URL: https://new4all.kurdanmal.ir/
Submission: On March 30 via api from US — Scanned from US

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 42 HTTP transactions. The main IP is 188.93.233.162, located in Portugal and belongs to NETSOLUTIONS, MO. The main domain is new4all.kurdanmal.ir.
TLS certificate: Issued by R3 on March 29th 2024. Valid for: 3 months.
This is the only time new4all.kurdanmal.ir was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 188.93.233.162 47674 (NETSOLUTIONS)
7 3.162.3.38 16509 (AMAZON-02)
3 172.253.115.95 15169 (GOOGLE)
2 142.251.111.97 15169 (GOOGLE)
5 172.253.62.94 15169 (GOOGLE)
22 54.192.51.18 16509 (AMAZON-02)
1 216.239.34.181 15169 (GOOGLE)
1 142.251.111.155 15169 (GOOGLE)
42 8
Apex Domain
Subdomains
Transfer
29 icij.org
www.icij.org
media.icij.org
17 MB
5 gstatic.com
fonts.gstatic.com
62 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 42
178 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
258 B
1 google.com
analytics.google.com — Cisco Umbrella Rank: 148
258 B
1 kurdanmal.ir
new4all.kurdanmal.ir
105 KB
42 7
Domain Requested by
22 media.icij.org new4all.kurdanmal.ir
www.icij.org
7 www.icij.org new4all.kurdanmal.ir
www.icij.org
5 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com www.icij.org
2 www.googletagmanager.com new4all.kurdanmal.ir
www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 new4all.kurdanmal.ir
42 8
Subject Issuer Validity Valid
new4all.kurdanmal.ir
R3
2024-03-29 -
2024-06-27
3 months crt.sh
*.icij.org
Amazon RSA 2048 M01
2023-05-13 -
2024-06-10
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.google.com
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-03-04 -
2024-05-27
3 months crt.sh

This page contains 1 frames:

Primary Page: https://new4all.kurdanmal.ir/
Frame ID: 85E463284A4532753B9C7C099C06383B
Requests: 42 HTTP requests in this frame

Screenshot

Page Title

International Consortium of Investigative Journalists - ICIJ

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lodash.*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

42
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

17830 kB
Transfer

20273 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
new4all.kurdanmal.ir/
103 KB
105 KB
Document
General
Full URL
https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.93.233.162 , Portugal, ASN47674 (NETSOLUTIONS, MO),
Reverse DNS
kurdanmal.ir
Software
nginx/1.24.0 /
Resource Hash
41d33ac6d9eca06f86b4d85f45e1452246c9b1c5a3cfac5824a1a5e424377169
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
1585
cache-control
max-age=15, s-maxage=600
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Sat, 30 Mar 2024 14:41:48 GMT
link
<https://www.icij.org/wp-json/>; rel="https://api.w.org/" <https://www.icij.org/wp-json/wp/v2/pages/15>; rel="alternate"; type="application/json" <https://www.icij.org/>; rel=shortlink
server
nginx/1.24.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-cf-id
FJeUPZ-gc8kOEzNw_Fzq8SBclZqP2hUUOJLAn9IqSvNvKeQA94kqmw==
x-amz-cf-pop
AMS1-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
40FC5686_FB14_AC14809C_01BB_66081E7B_36D8_37DC4
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
style.min.css
www.icij.org/wp/wp-includes/css/dist/block-library/
108 KB
15 KB
Stylesheet
General
Full URL
https://www.icij.org/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.4.3
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:37:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
240
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC45FF_5ECE_AC14809C_01BB_660823BD_8940_37DC4
x-ua-compatible
IE=Edge
last-modified
Wed, 24 Jan 2024 19:02:28 GMT
etag
W/"65b15ec4-1ae43"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-amz-cf-id
Dz3Avxb8q5PiARSeuFbvwwYauASrAoMAxgkcc75MkJggnIsuXE2zsQ==
app.004257.css
www.icij.org/app/themes/icij/public/css/
252 KB
39 KB
Stylesheet
General
Full URL
https://www.icij.org/app/themes/icij/public/css/app.004257.css
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
d1266a0a5412eb850c9e0a0a720994b3414fc588ac4237c9751497279e1a5495
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 13:56:53 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
2696
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC42B2_17AE_AC14809C_01BB_66081A25_BD42_37D6D
x-ua-compatible
IE=Edge
last-modified
Thu, 21 Mar 2024 03:58:43 GMT
etag
W/"65fbb073-3eed2"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
x-amz-cf-id
CtTv2YnCuo6cVagb48_eCZZf3DIxvtHQdMjSjZpv1wK3MojlOHwoAQ==
jquery.min.js
www.icij.org/wp/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://www.icij.org/wp/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:37:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
240
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC45A2_5154_AC14809C_01BB_660823BD_8941_37DC4
x-ua-compatible
IE=Edge
last-modified
Mon, 28 Aug 2023 17:14:23 GMT
etag
W/"64ecd5ef-15601"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
xwl7in5F4ouvwl3otceq2S58OFJPFKHEOfkNXOv-wLl6ZCA5XlEacA==
jquery-migrate.min.js
www.icij.org/wp/wp-includes/js/jquery/
13 KB
6 KB
Script
General
Full URL
https://www.icij.org/wp/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:37:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
240
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC45A2_515A_AC14809C_01BB_660823BD_8944_37DC4
x-ua-compatible
IE=Edge
last-modified
Fri, 09 Jun 2023 05:49:24 GMT
etag
W/"6482bd64-3509"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
RXqwKOeGqWl8NvcUWHhbdg3c5OjPSt1tHr0hg5tGQYEA-VYlK9bmLQ==
lodash.min.js
www.icij.org/wp/wp-includes/js/dist/vendor/
69 KB
25 KB
Script
General
Full URL
https://www.icij.org/wp/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
211fdb26a74dac46f2bd297c0f02953de9e69355035cad239d87acf21c5a6a0e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:37:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
240
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC4348_D282_AC14809C_01BB_660823BD_8943_37DC4
x-ua-compatible
IE=Edge
last-modified
Thu, 21 Sep 2023 13:26:32 GMT
etag
W/"650c4488-115ad"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
ZtLES6zk-YyL1TGzmwJlnzqB4ebRVP9BxbF3SiP7r3XQRsFXx-j3Tg==
app.54e2c6.js
www.icij.org/app/themes/icij/public/js/
2 MB
643 KB
Script
General
Full URL
https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
a675e89a755c9b2f9c1551fc288f9c262e1770fd25855cb2c0be9c93744f6739
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:27:33 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
content-encoding
gzip
x-amz-cf-pop
YUL62-P2
age
856
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
40FC4546_6500_AC14809C_01BB_66082155_67A7_37DC4
x-ua-compatible
IE=Edge
last-modified
Thu, 21 Mar 2024 03:58:43 GMT
etag
W/"65fbb073-24b968"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript
x-amz-cf-id
ReEKuhlinRWpe9H6-7LPFOPaR3kEpdw_Ff79vYRO8GJA7nErZddLaQ==
css2
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700;900&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/css/app.004257.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
f5787c1278af607f808f355948c02810b7cd4423fb90ac1bf67e45d483461092
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.icij.org/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Mar 2024 14:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 14:39:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Mar 2024 14:41:49 GMT
css2
fonts.googleapis.com/
2 KB
515 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/css/app.004257.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
51f5b1e8bf23c87b2ab7d5a8de0205944338068a34b06c1c74a79930e26f18a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.icij.org/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Mar 2024 14:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 14:19:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Mar 2024 14:41:49 GMT
css2
fonts.googleapis.com/
1 KB
530 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Anton:wght@400&display=swap
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/css/app.004257.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f95.1e100.net
Software
ESF /
Resource Hash
169f90ab5299f606a0d50909fec8024bc58157b5326b6f16755c91904894e96e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.icij.org/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Mar 2024 14:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 14:41:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Mar 2024 14:41:49 GMT
gtm.js
www.googletagmanager.com/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TFCK277G
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
d6df9e80d63f0d55de72b5d27dc95603fcde323f206d70720fce1491ea5252e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:41:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75887
x-xss-protection
0
last-modified
Sat, 30 Mar 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Mar 2024 14:41:49 GMT
bg-donation.df498fd81ed5cc35.jpg
www.icij.org/app/themes/icij/public/images/
27 KB
28 KB
Image
General
Full URL
https://www.icij.org/app/themes/icij/public/images/bg-donation.df498fd81ed5cc35.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/css/app.004257.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.162.3.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-3-38.yul62.r.cloudfront.net
Software
/
Resource Hash
afa52a016f114c6ec38a8fca11bdcd53e88e1dfbaf8c81e28566d4fda274115e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.icij.org/app/themes/icij/public/css/app.004257.css
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:37:49 GMT
content-security-policy
frame-ancestors 'self'
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 d64e73a7e708de06492b99c7e55873b6.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-P2
age
240
x-cache
Hit from cloudfront
content-length
27787
x-xss-protection
1; mode=block
x-request-id
40FC44F8_B3AE_AC14809C_01BB_660823BD_894C_37DC4
x-ua-compatible
IE=Edge
last-modified
Thu, 21 Mar 2024 03:58:43 GMT
etag
"65fbb073-6c8b"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
sGFG67BODupkNMiFLwPosMZ81yAX20mhNLDvS1STBGPSE-HAZw9Rxg==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://new4all.kurdanmal.ir
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:47:31 GMT
x-content-type-options
nosniff
age
284058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:47:31 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://new4all.kurdanmal.ir
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:42:24 GMT
x-content-type-options
nosniff
age
284365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:42:24 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://new4all.kurdanmal.ir
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 28 Mar 2024 18:10:34 GMT
x-content-type-options
nosniff
age
160275
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Mar 2025 18:10:34 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather:wght@300;400;700;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://new4all.kurdanmal.ir
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:50:08 GMT
x-content-type-options
nosniff
age
283901
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:50:08 GMT
Trump_Ruddy.png
media.icij.org/uploads/2024/03/
4 MB
4 MB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Trump_Ruddy.png
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f7cbe5550d4a09850ebb64cd4ed0a8a7b8eb688def82b4ef23bfa86aa3d933d

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 19:24:43 GMT
x-amz-version-id
FW9O.WPSVwpllWXRKsRp562N.EzIiOrK
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Mon, 25 Mar 2024 16:04:06 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
69428
etag
"ab9eb11bc73cba3312288935d5664cd0"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3789825
x-amz-cf-id
ABe5S7HusjS5l0gY3zAyvv8yEotMsbKLalDa2vXGFeRR9kfNqzJbMw==
Nikos-Christodoulides-GettyImages-1258656293.jpg
media.icij.org/uploads/2023/11/
164 KB
164 KB
Image
General
Full URL
https://media.icij.org/uploads/2023/11/Nikos-Christodoulides-GettyImages-1258656293.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
36380156d319397f939940a3a8975761070e42ffedf892f5dc0c9eba57f4a5b2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 17:37:21 GMT
x-amz-version-id
z_bd2hw9CDhTbSkJnuO0551irXXm573m
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 20:30:00 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
75870
etag
"3bb6aa8bf10f166ac2f07ef2b3e2d6be"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
167576
x-amz-cf-id
csV2iiQxP6J9EXn790wMQ6JZ_rr3rgXGvWd8VSHRcj8F1OI13PNlqA==
GettyImages-1266461085.jpg
media.icij.org/uploads/2024/03/
324 KB
325 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/GettyImages-1266461085.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f409ca1387d053dd755aa8670bd139dddfb950dff5ec2f923901ea1ebec82a1c

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:06:42 GMT
x-amz-version-id
qJTuDnbeHu8UdiofZDj.v6WfC3ZL7FDc
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 27 Mar 2024 10:54:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
66909
etag
"559621a89df123fa855132970f11476b"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
331732
x-amz-cf-id
6h1Lu4FUFM7EX8nAo2pNWeLRXe4Cdy2LQENhHtfimmkz48SvDUgdRw==
Garantex-illustration-Hele-Mai-Kulleste-Delfi-Meedia.jpg
media.icij.org/uploads/2024/03/
389 KB
389 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Garantex-illustration-Hele-Mai-Kulleste-Delfi-Meedia.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
65af485cf484be1f3fedbe5c56694091b214880b5975db14eed2a914ab0851dd

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:06:42 GMT
x-amz-version-id
AveHqX4HHLLHt2lX9ac1L6P5t0nKxor6
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 12 Mar 2024 19:52:42 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
66909
etag
"4dbac518c34b12fd6089089bfa2645c3"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
397894
x-amz-cf-id
TEPcYQz2vOg40cklW0lN89a0LMplqNUzglG7Hw4yZtcgpBuyBq_bNQ==
Indonesia-Report-Photo.png
media.icij.org/uploads/2024/03/
5 MB
5 MB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Indonesia-Report-Photo.png
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b12b8510ff410eddd2b1b0abf6945dc3ad7a70d39d0f1df3df3e4706e01373

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 19:24:43 GMT
x-amz-version-id
j5N6hZCsxwa9P.X.j0k78oIDf4rm.NRc
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 19 Mar 2024 16:49:43 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
69428
etag
"d91ddce272550928245e75b0d52a1d2c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4740692
x-amz-cf-id
F92l6QKzj4Ujpv331URRwLCAHe9iszdwvc9tPBDN8OKDwnX7OTjjJg==
eYUPpXZCTyiH.jpeg
media.icij.org/uploads/2024/03/
691 KB
692 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/eYUPpXZCTyiH.jpeg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5009ec8fd531dab4b8d54b8fc0662348fd33dac8d88c96c547913b4b938a6434

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nHBB1lENitA1ZP5v7d1kyYqNLvR7Vxgc
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 26 Mar 2024 20:10:47 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"efe51742fdb962e04aaf56b298ef45e6"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
707832
x-amz-cf-id
lxPsvHHwIfo5_tQCIPGxCpDT1DzrKZmM_uvok1-DiHYrLWkhE39eVg==
A-grey-gibbon-in-Long-Isun-Jamie-Wolfeld-_-Forest-Peoples-Programme.png
media.icij.org/uploads/2024/03/
3 MB
3 MB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/A-grey-gibbon-in-Long-Isun-Jamie-Wolfeld-_-Forest-Peoples-Programme.png
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5124b455d10e9a53bcd0f637d44dcf55a245275dbe23e6931c1f50edb5988f7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:05:18 GMT
x-amz-version-id
vh8qXiGoSyprAbhPzEUGx0TJPJkdoSc2
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 22:05:23 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
84993
etag
"da8a913fc965078e561be2394d2a9c96"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3206553
x-amz-cf-id
fq6NhcaYY7L3Zsb7-JVl6Sbk-SDE-T6M9VX9oE-pXRZSn90oB88xtA==
Annual-report-2023-reporters-at-work-copy.jpg
media.icij.org/uploads/2024/03/
182 KB
183 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Annual-report-2023-reporters-at-work-copy.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5958b850752ea5ec8d63a357c3fcbb12a4eb151ee1235e39287bb83e16a0f950

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 15:05:18 GMT
x-amz-version-id
Kls6prUwZjcMXYuxviVLBTRpZnl73cCk
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 20 Mar 2024 01:29:55 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
84993
etag
"1e1a25d7705d122e9598013e4f2ab7f7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
186812
x-amz-cf-id
1J-Pe8-gby6VstghheFdP9_wJyDfap53tDQ3X-JAesNZ51ZKg7O8MQ==
IRS-Criminal-Division-agents-GettyImages-1253771187.jpg
media.icij.org/uploads/2024/03/
175 KB
175 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/IRS-Criminal-Division-agents-GettyImages-1253771187.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9460b952c44b0c078d2f7459a676aa9552e6ca2809b6f6637d41de622bf04f06

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:06:42 GMT
x-amz-version-id
44Iuox9Xv0EKM8JK9BXDpzSjsfPFyp1y
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 19 Mar 2024 23:21:17 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
66909
etag
"ca35593612d38830b4fba8be0d5af53f"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
178855
x-amz-cf-id
YMzkaR3U2nCwU763gPbBwevrL2go3sKxybZMwo65sj4z1Y8C5lXBxw==
Tokarev-GettyImages-1241301803.jpg
media.icij.org/uploads/2024/03/
162 KB
163 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Tokarev-GettyImages-1241301803.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afbc6ca684d790f3ecdafe3ca24e1d2a5b2f15b4076d28a03ced3f8907687b81

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:06:42 GMT
x-amz-version-id
9o8IFDJdOF5y7UEImfXbFoh4IxMSdSuO
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Mon, 11 Mar 2024 04:51:48 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
66909
etag
"22581740fa63bed80b9ef4d9672ec440"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
165838
x-amz-cf-id
deEOhCJWb8t10afNrIVIl7phQSdfsCU3uRohw5nXOygdYU2bjc5-Ww==
Intellexa-Reuters-RTX7G6IY.jpg
media.icij.org/uploads/2024/03/
168 KB
169 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/Intellexa-Reuters-RTX7G6IY.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9775c9a562548fd61563431e3cb6ac76c914b0afdeee43d4ad1b0f54f2d98134

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
XtYSJIK56uiqljOJ3HDivfkbEDIoAfGn
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 06 Mar 2024 03:24:08 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"f011998f8e7fb8c143272bc06da51b49"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
172330
x-amz-cf-id
spWcTzhPtC_O4Kt3-BPzvvh5NcCe3yFjGeahYVVjl_0vLIQY24rgXg==
GettyImages-1231887244.jpg
media.icij.org/uploads/2024/03/
467 KB
469 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/03/GettyImages-1231887244.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2b2a120acb91091bc9503200775ec796fc549b4733abaa1e1d3898642fb721aa

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 19:24:43 GMT
x-amz-version-id
0IS7J0FXSLMS.Jvf5gYh0Clg9bc_rQb9
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 05 Mar 2024 16:33:49 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
69428
etag
"8ebf28d839a9952d8fa6beb21e18d2cf"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
478695
x-amz-cf-id
cJi6CinpC6QQeUpMMqiLzv6Blu4ZaeJlQ9I16UQ80S45m_otSzCgxg==
GettyImages-488507451.jpg
media.icij.org/uploads/2024/02/
384 KB
384 KB
Image
General
Full URL
https://media.icij.org/uploads/2024/02/GettyImages-488507451.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24db1a96f15062beb5f4ebfb762203e4afbdf9fa9582ea86f4e6a7e468d46598

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 19:24:43 GMT
x-amz-version-id
RoOjk4YKsKehYgSpfwh2f86TRGA5Gosc
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Thu, 29 Feb 2024 22:36:52 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
69428
etag
"9d8223d02d74839ce019356aa4f9258c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
392708
x-amz-cf-id
gr9gQIDHC6LKbUvPIyRQXa-sxcWMXRhXnu3XTixJzw22qY40qzw5Mg==
Cyprus-Conf-Project-banner.jpg
media.icij.org/uploads/2023/11/
289 KB
290 KB
Image
General
Full URL
https://media.icij.org/uploads/2023/11/Cyprus-Conf-Project-banner.jpg
Requested by
Host: new4all.kurdanmal.ir
URL: https://new4all.kurdanmal.ir/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16a8cc2a6c486bd472ffbbeaef3a2657bfd551984153bca2730ac71a925b621b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
UsoSAOKvYMc09MFiRyGLPOCSQh7aWduD
date
Sat, 30 Mar 2024 13:19:06 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Sat, 11 Nov 2023 19:56:13 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
4965
x-amz-server-side-encryption
AES256
etag
"7a6361ec12c3f8a1675b958aee43af92"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
296327
x-amz-cf-id
UJZjrU-mRkCSUPoOgTEEJHZ1TqiiGQqW0EjLXukxenK5EnKIQyz6bQ==
Deforestation-Inc-banner-no-logo-credit-Ricardo-Weibezahn-ICIJ.jpg
media.icij.org/uploads/2023/02/
189 KB
189 KB
Image
General
Full URL
https://media.icij.org/uploads/2023/02/Deforestation-Inc-banner-no-logo-credit-Ricardo-Weibezahn-ICIJ.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2576c61d73e50516e58912fb0ed63a831490d212e4f1ccc89d1ec6126f3114ab

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
9EhuUfLk64_NJzw0.8LzYPW30jvDXo9v
date
Sat, 30 Mar 2024 13:19:06 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 28 Feb 2023 03:03:03 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
4965
x-amz-server-side-encryption
AES256
etag
"247bd76c1ae9aa84b936a234880064d4"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
193266
x-amz-cf-id
QgVh5_e1YLRX28t4GxYK_0qijpk7vVJmDjkv6em58fdI2rch7ox80w==
Shadow-Diplomats-project-logo-background.jpg
media.icij.org/uploads/2022/11/
149 KB
150 KB
Image
General
Full URL
https://media.icij.org/uploads/2022/11/Shadow-Diplomats-project-logo-background.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7682fcb3ab1ece2bb13c5e0e29e4e35e7f86c7d078ff59eedc54a19f3d86e07

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
RAx9Ekb2mLU8D.iccERi2uH3XWQgkw9G
date
Sat, 30 Mar 2024 13:19:06 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 02:18:06 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
age
4965
x-amz-server-side-encryption
AES256
etag
"316d4761391fd0a3eda19b62b77d0a2c"
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
152898
x-amz-cf-id
I_k4QAQpnAkvQOqZ9HMbdCeYhlYyynGcRlwGMAfS9ce1e4-tX0qh9A==
Trafficking-Inc-Overview-filtered.jpg
media.icij.org/uploads/2022/10/
230 KB
231 KB
Image
General
Full URL
https://media.icij.org/uploads/2022/10/Trafficking-Inc-Overview-filtered.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9250339c416d4ad48612d60dc0a3d776810a972cc34a06008141fc78d49925d4

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
arWrSxaN.whQuvaDgkdiJhDFLUPdJ5nt
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 03:30:05 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"e7510e9e3020e062896a189cddd0c68a"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
235843
x-amz-cf-id
JjzHUIOBmH-cwYrqjJe1g_8whugSscP8jjQELrMdlrKnW9j_MfPRZg==
Antiquities-filter-16x9-1.jpg
media.icij.org/uploads/2021/10/
256 KB
257 KB
Image
General
Full URL
https://media.icij.org/uploads/2021/10/Antiquities-filter-16x9-1.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ff351dc2a56de44d05e188df84ec57fe5294c750d566b5d6dac532f2e8b35e8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Ll1XhRuxDH6vsO0VaHPHyW4l9p8PTfKx
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Tue, 05 Oct 2021 08:49:50 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"3009f0dd7de7b8054cc47e1190305c4d"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
262291
x-amz-cf-id
gMKQJpBP1VBmHnYFM0SW--Pp228wEAStfv2SunzOUWgRFr-3vuvU-w==
Uber-Files-Backseat-drivers.jpg
media.icij.org/uploads/2022/07/
182 KB
183 KB
Image
General
Full URL
https://media.icij.org/uploads/2022/07/Uber-Files-Backseat-drivers.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2bc89981cf1f21c2200705fdd08b387da44018a495dee137c2d8371bc215b4d0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
HYClEcX_5ecRzBurxQEpTv5bWpigYPXF
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Sat, 09 Jul 2022 11:10:40 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"1bb7be23d8e070575b672f485697a8cf"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
186665
x-amz-cf-id
KgeJJH97fEleuPW-f-8opnGcVvfFQed37mrZPRaxSKGQPNVuP_h3UA==
Russia-Archive-Banner.jpg
media.icij.org/uploads/2022/03/
242 KB
243 KB
Image
General
Full URL
https://media.icij.org/uploads/2022/03/Russia-Archive-Banner.jpg
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db73252597ad5aa22143310085a4cf4f6e51e988d7657cabcff0910d4bb5ba6a

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
90BL6vOVZvT0KMKZtNh8sy_qvF34ZEKu
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Mon, 07 Mar 2022 09:36:34 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"d42dac09224d6df0874b630eae75e8b9"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
247829
x-amz-cf-id
7pH5r-uf3qthw2E6uxNafg3jpdk1_LquDodYztM3mLMjTySZhkApog==
cover-bg-only-final.png
media.icij.org/uploads/2022/02/
561 KB
562 KB
Image
General
Full URL
https://media.icij.org/uploads/2022/02/cover-bg-only-final.png
Requested by
Host: www.icij.org
URL: https://www.icij.org/app/themes/icij/public/js/app.54e2c6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07713c67f092119bf0533539f744d58ef11751f8fb762f2f460651965ecaa9b6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
3BMKBighrHgZiLrlF9oTyIscN39lGGhN
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Sun, 27 Feb 2022 12:28:54 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"7640ba2e7f546a95fb06777fd4a3821d"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
574638
x-amz-cf-id
YMY_NoqfyuuJEXd4x1eOgwUu7_RWUBmEmTt8-rgsCfDRswuYDM0wRA==
1Ptgg87LROyAm3Kz-C8.woff2
fonts.gstatic.com/s/anton/v25/
18 KB
18 KB
Font
General
Full URL
https://fonts.gstatic.com/s/anton/v25/1Ptgg87LROyAm3Kz-C8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Anton:wght@400&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f94.1e100.net
Software
sffe /
Resource Hash
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://new4all.kurdanmal.ir
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 27 Mar 2024 07:50:09 GMT
x-content-type-options
nosniff
age
283900
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18796
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 20:21:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Mar 2025 07:50:09 GMT
js
www.googletagmanager.com/gtag/
317 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZHK7PVGCC7&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TFCK277G
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
38fe3357171399ba8668cddea94fb77ad1f950ad8531aa88c01973ccafb4c94c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 14:41:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105812
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Mar 2024 14:41:50 GMT
collect
analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-ZHK7PVGCC7&gtm=45je43r0v873070726z89180332029za200&_p=1711809709568&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=334893719.1711809710&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.86%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.86&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1711809710&sct=1&seg=0&dl=https%3A%2F%2Fnew4all.kurdanmal.ir%2F&dt=International%20Consortium%20of%20Investigative%20Journalists%20-%20ICIJ&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1899
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHK7PVGCC7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 14:41:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new4all.kurdanmal.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
258 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZHK7PVGCC7&cid=334893719.1711809710&gtm=45je43r0v873070726z89180332029za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZHK7PVGCC7&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 30 Mar 2024 14:41:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://new4all.kurdanmal.ir
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cropped-favicon-32x32-1-32x32.png
media.icij.org/uploads/2022/07/
734 B
1 KB
Other
General
Full URL
https://media.icij.org/uploads/2022/07/cropped-favicon-32x32-1-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-18.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ac455df602dd122576cef923890f4b728e0e8622ed2f8f1c9bba5fbee6a7e237

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://new4all.kurdanmal.ir/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
98TIyJlQ.t12nl_TwgFf8yqPSbtWadRP
date
Sat, 30 Mar 2024 14:41:51 GMT
via
1.1 5fa5e473f638d77357bb0fccef4ca526.cloudfront.net (CloudFront)
last-modified
Thu, 07 Jul 2022 18:33:49 GMT
server
AmazonS3
x-amz-cf-pop
YUL62-C2
x-amz-server-side-encryption
AES256
etag
"d68fb43dec8b6db6ce8b729e3168e1cf"
x-cache
RefreshHit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
734
x-amz-cf-id
HUqfhdsFXm5haO6BnHyQ53cIbJw_kJWghQua03yqop-rB_9x3wb6Aw==

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal undefined| $ function| jQuery object| dataLayer undefined| _ function| lodash object| webpackChunk_roots_bud_sage_icij object| FontAwesomeConfig object| ___FONT_AWESOME___ object| $cookies object| google_tag_manager object| google_tag_data object| googletag function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
new4all.kurdanmal.ir/ Name: AWSALB
Value: xfoFy2A8Koq3fOVrW+59dW7sopIE899cEyVc7DudyAIGtAbcK0du2Sdq3kKCHx9cbX3rpNREEED4uwz6L+HHG0vAEMRuR+4eVplSnJ1Ugc03lsY+gmI22tSGcIT6
new4all.kurdanmal.ir/ Name: AWSALBCORS
Value: xfoFy2A8Koq3fOVrW+59dW7sopIE899cEyVc7DudyAIGtAbcK0du2Sdq3kKCHx9cbX3rpNREEED4uwz6L+HHG0vAEMRuR+4eVplSnJ1Ugc03lsY+gmI22tSGcIT6
www.icij.org/ Name: AWSALBCORS
Value: MzHkblDPyeVKNgtEmjtlVsiyWk72G1tjc86XCZl7Y3D0kIu7E8uz1Lq/PhX614fyvbL6cXukIuhx7uxZN1+XZcTLRWK2eFjytVTo30l1kksiszYXUqNY6+TKd0U2
.kurdanmal.ir/ Name: _ga_ZHK7PVGCC7
Value: GS1.1.1711809710.1.0.1711809710.60.0.0
.kurdanmal.ir/ Name: _ga
Value: GA1.1.334893719.1711809710

8 Console Messages

Source Level URL
Text
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/(Line 1356)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://new4all.kurdanmal.ir/(Line 1356)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
fonts.googleapis.com
fonts.gstatic.com
media.icij.org
new4all.kurdanmal.ir
stats.g.doubleclick.net
www.googletagmanager.com
www.icij.org
142.251.111.155
142.251.111.97
172.253.115.95
172.253.62.94
188.93.233.162
216.239.34.181
3.162.3.38
54.192.51.18
0085adfd2d08a45f62a06d8f3f969ddc4a94ebe8d226511db90aa038f11ed180
07713c67f092119bf0533539f744d58ef11751f8fb762f2f460651965ecaa9b6
169f90ab5299f606a0d50909fec8024bc58157b5326b6f16755c91904894e96e
16a8cc2a6c486bd472ffbbeaef3a2657bfd551984153bca2730ac71a925b621b
211fdb26a74dac46f2bd297c0f02953de9e69355035cad239d87acf21c5a6a0e
24db1a96f15062beb5f4ebfb762203e4afbdf9fa9582ea86f4e6a7e468d46598
2576c61d73e50516e58912fb0ed63a831490d212e4f1ccc89d1ec6126f3114ab
2b2a120acb91091bc9503200775ec796fc549b4733abaa1e1d3898642fb721aa
2bc89981cf1f21c2200705fdd08b387da44018a495dee137c2d8371bc215b4d0
30b12b8510ff410eddd2b1b0abf6945dc3ad7a70d39d0f1df3df3e4706e01373
36380156d319397f939940a3a8975761070e42ffedf892f5dc0c9eba57f4a5b2
38fe3357171399ba8668cddea94fb77ad1f950ad8531aa88c01973ccafb4c94c
41d33ac6d9eca06f86b4d85f45e1452246c9b1c5a3cfac5824a1a5e424377169
5009ec8fd531dab4b8d54b8fc0662348fd33dac8d88c96c547913b4b938a6434
51f5b1e8bf23c87b2ab7d5a8de0205944338068a34b06c1c74a79930e26f18a3
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5958b850752ea5ec8d63a357c3fcbb12a4eb151ee1235e39287bb83e16a0f950
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
65af485cf484be1f3fedbe5c56694091b214880b5975db14eed2a914ab0851dd
6f7cbe5550d4a09850ebb64cd4ed0a8a7b8eb688def82b4ef23bfa86aa3d933d
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9250339c416d4ad48612d60dc0a3d776810a972cc34a06008141fc78d49925d4
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9460b952c44b0c078d2f7459a676aa9552e6ca2809b6f6637d41de622bf04f06
9775c9a562548fd61563431e3cb6ac76c914b0afdeee43d4ad1b0f54f2d98134
9ff351dc2a56de44d05e188df84ec57fe5294c750d566b5d6dac532f2e8b35e8
a675e89a755c9b2f9c1551fc288f9c262e1770fd25855cb2c0be9c93744f6739
ac455df602dd122576cef923890f4b728e0e8622ed2f8f1c9bba5fbee6a7e237
afa52a016f114c6ec38a8fca11bdcd53e88e1dfbaf8c81e28566d4fda274115e
afbc6ca684d790f3ecdafe3ca24e1d2a5b2f15b4076d28a03ced3f8907687b81
b5124b455d10e9a53bcd0f637d44dcf55a245275dbe23e6931c1f50edb5988f7
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d1266a0a5412eb850c9e0a0a720994b3414fc588ac4237c9751497279e1a5495
d6df9e80d63f0d55de72b5d27dc95603fcde323f206d70720fce1491ea5252e0
d7682fcb3ab1ece2bb13c5e0e29e4e35e7f86c7d078ff59eedc54a19f3d86e07
db73252597ad5aa22143310085a4cf4f6e51e988d7657cabcff0910d4bb5ba6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f409ca1387d053dd755aa8670bd139dddfb950dff5ec2f923901ea1ebec82a1c
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5787c1278af607f808f355948c02810b7cd4423fb90ac1bf67e45d483461092
f9ad420bf51c2930fc2a49d44209d202cb18acb2d8b82853a01023e69eab6885