c_src=vote
Title: Summer Member Drive Protect journalism that holds power to account. Donate Now

Search URL Search Domain Scan URL

URL: http://www.propublica.org/corrections
Title: Read our corrections

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/help-investigate-homeless-encampment-removals
Title: Have You Experienced Homelessness? Do You Work With People Who Have? Tell Us About Encampment Removals.

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/texas-school-board-bond-elections
Title: Help ProPublica and The Texas Tribune Report on School Board and Bond Elections in Your Community

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/tell-us-about-mental-health-care-access
Title: We’re Investigating Mental Health Care Access. Share Your Insights.

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/3m-forever-chemicals-pfas-pfos-inside-story
Title: How 3M Executives Convinced a Scientist the Forever Chemicals She Found in Human Blood Were Safe

Search URL Search Domain Scan URL

URL: https://www.propublica.org/article/yieldstar-rent-increase-realpage-rent
Title: Rent Going Up? One Company’s Algorithm Could Be Why.

Search URL Search Domain Scan URL

URL: https://www.propublica.org/getinvolved/
Title: Get Involved

Search URL Search Domain Scan URL

URL: https://www.propublica.org/nerds/
Title: The Nerd Blog

Search URL Search Domain Scan URL

URL: https://www.propublica.org/atpropublica/
Title: @ProPublica

Search URL Search Domain Scan URL

URL: https://www.propublica.org/events/
Title: Events

Search URL Search Domain Scan URL

URL: https://www.propublica.org/leadership/
Title: Board and Advisors

Search URL Search Domain Scan URL

URL: https://www.propublica.org/staff/
Title: Officers and Staff

Search URL Search Domain Scan URL

URL: https://www.propublica.org/diversity/
Title: Diversity

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
admin3us.mypanel2.ir/ 166 KB
33 KB 571ms
480ms Document
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://admin3us.mypanel2.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed319e3f2bfd5cac6c86633748613ecddd7b646e586c7735bbb7f63f7e7bcb4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://projects.propublica.org
alt-svc: h3=":443"; ma=86400
cache-control: max-age=900, public, must-revalidate, stale-while-revalidate=60, stale-if-error=60
cf-cache-status: DYNAMIC
cf-ray: 8902677effb0195e-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 17:36:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: http://p53lf57qovyuvwsc6xnrppyply3vtqm7l6pcobkmyqsiofyeznfu5uqd.onion/
pragma: cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5zyQFgwuJCRuUfhUx4FLT7xzudf21Z2ftHrqrcscIzspXVuRoOLhiI2Ib3lC22idiPM7dPDkQroVhUwixBXu4vQXgLb3RNpIiXcog8UTOb2INbtwA8Mjzzkn6R73Bd0pjQLsxzyySA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=10886400; includeSubDomains; preload
vary: Accept-Encoding
x-author: queue-worker
x-debug: Cached
x-frame-options: DENY
x-origin: v3-www.propublica.org

GET
H2 200 main.51828988.css
assets.propublica.org/static/prod/v5/css/ 391 KB
45 KB 347ms
194ms Stylesheet
text/css 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5f5b6ad0f1007fa29e9c6525beb9468a91aa6c8aa8b00d041b3723c6f0f66d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Y9862SFY2RGXE421
cf-polished: origSize=403941
alt-svc: h3=":443"; ma=86400
x-amz-id-2: QuyOd4uU+a78IA/akG89tAofyMBjns1vJR/LxpcPAV/JzPfRfq8Vj2ZXLlW0RFavjHg4x6lgvBA=
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 19:05:58 GMT
server: cloudflare
etag: W/"9723d90915352bb1e6384c4cb89d9553"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 890267830e8fbbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H2 200 201904-banner.png
assets.propublica.org/static/prod/v4/images/ 99 KB
99 KB 330ms
231ms Image
image/webp 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/201904-banner.png
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d81e0bf79972922227d4a367c03cfa4fb33dc5406fbeb3b904b56acbc394dae

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
cf-cache-status: HIT
x-amz-request-id: M0RN45859PPCYS36
cf-polished: origFmt=png, origSize=266577
content-disposition: inline; filename="201904-banner.webp"
alt-svc: h3=":443"; ma=86400
content-length: 100988
x-amz-id-2: r3BxtGE/PGJLusXjuvR2LV1D4JXS42PgzIKT7k9aUcVynGp6IOl0QobUcTcPq1C/fkmwNlhSxok=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 19:05:05 GMT
server: cloudflare
etag: "8e130e9cded2311891e95ff9b35f157f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 890267830e95bbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H3 200 20210607-secret-irs-series-3x2.jpg
img.assets-d.propublica.org/v5/images/ 9 KB
10 KB 240ms
156ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20210607-secret-irs-series-3x2.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=413&q=75&w=310&s=00bf8ac64aa24995c87c6b77022d264e
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 663e19d359b28439846108f84c1504fd800f1e2e27dac57143d0e24b9c695c41

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront), 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 171cf01f-3f41-4ba8-b4e3-8a17b070fda8
x-cache: Hit from cloudfront
x-amz-apigw-id: YzOzAFrWoAMElxQ=
content-length: 9680
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:10:31 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665df812-66cd4e075043d0b03e47bd6e;Parent=5a5d06324217bc23;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026783289e1db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: HVvMsZ31poRwj82Ni4CsGtQ44wQvCowD5aiJFOK1gx8cl8hjAmOF0w==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 email-decode.min.js Show response
admin3us.mypanel2.ir/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 53ms
43ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://admin3us.mypanel2.ir/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 04 Jun 2024 12:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"665f0832-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Aibp90gV1%2BQt66lfRs0qHKSI21SZkSxUaNwsiSkBLF39EY1Iv6%2Bb72OYKT6k%2BV7SduKqA0ud9wAuMG3d0xs0yjl5nmwLoJ8BVQp3DLDDinXU4DvbPjO2VYs7VJOOoj1k7Ki%2Bwd7BBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 89026782be3e195e-FRA
expires: Sun, 09 Jun 2024 17:36:26 GMT

GET
H2 200 main.2c37ba76.js Show response
assets.propublica.org/static/prod/v5/js/ 141 KB
39 KB 227ms
178ms Script
application/javascript 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/js/main.2c37ba76.js
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00ae2a479a40471a2ee0aafc4e7dafba5123f2b219d91563d52b56853a3bea13

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 17:04:15 GMT
server: cloudflare
x-amz-request-id: 6VYWBV003BCCGAFD
etag: W/"30a5684f8e8a889b49bddd5f9d39c8c9"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 890267830e93bbf5-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: abLxL76GDYO0Cb6XU57e33i3qBzVjdafF005WG2wwqeghoU8FhHmBf4zWTYSts/MJf4Vp3sIzrA=
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H2 200 1004759-1004714.js Show response
cdn-4.convertexperiments.com/js/ 214 KB
66 KB 211ms
61ms Script
application/javascript 2a02:26f0:ab00:39e::14a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-4.convertexperiments.com/js/1004759-1004714.js
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ab00:39e::14a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f61f27a050a93466c38b39465654a8ead4ca789126e0d5063f2dc0c28a437dea

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 07 Jun 2024 17:36:26 GMT
content-encoding: gzip
cache-control: public, max-age=300
content-type: application/javascript
vary: Accept-Encoding
expires: Fri, 07 Jun 2024 17:41:26 GMT

GET
H3 200 TiemposTextWeb-Regular_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 28 KB
28 KB 4133ms
3715ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposTextWeb-Regular_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 053a9b913df62d6f62e05479e93d679953d2cf19de25301648d4701d838f7e17

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA197AVG236VSZXK
alt-svc: h3=":443"; ma=86400
content-length: 28357
x-amz-id-2: dLh9SoDkOh9x30UNZl9vT1c2qmaPn9naDs39Lqw5MnXogieNRqn2g7qRZRiZeY6UJ+q2ra0xzAg=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "2f0dc7dd281de8884c39fefcbf755812"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0afcbb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cce51e792b5bed74f35c8b0540f856a24116ecd96dad0c9b64e6a4552c4afcb9

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 813 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4a2d88e2d2d50aa91bce568a9e4a5c707d30c56b84f97f306a069c10eac5ae33

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 387 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b44840c1bb8e5b5df03db4c7589c7d129dd00a88fab8e57fafc0b75b6c2659ca

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 481 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cece1f4ebf180c5740977e93adbbf6d91af4d5a0f8c9034025a2bec8b3119a75

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15fbec6e5b37cc7e9ff13f533cebd43d4a4579b9b257d6c96b21936463361f75

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Graphik-Bold-Web_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 18 KB
18 KB 4540ms
4123ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/Graphik-Bold-Web_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f75efe09e9a15de6732fbf32bb96bd5d570689576f84be9763fe6147f3f405c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA12SA1R0XB1EABE
alt-svc: h3=":443"; ma=86400
content-length: 17965
x-amz-id-2: d7mQ2exwEWNnakeoGO8bt3XS/rkYdsurIxAlxyqRNfT6xJMDw9g2wzPhSnc92ZHWNKJ2oMei3v4=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "36c66768f1f0efc2065048e1f1dba296"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0affbb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
H3 200 Graphik-Regular-Web_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 16 KB
16 KB 3839ms
3423ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/Graphik-Regular-Web_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ce372d43a91580bdc4185d48a02bef4b7954c49e721e181fa02b656eaa61213

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA1E6HQDJBEX4941
alt-svc: h3=":443"; ma=86400
content-length: 15885
x-amz-id-2: 4KBZV0f/u8FlKqCEsD0hPNojEt7g8MmnaV/4Dfdo+3frh+YoAGdhPRea8IC8gRmzHdArMkOo9u0=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "1974b7e72f30b60ceed7de2e5653d7b4"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0aeebb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
H3 200 TiemposTextWeb-Bold_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 29 KB
29 KB 4222ms
3808ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposTextWeb-Bold_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 890a308f110701f892cbb8d923d529a06c44e5bbeafa6b92df2fae66f3706bd1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA19XRH729VF35FZ
alt-svc: h3=":443"; ma=86400
content-length: 29395
x-amz-id-2: 3z2haGZSi0nmknXMJ3bfQ8NIp8CqArbkDefPywUl4egrpgFbnfcsgbO2bsbHyh7AIZc56fi8BUI=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "15e76bde224fbb7970e3b89254be71da"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0af0bb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
H3 200 TiemposHeadlineWeb-Black_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 19 KB
19 KB 3860ms
3447ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposHeadlineWeb-Black_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6407c87204c820e7f94f1e129190e3f3589f59c4768cc97c3a76d43075d8f2fa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA179J43CSK6NRG8
alt-svc: h3=":443"; ma=86400
content-length: 19337
x-amz-id-2: wd3z99GIuWAuM7nI/C/VDg8zA7nriXDcnTMhjf0tpYfHxJJ24z84ILHonxzgXQCRza3MaFYAGNM=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "4ca36d6287f01b10c1ac41cd2e1da923"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0af4bb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
H3 200 TiemposHeadlineWeb-Bold_default.woff2
assets.propublica.org/static/prod/v5/fonts/ 19 KB
20 KB 3899ms
3496ms Font
font/woff2 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/fonts/TiemposHeadlineWeb-Bold_default.woff2
Requested by: Host: assets.propublica.org
URL: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a62ee001f1b8313b0030ddf9c3a30c789075a2a4a9065557ab76c46d088bbe0f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://assets.propublica.org/static/prod/v5/css/main.51828988.css
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: MISS
x-amz-request-id: CA19AAT3W1ENYP0D
alt-svc: h3=":443"; ma=86400
content-length: 19529
x-amz-id-2: ACOVOInEmW+glFMH7Eo0qiYY3QYVJt/srHwuwlLHFNXtCy5bFxaGrWTPRvdfJRlyCFid+jd6eME=
last-modified: Fri, 07 Jun 2024 17:24:46 GMT
server: cloudflare
etag: "bf354483d7fb9a80bff102f07b0c2266"
access-control-max-age: 900
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 8902679d0af9bb77-FRA
expires: Sat, 08 Jun 2024 17:36:30 GMT

GET
H3 200 20240208-Maney-Flint-046_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95_2024-05-28-154600_xvqc.jpg
img.assets-d.propublica.org/v5/images/ 192 KB
193 KB 166ms
122ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240208-Maney-Flint-046_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95_2024-05-28-154600_xvqc.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.6969&fp-y=0.4913&h=1067&q=75&w=1600&s=8e7e06caa43fd49d59d398e7cf5d8d9a
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a721a612afdc6691b9e62b022e7296911972c9d99c5b34357edb7e2ac9d1f7e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront), 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 6fae4195-482d-4584-9814-bca9700dd07e
x-cache: Hit from cloudfront
x-amz-apigw-id: Y8BpxGHeoAMEaHQ=
content-length: 197084
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:30:37 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66617ca4-313df0da23ae781e3374678a;Parent=2db280159876e519;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738281db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: _nw59N3p5KoiXhxOUd5ZBH5eoOElmlmNdVqKDy_jNmq8xNz95hLXoA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Propublica-Homeschooling-SA_3000_2000_Final_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 293 KB
294 KB 254ms
211ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Propublica-Homeschooling-SA_3000_2000_Final_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=1067&q=75&w=1600&s=76b98e07dd08dfd7f201e7b94c4b5055
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ffe7c121b7d13b90081ff05bcc61102d139c36593bd40cf82a2037295a3792c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 de048058a16d8205bfbc06a8f2eefb34.cloudfront.net (CloudFront), 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 338f8dc3-7897-472c-b3f7-3ef39a9c5c74
x-cache: Hit from cloudfront
x-amz-apigw-id: Y5IUAGkAoAMEmfA=
content-length: 299956
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 16:50:04 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66605419-07f5eaef271e7ad600bd0009;Parent=40eaf213f4d589da;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787382b1db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 2lnmx_KgfpNobF-2Pyzjphgzv8h2nn93EQnJ07WhVGDDHZ7VO-h0EQ==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Trial-Lessons-Lead_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 6 KB
7 KB 3771ms
3727ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Trial-Lessons-Lead_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=1beff66208c3776a49c2235a120f756f
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d27ecd0938be6f347ba4579d44bb0f9db82135db6d0bd55821893c6fba07da2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 d818b372f81cbe23bb149df5877c444a.cloudfront.net (CloudFront), 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, VIE50-P1
x-amzn-requestid: 96830b1d-73b2-477e-970d-7dd850c38f6d
x-cache: Hit from cloudfront
x-amz-apigw-id: Y5ktDH5BIAMEs9Q=
content-length: 6370
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:08:38 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66608186-63d1bcc1506214c80a294898;Parent=5edeb183ad5781b1;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787382e1db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: le7lnOJzC_3uZDuP0KvUGm2Kuqg6qZII7Yk8sXT5U9e_SPcm-onjmA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 AP23256700072750_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 8 KB
9 KB 132ms
89ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/AP23256700072750_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=92a1eaa6684234e23de3c0a82888b114
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75db1f6d54f50a71be61784d1b94d3afd368c4799328696e17606ee413eb00a3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront), 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: ca7a9096-33fa-4985-b6c3-4e6c6fc14de0
x-cache: Hit from cloudfront
x-amz-apigw-id: Y2MnGFbdoAMEqQQ=
content-length: 8558
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:34:07 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665f27c6-482012d262a4ac14687571c8;Parent=1f3ccb1e2e15f1b6;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738311db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: gAZkO7SjKW3BducZjtRN698m8Wy_bYCZMkI8eFhV86xvTrGOcbjf6w==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 9 KB
9 KB 3698ms
3655ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=0f5f0faa13e656e5feb90e2f945bdfc5
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3bca58f5bf11793f5959b28fd3476d8d6c592f10a32774d673812b834cebfc5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 5f82872daec754c74bbd4ef1bc7f7314.cloudfront.net (CloudFront), 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 776f7f18-3456-45da-a584-d1602193ec5e
x-cache: Hit from cloudfront
x-amz-apigw-id: Yy1wYG9jIAMEsAQ=
content-length: 8818
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:30:01 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665dd002-50a8997939c9c61c1dcf43a9;Parent=62ae283f124cb73f;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738321db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: JNFWL1bt-o-G14iAlHlp5Nsv3ABntEMmzHx3MsHVS6IYfCSVNB7sMw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 GettyImages-1431398148.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
4 KB 3699ms
3656ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/GettyImages-1431398148.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=1b45fb496480f12d8434bd34e17cff02
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32e1a904a52ccb419c0e270b07780ca351c2ecc952f22f2e80717b848a407f08

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:27 GMT
via: 1.1 7a0989f96d7fa4864ba49c5b0d586bb2.cloudfront.net (CloudFront), 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 06b99793-e55f-4e68-8bdf-9dd4b394548a
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAe8RF_kIAMEijA=
content-length: 3112
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:36:27 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6663451b-61fe6a13041c8ebd33097037;Parent=5750a8849ab7339c;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738351db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: yTGEZLK5T0oFayvJ9z4n_o57-OWx05ZO6t5T__f5kEGpt1_jPbni0A==
expires: Sat, 07 Jun 2025 17:36:27 GMT

GET
H3 200 Price-Kids-Pay-Rockford_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 8 KB
9 KB 130ms
87ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Price-Kids-Pay-Rockford_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.4971&fp-y=0.3719&h=210&q=75&w=210&s=62da4ca9ac2394657c1b8c24ba5f1ffc
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba8e64ee031f491fd5f9cea3ba28afa3420629751ef80ff32a53e4f89c03614

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront), 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 0082a52e-3b1e-49d8-89d3-ea399e0d7233
x-cache: Hit from cloudfront
x-amz-apigw-id: Y3SCkEMmIAMEJBg=
content-length: 8410
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:30:01 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665f96dc-41daf52d37824d8f69d34cb2;Parent=54759bac9367a737;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738361db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Un1V4ztm4uecgbbS9AwV-EzqWa1hOBZ99YgoU-KZObtt_bpQWcnwsw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Witnesses-Promo.jpg
img.assets-d.propublica.org/v5/images/ 5 KB
6 KB 3699ms
3656ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Witnesses-Promo.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=cda57f8da5aa326724ba48d795d32faa
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b20f106b4f6134cf2335e20d02ab4323a7281cc267a6a0b826bdcc6a36e0d24d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront), 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 96b1baa9-c7bb-4ec4-8187-e4cc0a9d81ff
x-cache: Hit from cloudfront
x-amz-apigw-id: YyfbcHxDoAMEhaQ=
content-length: 5132
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:08:38 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665dac48-1c0d2cf705f6dd954a965027;Parent=5b68acad2c7c5bcd;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 8902678738381db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: psoLOJ1f7IBFc_0fj7CY_RuvfbM5EATX9Kb2AVgr-oS3OLZIYG47xg==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Propublica-Rodriguez-opener-FINAL_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 9 KB
10 KB 3700ms
3657ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Propublica-Rodriguez-opener-FINAL_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=210&q=75&w=210&s=09aeca30a7af85068ee07c93029fdaa8
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 907a8354857d7f7a73afd39694dd9d4c3d9c1e2aa0136ddd117c9be8e19b1121

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 9b70adf7c49e859435e96eb0fc35c216.cloudfront.net (CloudFront), 1.1 ba67e20db38657ee5cb05d05b3da9d70.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 1902a234-174f-4356-8303-5409b991f4ff
x-cache: Hit from cloudfront
x-amz-apigw-id: YyJdWHdqoAMEW2Q=
content-length: 9358
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:08:38 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665d8921-7783ec24523a3aac3b711420;Parent=04999bbe44e07c3b;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787383a1db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: ljH3xZJt5VcwPWiTeq_chiy6OwVSuXjqy8JLrSyCM6qXx9QBXQZVdA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H2 200 donate-photo-a.png
assets.propublica.org/static/prod/v5/images/ 55 KB
55 KB 250ms
176ms Image
image/webp 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v5/images/donate-photo-a.png
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 017cc4a845c86c76aa87dd23e6105c4ea1554ff01617677defda7a29631ea073

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
cf-cache-status: HIT
x-amz-request-id: KT8WQP9JE9XPSY0T
cf-polished: origFmt=png, origSize=97209
content-disposition: inline; filename="donate-photo-a.webp"
alt-svc: h3=":443"; ma=86400
content-length: 56306
x-amz-id-2: O0sbc1B+qDJuipjFZ9N47MXM287FDOjpaUYlDXaWUrnL1ha2IWhV0Z08PRUJeIWpFT8OWuNh73w=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 19:05:58 GMT
server: cloudflare
etag: "a6a7bd61f873e433432b1902463c1271"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 890267875d8bbbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H2 200 medal_franklin_128.png
assets.propublica.org/static/prod/v4/images/ 43 KB
43 KB 259ms
187ms Image
image/png 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/medal_franklin_128.png
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6526d59e74abd6e7f4ed066c717f2879df1513d2cc21c9587feeccc790f25917

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
cf-cache-status: HIT
x-amz-request-id: XD80W3J4VDQ3H102
cf-polished: origSize=47303, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 44123
x-amz-id-2: i/3s+Fqx/YEGA7A1zmQg7Eej2pTDS4rWdHvSPku8VgwTFDG5zlNSU3C9aqvvlCl6Nwy9mBs0nNE=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 19:05:06 GMT
server: cloudflare
etag: "9abb0c80a53b1f9c11c0d743c5199651"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 890267875d8fbbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H2 200 events-promo.jpg
assets.propublica.org/static/prod/v5/images/ 24 KB
25 KB 256ms
184ms Image
image/webp 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v5/images/events-promo.jpg
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cdc41c84edf158e42c0aa0a79cd55895ae6bff5e569c51d2ce1cbd23d799eba

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
cf-cache-status: HIT
x-amz-request-id: 1VDK1ANGK79J0X7F
cf-polished: qual=85, origFmt=jpeg, origSize=70035
content-disposition: inline; filename="events-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 25070
x-amz-id-2: 1J8Skyi/YjuI1XFniSzTql499ULWmK/73N7cSWzbL7h9XN0YrKv+pVAlFHXh8Wr7NrgjLVR1gO4=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 19:05:58 GMT
server: cloudflare
etag: "fc39cc962c0c5fe9b76c97d2e339fd33"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 890267875d95bbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H2 200 promo-data-store.gif
assets.propublica.org/static/prod/v4/images/ 16 KB
16 KB 267ms
196ms Image
image/webp 2606:4700::6810:fb33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.propublica.org/static/prod/v4/images/promo-data-store.gif
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:fb33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcf859e8cb71b170b4f1165be584c99e31b20141200d121e7bde2ab9258bc8dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
cf-cache-status: HIT
x-amz-request-id: J1KBDPJVC1MVYNEX
cf-polished: origFmt=gif, origSize=30773
content-disposition: inline; filename="promo-data-store.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15906
x-amz-id-2: D6wu/Un3DHXHbLAZF4n5BCe4XgQApEW458r1pTti0gfWwHnwGiWqm8M2f+mKsvVti2qFPAxbbww=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 04 Jun 2024 19:05:06 GMT
server: cloudflare
etag: "9bbe69bb4150c94d2e769a70d765ca01"
vary: Accept
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 890267875d9cbbf5-FRA
expires: Sat, 08 Jun 2024 17:36:26 GMT

GET
H3 200 20240514-matt-rota-unhoused-engagement-still-life-1x1_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 15 KB
16 KB 3700ms
3219ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/20240514-matt-rota-unhoused-engagement-still-life-1x1_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65cf2e3196c478761d65a2a48de4e6dbbe7aa2fadb4b4338dbfa8b981c799ac2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: HIT
x-amz-request-id: E4AY68AJHTF1VMM7
age: 42818
cf-polished: qual=85, origFmt=jpeg, origSize=20760
content-disposition: inline; filename="20240514-matt-rota-unhoused-engagement-still-life-1x1_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.webp"
alt-svc: h3=":443"; ma=86400
content-length: 15796
x-amz-id-2: OQL0HN7yRaf31rYgLVdlMGHl8Xu0bQL+jClJ4DnBvlNIQ1D7RuIwQADspuactxaTKGAd6CUDtDY=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 May 2024 09:06:21 GMT
server: cloudflare
etag: "0a96b0c84a9708dbeece720a12745acc"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8902679d0f179299-FRA
expires: Fri, 07 Jun 2024 18:06:30 GMT

GET
H3 200 20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 28 KB
29 KB 3664ms
3191ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bb09ef9a505ea83f231c82ab639a34ff5d28d06f1d0e689587fbe859ca5aea0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: HIT
x-amz-request-id: 1AQA1VMD1HXXE16D
age: 11347
cf-polished: qual=85, origFmt=jpeg, origSize=33346
content-disposition: inline; filename="20240514-schools-callout-1x1_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.webp"
alt-svc: h3=":443"; ma=86400
content-length: 28692
x-amz-id-2: SbtagCovNKbBvDTblA7vSdJWcihXqmjDON88QLOGD8LZWAXvm8MBfGlf3KGl6YnOjgFay6C0B6s=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 May 2024 10:11:00 GMT
server: cloudflare
etag: "314322446b31216b063611513fc941cf"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8902679d0f159299-FRA
expires: Fri, 07 Jun 2024 18:06:30 GMT

GET
H3 200 20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
assets-c3.propublica.org/images/getInvolved/_oneOne300w/ 6 KB
7 KB 3895ms
3421ms Image
image/webp 104.16.251.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-c3.propublica.org/images/getInvolved/_oneOne300w/20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.251.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae9ac7bec5b01562a7bc2ea4e5ee605071f052ca69b8485140d4fb288bd0017b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
cf-cache-status: HIT
x-amz-request-id: JAA53BK49GAHN09Q
age: 46805
cf-polished: qual=85, origFmt=jpeg, origSize=13974
content-disposition: inline; filename="20240227-mental-health-callout-square_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.webp"
alt-svc: h3=":443"; ma=86400
content-length: 6146
x-amz-id-2: 8mhJFPmcPFs0OCJPTb9oIfG1EQ5BMrm2G/8zA7Ni4Qgi4CHfNWgC6ieUTulR+sYbe3XL8Fy0Vys=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 28 Feb 2024 11:01:22 GMT
server: cloudflare
etag: "06cc0ccafc24f69c899d1d7bc5598f95"
vary: Accept
content-type: image/webp
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8902679de8189299-FRA
expires: Fri, 07 Jun 2024 18:06:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
87 KB 3713ms
3250ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d681d1c69ab0e86cbb50731d0252dde6238163c90686cbf087c6be35218ad680

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88936
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 17:02:48 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jun 2024 17:36:30 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 103 KB
34 KB 4028ms
3566ms Script
application/javascript 18.66.112.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-95.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:33:44 GMT
content-encoding: gzip
via: 1.1 f952757fdddf3c9caa357164f2d464d8.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 16:53:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 167
x-amz-server-side-encryption: AES256
etag: W/"0a63286546fdaeb63f5762369bd1c4ff"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: -Jo1H2cpFnIP9AYLTb_ySl0zlxZAzpe1HIBlk9bdmPCYJol6kuDiNw==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/propublica.org/ 57 KB
21 KB 3789ms
3328ms Script
application/javascript 3.161.77.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/propublica.org/p.js
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.77.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-77-50.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: d3884bc713cb5a627601c698c23e35773a26df0834336c1ec44dc99850405bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: public
date: Fri, 07 Jun 2024 05:38:37 GMT
content-encoding: gzip
via: 1.1 ecc31e9f7b98bdd8a55967baa6e36ad8.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 21:08:48 GMT
server: nginx
x-amz-cf-pop: FRA56-P10
age: 43200
etag: W/"633b4f60-e288"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: uMbOy5yxuf9-UWufTgUlYqSqqdnzbDcD-3TV_WtLwJZ5cubxeCsc9A==
expires: Sat, 08 Jun 2024 05:36:30 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
993 B 3606ms
3155ms Script
text/javascript 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

26f22ee58a9441e209c80aecddef6e32886f83cd4a8f6c435b54fdb870e76faf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 07 Jun 2024 17:36:30 GMT

GET
H2 200 hotjar-3261149.js Show response
static.hotjar.com/c/ 9 KB
4 KB 3811ms
3351ms Script
application/javascript 18.66.102.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3261149.js?sv=6

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-53.fra56.r.cloudfront.net

Software

Resource Hash

70183802d2b94f83640d37134877f053ef87ee3c4efa14348b4475b20085dec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 07 Jun 2024 17:36:30 GMT
via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/a32e6fa65fd8f84fb3087b517de881a6
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: qt1AaAeL9BXCy0zlSt0SsYeWt6-WD9UnC7Q8tu4u9_58P1vIyq_iSw==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/propublica.org/ 431 KB
122 KB 4197ms
3738ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/propublica.org/htlbid.js
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15b3250e261e253f6cacc83c50f3560eeadc2141126959cd0ead4168194e07fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:31 GMT
content-encoding: br
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2024 16:55:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"60af01bf29b3b3668a9d07df11f69b90"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: d64FLvbRrCc5EwDQXWfa5htfj_2e0iMD-HHON3kmwqtsTnz302iJcw==

GET
H3 200 20240208-Maney-Flint-046_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95_2024-05-28-154600_xvqc.jpg
img.assets-d.propublica.org/v5/images/ 62 KB
62 KB 3616ms
3614ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/20240208-Maney-Flint-046_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95_2024-05-28-154600_xvqc.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.6969&fp-y=0.4913&h=533&q=75&w=800&s=342165e25e0e8f873ff341924a1d3443
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e2a241a79063f9f27922362608171fce8b37105a9b007eab5711055c033f427

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 45e3ccd889272a7e8732f0eda13e87ca.cloudfront.net (CloudFront), 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 34d386ca-cc7b-4c76-9938-a8538066b656
x-cache: Hit from cloudfront
x-amz-apigw-id: Y8BpvGIjoAMEYlw=
content-length: 63016
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:32:35 GMT
server: cloudflare
x-amzn-trace-id: Root=1-66617ca4-328704694c8137cf5e74300b;Parent=7b9baff8e8f86317;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9331db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: jcc61aVJtaj1PV1VvjArYQ83NREvuUz6nDkYlzs2owHRWAyp3bbcaw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Propublica-Homeschooling-SA_3000_2000_Final_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 14 KB
15 KB 3661ms
3657ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Propublica-Homeschooling-SA_3000_2000_Final_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=267&q=75&w=400&s=9619cae06d8bf67118bb2f2dfd0dc9a7
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a8570775336487925cc7db165a4299cb6845d4e3828fa6a24502209d61b8940

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront), 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: f1efd62b-b6de-41a9-ad05-b860938b6378
x-cache: Hit from cloudfront
x-amz-apigw-id: Y5LQwF-_IAMEcnQ=
content-length: 14680
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:30:01 GMT
server: cloudflare
x-amzn-trace-id: Root=1-666058d1-5615fac169c4d1f120033b3d;Parent=6d4aed90cbdf6b18;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9381db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: YQggY0A0BSjs__e8EEhbZEl8NQDuEIde_uIEwi7HoWiwghDqngQICA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Trial-Lessons-Lead_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
3 KB 3685ms
3681ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Trial-Lessons-Lead_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=6e1846b2a119a9bd915101f791e7610b
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2724af5e2670837e9a4530f9a940815ce1fdf217f3de0b031ea5280f90227947

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 d9636724d333576f23b5fcfb40d7830c.cloudfront.net (CloudFront), 1.1 ffd739e424742a0d36c9fcc27b48bb7c.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, MRS52-C2
x-amzn-requestid: 98737e2b-6815-4688-a0a1-3bb49d77edb5
x-cache: Hit from cloudfront
x-amz-apigw-id: Y5nLdGXHIAMESzg=
content-length: 2582
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 13:11:09 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6660857c-3817e70b45188d3e1b430a07;Parent=1f4ddf9411a9e141;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9391db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: pMQQQSil1p3MoolIg_yuOIfyJC_U8OHZdzHC2U1Llhzjs5W5WyvuuA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 AP23256700072750_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
4 KB 3687ms
3683ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/AP23256700072750_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=27f532fa3ee786f70c9a63d557222382
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc2f18c477ebec116c98a4a7fbc29fadceb71f2ed12e18b059ce3ec49d90b2c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 3e79abe3bfc4a431738eb9199cb216f6.cloudfront.net (CloudFront), 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 0dedc59b-3e48-4b2e-bbde-bb3b8e219c6a
x-cache: Hit from cloudfront
x-amz-apigw-id: Y2MspGmdoAMEdEw=
content-length: 3004
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:10:31 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665f27ea-592a0e81763af25e3febb9bd;Parent=1b70802518ec00eb;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c93d1db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: 4LcIxC6yV8NCaj8viDcqlgexYrTqA0u307-CYyO-J5P-uXsjbk2-sA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
3 KB 3687ms
3683ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Audit-Lead-2_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=002881dfeef3baefbc1cad522281c232
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fdce9254e4a6e29820bf43706d19c5e5b54aa6323f1fae055a0ad707bda5ed65

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 ccd3e547bd5d86bbfbaca15b4307ce70.cloudfront.net (CloudFront), 1.1 f6b9514ab9239076a9af0bb69d273eb8.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, AMS58-P2
x-amzn-requestid: 6c15c4bc-e82c-45bf-bdbc-bae5adcab1be
x-cache: Hit from cloudfront
x-amz-apigw-id: Yy9SBFqmoAMEkew=
content-length: 2782
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:34:07 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665ddc0c-74e18e4b1e1cac1701c45300;Parent=769c10991890e2c7;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9421db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: vsNbaZi5wBzxc7y9qJXMHlSRB5SAnbRT1aUjmdo2GgcM3yCrfTE-EA==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 GettyImages-1431398148.jpg
img.assets-d.propublica.org/v5/images/ 1 KB
2 KB 3687ms
3684ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/GettyImages-1431398148.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=069811ddfb32289bda6f6604a3e291a3
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dc1def573f78b2cdee373e194ad740ca685e4a06d2c9d803f80e3fd914a5f14

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:27 GMT
via: 1.1 32803d0ba3af70cddd7db80d2fd00608.cloudfront.net (CloudFront), 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA60-P9, AMS58-P2
x-amzn-requestid: 8ac6604d-d8e0-482c-9601-eb52acc71305
x-cache: Miss from cloudfront
x-amz-apigw-id: ZAe8QGsHoAMEUlQ=
content-length: 1212
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:36:27 GMT
server: cloudflare
x-amzn-trace-id: Root=1-6663451a-39efee836618ce2d17ed6b25;Parent=5ab5e6566d3340c9;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9431db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: kblla-P2jHbt_bFarE55NtDaUl0Abw8aW-wjPcfl83FbGT3Vy_zIjg==
expires: Sat, 07 Jun 2025 17:36:27 GMT

GET
H3 200 Price-Kids-Pay-Rockford_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
4 KB 3687ms
3685ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Price-Kids-Pay-Rockford_maxWidth_3000_maxHeight_3000_ppi_72_quality_95_embedColorProfile_true.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.4971&fp-y=0.3719&h=105&q=75&w=105&s=bcea2ac42c490e320e6dd72efb9df48c
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ece44074aeb95ae7a13a811e75f76120b464fb2cd7983f78eed80bf30a6811

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 f8e909d80b83cb9eeaf200975944eb56.cloudfront.net (CloudFront), 1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: c2719686-d1c6-4476-b501-d6472144e1b3
x-cache: Hit from cloudfront
x-amz-apigw-id: Y3SCtGIsoAMESUQ=
content-length: 3066
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:10:31 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665f96dd-422235ef551620a000c11521;Parent=4adf5508fe83cbde;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9461db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: XsOB7hJ_QZCFTk6r0xw1U5uDWs6sqonQkhsY_3Mrx5G6-c5KVO0erw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Trump-Witnesses-Promo.jpg
img.assets-d.propublica.org/v5/images/ 2 KB
3 KB 3688ms
3686ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Trump-Witnesses-Promo.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=60bc0b2479b2098d3ae946d069fcd27c
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b49cd8e9b6248bb64ba2bd0ee41907b80e3ca57b95a7b2be48bca5f63f11ce6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 2ad26f5878b778b17955978bf962dc9a.cloudfront.net (CloudFront), 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 5961a8e1-69e9-4ba3-aad1-0989f12c5e47
x-cache: Hit from cloudfront
x-amz-apigw-id: Y2nGAG7PoAMEjKg=
content-length: 2092
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 17:10:31 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665f5226-5beaf8dd6679234679781d97;Parent=5e2d9e6ef71b2aff;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9481db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Bs590FZn8GdqHF0ONoefpbKjPZSnMLbW3qfpTSzOFeMPh1Xa9QXwzw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H3 200 Propublica-Rodriguez-opener-FINAL_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg
img.assets-d.propublica.org/v5/images/ 3 KB
4 KB 3697ms
3695ms Image
image/webp 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.assets-d.propublica.org/v5/images/Propublica-Rodriguez-opener-FINAL_preview_maxWidth_3000_maxHeight_3000_ppi_72_embedColorProfile_true_quality_95.jpg?crop=focalpoint&fit=crop&fm=webp&fp-x=0.5&fp-y=0.5&h=105&q=75&w=105&s=146115a5bdefd4d4d9e8df53faab2e00
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a313491bb82c904bfc7586eccad2092163da7f21d5d1bd13527a02c734a1c0d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:26 GMT
via: 1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront), 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
cf-cache-status: EXPIRED
x-amz-cf-pop: FRA60-P9, FRA60-P4
x-amzn-requestid: 573618c1-97a5-4645-b0f5-f39851e68d4d
x-cache: Hit from cloudfront
x-amz-apigw-id: YyL6dF_IIAMECLg=
content-length: 3368
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Jun 2024 16:45:02 GMT
server: cloudflare
x-amzn-trace-id: Root=1-665d8d0f-3c677b66101369ab2f80cdfe;Parent=11d759ae5ddd1917;Sampled=0;lineage=d08fc70a:0
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
cache-control: public, max-age=31536000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89026787c9491db3-FRA
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: QslkZ7hAtSJSdwCNdwmpl6YOimH4wiUGW6tg1hVEF42QjvSD3kWIYw==
expires: Sat, 07 Jun 2025 17:36:26 GMT

GET
H2 200 recaptcha__nl.js Show response
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 513 KB
205 KB 295ms
52ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__nl.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=grecaptchaLoaded&render=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00081152dca71a1fbf11bb8b3087fc18e2a3569db47b8fa161651a5c56606458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Origin: https://admin3us.mypanel2.ir
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209088
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jun 2025 09:47:31 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 700ms
45ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1717781790572&plid=c564c6b6-20bf-4ab4-8b48-1e051a2edb91&idsite=propublica.org&url=https%3A%2F%2Fadmin3us.mypanel2.ir%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fadmin3us.mypanel2.ir%2F&sref=&sts=1717781790554&slts=0&title=ProPublica+%E2%80%94+Investigative+Journalism+and+News+in+the+Public+Interest&date=Fri+Jun+07+2024+19%3A36%3A30+GMT%2B0200+(Midden-Europese+zomertijd)&action=pageview&pvid=50c48de5-da54-4d7b-a824-0db40324d830&u=pid%3D557f7ce2-04dd-4410-82bd-bb38bbdf1adf
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 17:36:31 GMT
Cache-Control: no-cache
Last-Modified: Friday, 07-Jun-2024 17:36:31 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 modules.349061f2d87d84c4c336.js Show response
script.hotjar.com/ 222 KB
55 KB 890ms
0ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.349061f2d87d84c4c336.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3261149.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 05 Jun 2024 11:43:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 194004
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56093
last-modified: Wed, 05 Jun 2024 11:42:10 GMT
etag: "4aa8ac29ac41e30cfd27b0bfd1a19aca"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: ACrnTYa1PZIvAiqLUrhm0SzwecC1bT_QjkfZYgGsq_VV2VeLyvGA-g==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 313 KB
104 KB 456ms
0ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0bcdc0094df6d517efd288e7ba57f9ab17d89c5114441b2c3c6120619f20d170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 106687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jun 2024 17:36:31 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 751ms
0ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jun 2024 16:46:48 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2983
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 07 Jun 2024 18:46:48 GMT

GET
H3 200 ta.js Show response
static.trueanthem.com/scripts/ 731 B
1 KB 627ms
230ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8BNLGX

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 682
x-guploader-uploadid: ABPtcPpItgc2I0DsJO_7GYE6oUn-6YlLfjLFNN00iaFhkSf3B80tsH9uk6_A4DMuH5tJi3FTgKRkziQYFw
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:23 GMT
server: cloudflare
etag: W/"2d510096ac78a0ff3a40edae5d9c0c92"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=cFyq6Q==, md5=LVEAlqx4oP86QO2uXZwMkg==
x-goog-generation: 1680495923461532
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nRMl40Zf2hNMSMexkws1ttNCp6gM3CSDcggl52KVGa3mdYoZcVyCIQhnw0bExBG8u79%2FD4OsaYt%2BIQMHtaQcPeBbR9l6y8xEEQnkdRoXAP5Ha0j0Vq6KFrJ7rdjfSYoyv%2FUBlaEKRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 731
cf-ray: 890267a538213624-FRA
expires: Fri, 07 Jun 2024 17:25:28 GMT

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
498 B 145ms
96ms Fetch
application/json 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash: 4b825deccdd4ac23d6e1616f3456587b4a6dd38509023032c1341887f4195aeb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-lib-version: v1.0.1
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
authorization: Bearer c1d320b4976cc13366759531bf948c3a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://admin3us.mypanel2.ir/
x-referring-url: https://admin3us.mypanel2.ir/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:32 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 197
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 1274ms
0ms Preflight
text/plain 75.2.40.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: aa7557bb34ea5624b.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://admin3us.mypanel2.ir
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://admin3us.mypanel2.ir
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Fri, 07 Jun 2024 17:36:32 GMT

GET
H3 200 ta.c34341.js Show response
static.trueanthem.com/scripts/ 27 KB
11 KB 201ms
151ms Script
text/javascript 172.67.72.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.trueanthem.com/scripts/ta.c34341.js

Requested by

Host: static.trueanthem.com
URL: https://static.trueanthem.com/scripts/ta.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.72.135 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:31 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3066
x-guploader-uploadid: ABPtcPoS1J3q10pz_lYMntsdjV9tnAU1qUWsUBXlJXFCirUN1hUsu1kyF_wTSn_3HIfzs0E77jo
x-goog-storage-class: STANDARD
content-encoding: br
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 04:25:20 GMT
server: cloudflare
etag: W/"28b2dbdb03f096998a381f6126ddac4c"
vary: Origin, Accept-Encoding
x-goog-hash: crc32c=rvRlhw==, md5=KLLb2wPwlpmKOB9hJt2sTA==
x-goog-generation: 1680495920536276
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8XLr5ShUMhLC1TFT9tmfZJMAwiwN350QFF7YyNJu%2FcuKGF249gx0smuYVBMZHYMJvIEIdWvRUFcLl3cC84pJ4a4tl7VrkpLZj18emJSlyIZ%2BFkYoZFI%2Bk9i2vHgPr9oG5L6hgkYmqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=86400
x-goog-stored-content-length: 27234
cf-ray: 890267a79bb53624-FRA
expires: Fri, 07 Jun 2024 17:45:25 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 95 KB
30 KB 432ms
202ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/v3/propublica.org/htlbid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

b3db689f691c428cc641d7a3f394268feb8d52bd569d96fbfba45031aeea90ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30752
x-xss-protection: 0
server: cafe
etag: 104 / 19881 / 31084294 / config-hash: 15736159749916180681
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jun 2024 17:36:32 GMT

GET
H2 200 30787d05-7895-471e-9cdf-d931d7b5ea5d Show response
config.aps.amazon-adsystem.com/configs/ 563 B
831 B 539ms
26ms Script
application/javascript 18.245.31.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/30787d05-7895-471e-9cdf-d931d7b5ea5d
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/propublica.org/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-92.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 6c8acb101200ab16ec74d03716d50c30777f398a13e4ed8dfa116bddc433ca76

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 16:47:48 GMT
via: 1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P8
age: 2924
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 17-YXZKtcf9fXrHDInqI9GCXTWj5y0mUgje_qo23WEg_4MASnoXWsA==

GET
H2 200 publisher.js Show response
client.aps.amazon-adsystem.com/ 279 KB
64 KB 528ms
17ms Script
application/javascript 13.32.121.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client.aps.amazon-adsystem.com/publisher.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/propublica.org/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-46.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d65890e932dbee493d40d7b3c7ee4145362e4d0752545d29363b24c986018fe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 16:36:53 GMT
content-encoding: br
via: 1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
last-modified: Tue, 28 May 2024 21:31:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
age: 3580
x-amz-server-side-encryption: AES256
etag: W/"99d59eb8874bacebc8c8bae68ac0fd6d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: FS9JwujubAut_gVvzS8Ynw8EJfsZo75Ul1v8VFQz8Xh0gQII1wBCvg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 231ms
0ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=289169011&t=pageview&_s=1&dl=https%3A%2F%2Fadmin3us.mypanel2.ir%2F&ul=nl-nl&de=UTF-8&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=36227104&gjid=1700046572&cid=946287618.1717781792&tid=UA-3742720-1&_gid=284321738.1717781792&_r=1&_slc=1&gtm=45He4650n81K8BNLGXv9102051180za200&cd1=Item&cd2=&cd3=&cd4=&cd5=October%2031%2C%202019%2013%3A02%3A00&cd6=&cd7=&cd8=Homepage&cd9=&cd10=&cd11=45&cd12=&cd13=&cd14=&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=85000470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin3us.mypanel2.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 346ms
0ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K9RW8M6GL5&gtm=45je4650v874879369z89102051180za200zb9102051180&_p=1717781786712&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=946287618.1717781792&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1717781792&sct=1&seg=0&dl=https%3A%2F%2Fadmin3us.mypanel2.ir%2F&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&en=page_view&_fv=1&_ss=1&ep.contentType=Item&ep.authorName=&ep.seriesName=&ep.publicationDate=October%2031%2C%202019%2013%3A02%3A00&ep.contentRegion=&ep.articleTopic=&ep.articleTitle=Homepage&ep.contentLanguage=en&ep.craftId=45&ep.articleVersion=&ep.contentLocation=&ep.storyType=&ep.impact=false&ep.pageType=&tfd=7188
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin3us.mypanel2.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 340ms
0ms Ping
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-K9RW8M6GL5&cid=946287618.1717781792&gtm=45je4650v874879369z89102051180za200zb9102051180&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin3us.mypanel2.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
408 B 326ms
33ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-K9RW8M6GL5&cid=946287618.1717781792&gtm=45je4650v874879369z89102051180za200zb9102051180&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1227817136

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame F7EE 0
0 294ms
92ms Document
text/html 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdI1rAUAAAAACI0GsFv-yRpC0tPF5ECiIMDUz2x&co=aHR0cHM6Ly9hZG1pbjN1cy5teXBhbmVsMi5pcjo0NDM.&hl=nl&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=fyukhft6958w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__nl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1fera4Hv4nJ349APpTw99w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://admin3us.mypanel2.ir/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-1fera4Hv4nJ349APpTw99w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jun 2024 17:36:33 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
152 B 71ms
29ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-3742720-1&cid=946287618.1717781792&jid=36227104&gjid=1700046572&_gid=284321738.1717781792&npa=1&_u=YEBAAEAAAAAAACAAI~&z=344786408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Jun 2024 17:36:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin3us.mypanel2.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/ 462 KB
144 KB 211ms
104ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406030101/pubads_impl.js?cb=31084294

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 18:15:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84036
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147669
x-xss-protection: 0
server: cafe
etag: 6369709055313800849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Jun 2025 18:15:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 74 B
85 B 251ms
96ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=admin3us.mypanel2.ir

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

cbe037d4b802fdf8964db09a50e1d6c76e0ead039bfcc75e11e3226c4c08aa86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61
x-xss-protection: 0
expires: Fri, 07 Jun 2024 17:36:33 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 185ms
130ms Image
image/gif 142.250.74.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3742720-1&cid=946287618.1717781792&jid=36227104&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1407746628

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.nl/ads/ 42 B
108 B 179ms
0ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-3742720-1&cid=946287618.1717781792&jid=36227104&npa=1&_u=YEBAAEAAAAAAACAAI~&z=1407746628

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 693ms
410ms XHR
application/javascript 108.138.6.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: client.aps.amazon-adsystem.com
URL: https://client.aps.amazon-adsystem.com/publisher.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.6.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-6-136.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:34 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 c3fc8d1fb362a6655af993732c376dc4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: nipn5LF9csZdcTn9znPJDTcjtvU7tklqauYc7Gjs_IyjyBncFtPEQA==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 526ms
116ms Image
image/png 52.216.212.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=dd5659ffad64
Requested by: Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.216.212.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 07 Jun 2024 17:36:34 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: 5JS4S719835R3Y9V
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: fx7oDop82/nGpcTj8miEDVoUt5u3Gto4nJIJueSz3da0diHdWsxdtsH4ts9GSrBEhjaSRHMwJNY=

GET modal-default.json
www.propublica.org//api_components/ 0
0

GET
H2 200 loader.js Show response
platform.iteratehq.com/ 397 B
934 B 170ms
37ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/loader.js

Requested by

Host: admin3us.mypanel2.ir
URL: https://admin3us.mypanel2.ir/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bac97e1f89216b2ab3f914299513c8797b6ecb0a734f7832170b26364ca5d5fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:34 GMT
x-amz-version-id: iVGaWeIq6WuXZU4oQxp4exE7rTogSCVD
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: SZX8NJA556ZHWKJS
age: 223
x-amz-server-side-encryption: AES256
x-amz-id-2: h8t1ndBzbdwdTnCAARNVcCO+1onMIptmsWudUBB8b31tZhnOHA3NPt9X78wKo74X92uiv8EtrMg=
last-modified: Fri, 31 May 2024 20:05:08 GMT
server: cloudflare
etag: W/"288f2c6417a39705ebe834ed8caa286f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hSmv8MIRwoDAs2Yag7fFHfKnF3ytoasWBdboJPFo2YxIpFXVeKOAD7AH%2FwRs4AXFNSU5lOY4%2FAhvsM1FVEjp16ttSS07qKH4%2B5KwF6%2F0Uh8Qxb5uZmtJfjMR8vdF4SuzAXtR9AQCw9%2FrTMPyJTsQFpRzzBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 890267b93eea9f2d-FRA

GET
H3 200 icon.min.svg
assets.propublica.org/static/prod/v5/images/ 760 B
830 B 192ms
190ms Other
image/svg+xml 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/images/icon.min.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38612cda05ab573cee15c92de7d79ba05e20826b5556105bbe2bae7115336249

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 May 2024 17:04:14 GMT
server: cloudflare
x-amz-request-id: TMNSX2QNS7XGJ1Q4
etag: W/"0e3cc0ffcf4d11a7c12de2484b21cae8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 890267b899d93a8c-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: kqE5AgHrgqr1/Q0UcOHgD/l9Lhh98w+W36u38RZ0PEwrZUik3xLBZRqMzJKbYKwDZR7SUNjVnBo=
expires: Sat, 08 Jun 2024 17:36:34 GMT

GET
H2 200 match-prod-53358fcc92d9f84bc836.js Show response
platform.iteratehq.com/ 75 KB
26 KB 87ms
65ms Script
application/javascript 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.iteratehq.com/match-prod-53358fcc92d9f84bc836.js

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63cd88caf63629b62be0039fda4b30286b973828edcd7ca4a5ce3d5de400a5fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:34 GMT
x-amz-version-id: tYVHlO5U1mh5KOJt.jp8B488hTLK1wKW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0; includeSubDomains
x-amz-request-id: 3NSCEAK77EP0JV10
age: 595657
x-amz-server-side-encryption: AES256
x-amz-id-2: sxMO7ToA/nbujdXcI9nbVhgCPuSZxvkSMnHmV9Q29xeaMhKseLtPsNdT0wpfbsw6H68SrdrVrw0=
last-modified: Fri, 31 May 2024 20:05:07 GMT
server: cloudflare
etag: W/"f700bed73524e462acb9d44447f2f9c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P0eNfm9Qnt9UCqhxYRywNHJBBK1f425neQ7GLrts3xOiClkTmscxvbmB2xOmUVocnxunJBGy1K3rrzRBydiiNsfSJAvWOjecVA6kaIsamwiiIcrdV6IAGyAEKuJhTK9kSUMKrKRQExMJGC54HjKh7u7shzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 890267b99f8b9f2d-FRA

GET
H3 200 favicon.ico
assets.propublica.org/static/prod/v5/images/ 25 KB
9 KB 160ms
157ms Other
image/x-icon 104.16.252.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.propublica.org/static/prod/v5/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.16.252.51 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8796e78a474cc95aff438ec3edbd53b8f73f2070908071d0bf3ff52dfad467e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 May 2024 20:21:39 GMT
server: cloudflare
x-amz-request-id: P0NMVZXDAEDXTFNN
age: 11
etag: W/"7618a5468d045023863395f178884d55"
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=86400
cf-ray: 890267ba5cf73a8c-FRA
alt-svc: h3=":443"; ma=86400
x-amz-id-2: BmOIx6P6kI1BLU5WI8koLTbfSWpxIn+5ZiYct9nIdEpqnKmWh00CEaXKzFVxFS4p7cXgDJlkIWs=
expires: Sat, 08 Jun 2024 17:36:34 GMT

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 298 B
566 B 186ms
105ms Fetch
application/json 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-53358fcc92d9f84bc836.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e2c0ae83ae942c2586a3ccf76d0712cc72cd8eff3e17610ac62cc79653a4f95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNjYwMTQzMzI1fQ.HJYYZWnRLo7nKQHPteT9eeNeXePWXpYAyhaNyFAES-Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://admin3us.mypanel2.ir/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a3Z8WSruv%2BTqLzPAUn8ErYTgVOVWQiMH%2B%2B6r9pTrwzgmXsAodKfONWebitZ7ejLtoarmjjfsQDaiY54frHYh7AYwpS%2FW4JBqb5pH0HkjKq7XwyLN%2FmINtJPD2SfyaEbesMPwVzA3stJzG5I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 890267be1d716ae2-FRA

OPTIONS
H2 200 embed
iteratehq.com/api/v1/surveys/ Frame 0
0 410ms
200ms Preflight 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://admin3us.mypanel2.ir
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-ray: 890267bc4aa36ae2-FRA
content-length: 0
date: Fri, 07 Jun 2024 17:36:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3cgCds1cnaeFdmAe0OLiDTmUy5aDQGhxP9XwxurO1YDvNr8OXLoARmWdB7gIWjcszJzRw1EJDxc3sD16LiRUpfpGTYE8TdQl7V1z53nouM2tPIY%2BpFDRYp7SYkfvoGR3jrx3pcMJxOmAoLI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 embed Show response
iteratehq.com/api/v1/surveys/ 52 B
348 B 259ms
131ms Fetch
application/json 2606:4700:20::ac43:479c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://iteratehq.com/api/v1/surveys/embed

Requested by

Host: platform.iteratehq.com
URL: https://platform.iteratehq.com/match-prod-53358fcc92d9f84bc836.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:479c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7204f38b8072da7848ea2ae2a119611f459adf8d907aed955fc35be25983993

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjYzNDUyM2Q3Y2YxYzAwMDEyNWRjZTMiLCJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNzE3NzgxNzk1fQ.yIO0DhdSwBM1AVmfsoAa2Zpl0i_XFGD6wo_jlhK4QUI
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://admin3us.mypanel2.ir/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:36:35 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6ElJGmnTR7DvL%2Bm%2FMrVAsbPJ3txGRRwheizHFYWXbXWkLUTFfzE%2BctAiwVjTWcsD5FblJ60awkiG1pQV%2Br2Rg6VUMNIhUIJqUOTJ2WHm0CoG7BI1l91orj16miOIP9X3NktTXarCuyATiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 890267bfefea6ae2-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
46 B 40ms
7ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-K9RW8M6GL5&gtm=45je4650v874879369z89102051180za200zb9102051180&_p=1717781786712&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=946287618.1717781792&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1717781792&sct=1&seg=0&dl=https%3A%2F%2Fadmin3us.mypanel2.ir%2F&dt=ProPublica%20%E2%80%94%20Investigative%20Journalism%20and%20News%20in%20the%20Public%20Interest&_s=2&tfd=12205
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K9RW8M6GL5&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://admin3us.mypanel2.ir/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Jun 2024 17:36:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://admin3us.mypanel2.ir
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.propublica.org
URL: https://www.propublica.org//api_components/modal-default.json

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
admin3us.mypanel2.ir/	1969-12-31 23:59:59	Name: Value: test
.mypanel2.ir/	1970-01-20 21:09:43	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://admin3us.mypanel2.ir/%22%2C%22sref%22:%22%22%2C%22sts%22:1717781790554%2C%22slts%22:0}
.mypanel2.ir/	1970-01-21 06:39:05	Name: _parsely_visitor Value: {%22id%22:%22pid=557f7ce2-04dd-4410-82bd-bb38bbdf1adf%22%2C%22session_count%22:1%2C%22last_session_ts%22:1717781790554}
.propublica.org/	1969-12-31 23:59:59	Name: _cfuvid Value: PKdZYrtH8WRItrjUpoRAJ.P5vMGL2QKTWy1nzl8y7nQ-1717781790435-0.0.1.1-604800000
admin3us.mypanel2.ir/	1970-01-20 21:09:43	Name: sailthru_pageviews Value: 1
.mypanel2.ir/	1970-01-20 21:11:08	Name: _gid Value: GA1.2.284321738.1717781792
.mypanel2.ir/	1970-01-20 21:09:41	Name: _gat_UA-3742720-1 Value: 1
.mypanel2.ir/	1970-01-21 06:45:41	Name: _ga Value: GA1.1.946287618.1717781792
.mypanel2.ir/	1970-01-21 05:55:17	Name: _hjSessionUser_3261149 Value: eyJpZCI6IjhhZDNlYmFkLWMxMDYtNTUwYi1iMjdiLTVjNGY4M2FmYzA1YiIsImNyZWF0ZWQiOjE3MTc3ODE3OTI3NDcsImV4aXN0aW5nIjp0cnVlfQ==
.mypanel2.ir/	1970-01-20 21:09:43	Name: _hjSession_3261149 Value: eyJpZCI6IjUxNDEzM2MwLTVlMzQtNDZiYy04Y2E4LTlhZjlkZjQxMzRkMyIsImMiOjE3MTc3ODE3OTI3NjAsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
admin3us.mypanel2.ir/	1970-01-21 05:55:17	Name: sailthru_content Value: 6fc1eb4c786110897e55cbf6059452c6
admin3us.mypanel2.ir/	1970-01-21 05:55:17	Name: sailthru_visitor Value: 50870652-ff3d-4510-bd79-f93bad9ea3f3
.mypanel2.ir/	1970-01-21 06:45:41	Name: _ga_K9RW8M6GL5 Value: GS1.1.1717781792.1.0.1717781795.57.0.0
.mypanel2.ir/	1970-01-21 06:45:41	Name: iter_id Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhaWQiOiI2NjYzNDUyM2Q3Y2YxYzAwMDEyNWRjZTMiLCJjb21wYW55X2lkIjoiNjJmM2M2ZGNjYmVhNDQwMDAxNDZmMjRjIiwiaWF0IjoxNzE3NzgxNzk1fQ.yIO0DhdSwBM1AVmfsoAa2Zpl0i_XFGD6wo_jlhK4QUI

54 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://admin3us.mypanel2.ir/ Message: Access to fetch at 'https://www.propublica.org//api_components/modal-default.json' from origin 'https://admin3us.mypanel2.ir' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://www.propublica.org//api_components/modal-default.json Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://admin3us.mypanel2.ir/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin3us.mypanel2.ir
ak.sail-horizon.com
ams-pageview-public.s3.amazonaws.com
api.sail-personalize.com
assets-c3.propublica.org
assets.propublica.org
c.amazon-adsystem.com
cdn-4.convertexperiments.com
cdn.parsely.com
client.aps.amazon-adsystem.com
config.aps.amazon-adsystem.com
htlbid.com
img.assets-d.propublica.org
iteratehq.com
p1.parsely.com
platform.iteratehq.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.hotjar.com
static.trueanthem.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.gstatic.com
www.propublica.org
www.propublica.org
104.16.251.51
104.16.252.51
108.138.6.136
13.32.121.46
13.32.27.39
13.32.27.54
142.250.74.196
172.67.72.135
18.245.31.92
18.66.102.53
18.66.112.95
188.114.97.3
2001:4860:4802:32::36
2001:4860:4802:38::178
216.58.212.162
2606:4700:20::ac43:479c
2606:4700::6810:fb33
2a00:1450:4001:806::2003
2a00:1450:4001:810::2003
2a00:1450:4001:810::2008
2a00:1450:400c:c04::9b
2a02:26f0:ab00:39e::14a9
3.161.77.50
52.17.99.225
52.216.212.121
75.2.40.13
00081152dca71a1fbf11bb8b3087fc18e2a3569db47b8fa161651a5c56606458
00ae2a479a40471a2ee0aafc4e7dafba5123f2b219d91563d52b56853a3bea13
017cc4a845c86c76aa87dd23e6105c4ea1554ff01617677defda7a29631ea073
053a9b913df62d6f62e05479e93d679953d2cf19de25301648d4701d838f7e17
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0bcdc0094df6d517efd288e7ba57f9ab17d89c5114441b2c3c6120619f20d170
0d27ecd0938be6f347ba4579d44bb0f9db82135db6d0bd55821893c6fba07da2
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
15b3250e261e253f6cacc83c50f3560eeadc2141126959cd0ead4168194e07fe
15fbec6e5b37cc7e9ff13f533cebd43d4a4579b9b257d6c96b21936463361f75
1a8570775336487925cc7db165a4299cb6845d4e3828fa6a24502209d61b8940
1bb09ef9a505ea83f231c82ab639a34ff5d28d06f1d0e689587fbe859ca5aea0
238471b5f6cdbff6ab8cf75252ac0149dd6c21b70e287580845d95d4cfb4b8ea
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f22ee58a9441e209c80aecddef6e32886f83cd4a8f6c435b54fdb870e76faf
2724af5e2670837e9a4530f9a940815ce1fdf217f3de0b031ea5280f90227947
2d81e0bf79972922227d4a367c03cfa4fb33dc5406fbeb3b904b56acbc394dae
2dc1def573f78b2cdee373e194ad740ca685e4a06d2c9d803f80e3fd914a5f14
2ffe7c121b7d13b90081ff05bcc61102d139c36593bd40cf82a2037295a3792c
304a596bb9715360b71c3002d94553e04943f56dffbbefcf5c3ce3efc60db4a5
32e1a904a52ccb419c0e270b07780ca351c2ecc952f22f2e80717b848a407f08
38612cda05ab573cee15c92de7d79ba05e20826b5556105bbe2bae7115336249
469c3c3ebe581ecb1a3c893d20b642bbc014912693d13cc2bfd54de246e12c1d
4a2d88e2d2d50aa91bce568a9e4a5c707d30c56b84f97f306a069c10eac5ae33
4b825deccdd4ac23d6e1616f3456587b4a6dd38509023032c1341887f4195aeb
4cdc41c84edf158e42c0aa0a79cd55895ae6bff5e569c51d2ce1cbd23d799eba
5a313491bb82c904bfc7586eccad2092163da7f21d5d1bd13527a02c734a1c0d
5ade1526f1674ac49650f04fa328b8aec7266c24c9a045f5efbb96b6984422c0
5e2a241a79063f9f27922362608171fce8b37105a9b007eab5711055c033f427
5f75efe09e9a15de6732fbf32bb96bd5d570689576f84be9763fe6147f3f405c
63cd88caf63629b62be0039fda4b30286b973828edcd7ca4a5ce3d5de400a5fe
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6407c87204c820e7f94f1e129190e3f3589f59c4768cc97c3a76d43075d8f2fa
6526d59e74abd6e7f4ed066c717f2879df1513d2cc21c9587feeccc790f25917
65cf2e3196c478761d65a2a48de4e6dbbe7aa2fadb4b4338dbfa8b981c799ac2
663e19d359b28439846108f84c1504fd800f1e2e27dac57143d0e24b9c695c41
6c8acb101200ab16ec74d03716d50c30777f398a13e4ed8dfa116bddc433ca76
70183802d2b94f83640d37134877f053ef87ee3c4efa14348b4475b20085dec6
75db1f6d54f50a71be61784d1b94d3afd368c4799328696e17606ee413eb00a3
7b49cd8e9b6248bb64ba2bd0ee41907b80e3ca57b95a7b2be48bca5f63f11ce6
7d65890e932dbee493d40d7b3c7ee4145362e4d0752545d29363b24c986018fe
890a308f110701f892cbb8d923d529a06c44e5bbeafa6b92df2fae66f3706bd1
89bd39b2a848d8ef9910066b7c39e9742cc47bd2cf700c273e026c3f60d213d2
907a8354857d7f7a73afd39694dd9d4c3d9c1e2aa0136ddd117c9be8e19b1121
92ece44074aeb95ae7a13a811e75f76120b464fb2cd7983f78eed80bf30a6811
9ce372d43a91580bdc4185d48a02bef4b7954c49e721e181fa02b656eaa61213
a62ee001f1b8313b0030ddf9c3a30c789075a2a4a9065557ab76c46d088bbe0f
a721a612afdc6691b9e62b022e7296911972c9d99c5b34357edb7e2ac9d1f7e3
a8796e78a474cc95aff438ec3edbd53b8f73f2070908071d0bf3ff52dfad467e
ae9ac7bec5b01562a7bc2ea4e5ee605071f052ca69b8485140d4fb288bd0017b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b20f106b4f6134cf2335e20d02ab4323a7281cc267a6a0b826bdcc6a36e0d24d
b3db689f691c428cc641d7a3f394268feb8d52bd569d96fbfba45031aeea90ae
b44840c1bb8e5b5df03db4c7589c7d129dd00a88fab8e57fafc0b75b6c2659ca
bac97e1f89216b2ab3f914299513c8797b6ecb0a734f7832170b26364ca5d5fb
bba8e64ee031f491fd5f9cea3ba28afa3420629751ef80ff32a53e4f89c03614
c5f5b6ad0f1007fa29e9c6525beb9468a91aa6c8aa8b00d041b3723c6f0f66d8
cbe037d4b802fdf8964db09a50e1d6c76e0ead039bfcc75e11e3226c4c08aa86
cc2f18c477ebec116c98a4a7fbc29fadceb71f2ed12e18b059ce3ec49d90b2c5
cce51e792b5bed74f35c8b0540f856a24116ecd96dad0c9b64e6a4552c4afcb9
cece1f4ebf180c5740977e93adbbf6d91af4d5a0f8c9034025a2bec8b3119a75
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3884bc713cb5a627601c698c23e35773a26df0834336c1ec44dc99850405bda
d681d1c69ab0e86cbb50731d0252dde6238163c90686cbf087c6be35218ad680
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2c0ae83ae942c2586a3ccf76d0712cc72cd8eff3e17610ac62cc79653a4f95c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7204f38b8072da7848ea2ae2a119611f459adf8d907aed955fc35be25983993
ed319e3f2bfd5cac6c86633748613ecddd7b646e586c7735bbb7f63f7e7bcb4b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bca58f5bf11793f5959b28fd3476d8d6c592f10a32774d673812b834cebfc5
f61f27a050a93466c38b39465654a8ead4ca789126e0d5063f2dc0c28a437dea
fcf859e8cb71b170b4f1165be584c99e31b20141200d121e7bde2ab9258bc8dd
fdce9254e4a6e29820bf43706d19c5e5b54aa6323f1fae055a0ad707bda5ed65

admin3us.mypanel2.ir Open in urlscan Pro 188.114.97.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

35 %IPv6

18 Domains

28 Subdomains

27 IPs

6 Countries

2204 kBTransfer

4892 kBSize

14 Cookies

100 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

admin3us.mypanel2.ir Open in urlscan Pro
188.114.97.3 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

35 %
IPv6

18
Domains

28
Subdomains

27
IPs

6
Countries

2204 kB
Transfer

4892 kB
Size

14
Cookies

77 HTTP transactions
5 data transactions