d2yghw5qu3v3et.cloudfront.net Open in urlscan Pro
18.164.93.223 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d2yghw5qu3v3et.cloudfront.net/
Submission: On December 17 via api (December 17th 2023, 12:15:27 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 16 domains to perform 50 HTTP transactions. The main IP is 18.164.93.223, located in United States and belongs to AMAZON-02, US. The main domain is d2yghw5qu3v3et.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d2yghw5qu3v3et.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	18.164.93.223 18.164.93.223	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:251... 2600:9000:2511:ea00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1	20.38.118.132 20.38.118.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1 4	54.83.248.93 54.83.248.93	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.160 63.140.38.160	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.146.191.139 54.146.191.139	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:24f... 2600:9000:24f1:8e00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2 4	108.139.47.108 108.139.47.108	16509 (AMAZON-02) (AMAZON-02)
1	63.140.38.123 63.140.38.123	14618 (AMAZON-AES) (AMAZON-AES)
1	44.206.111.52 44.206.111.52	14618 (AMAZON-AES) (AMAZON-AES)
17	2600:141b:1c0... 2600:141b:1c00:10a1::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
50	16

4 18.164.93.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-93-223.jfk50.r.cloudfront.net

d2yghw5qu3v3et.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2511:ea00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.38.118.132 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stdatavisualpublic001.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.83.248.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-248-93.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.160 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-160.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.191.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-191-139.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

sheets.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:8e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.139.47.108 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.123 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-123.data.adobedc.net

ssc.votvot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.111.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-111-52.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:141b:1c00:10a1::1317 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

gdb.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rferl.org gdb.rferl.org — Cisco Umbrella Rank: 159396	22 MB
7	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	76 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	1 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199	56 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 bbg.demdex.net — Cisco Umbrella Rank: 140299	5 KB
4	cloudfront.net d2yghw5qu3v3et.cloudfront.net	23 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 sheets.googleapis.com — Cisco Umbrella Rank: 61576	7 KB
2	gstatic.com fonts.gstatic.com	38 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	votvot.tv ssc.votvot.tv	373 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	24 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 183159	277 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
1	windows.net stdatavisualpublic001.blob.core.windows.net	251 KB
50	16

	Domain	Requested by
17	gdb.rferl.org	d2yghw5qu3v3et.cloudfront.net
7	tags.tiqcdn.com	d2yghw5qu3v3et.cloudfront.net tags.tiqcdn.com
4	sb.scorecardresearch.com	2 redirects d2yghw5qu3v3et.cloudfront.net
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	d2yghw5qu3v3et.cloudfront.net	d2yghw5qu3v3et.cloudfront.net
3	dpm.demdex.net	1 redirects d2yghw5qu3v3et.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	sheets.googleapis.com	stdatavisualpublic001.blob.core.windows.net
2	www.youtube.com	d2yghw5qu3v3et.cloudfront.net www.youtube.com
1	ping.chartbeat.net	d2yghw5qu3v3et.cloudfront.net
1	ssc.votvot.tv	d2yghw5qu3v3et.cloudfront.net
1	static.chartbeat.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.tiqcdn.com
1	bbg.demdex.net	tags.tiqcdn.com
1	www.googletagmanager.com	d2yghw5qu3v3et.cloudfront.net
1	stdatavisualpublic001.blob.core.windows.net	d2yghw5qu3v3et.cloudfront.net
1	fonts.googleapis.com	d2yghw5qu3v3et.cloudfront.net
50	18

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.amazon.com
us.lgappstv.com
pressroom.rferl.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.tiktok.com
t.me

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
ssc.votvot.tv DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-23` - `2024-06-22`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
www.rferl.org R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://d2yghw5qu3v3et.cloudfront.net/
Frame ID: 388320B8164CE316F0FE82FC1DAA4646
Requests: 49 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: ADCB68B6ED5891DF31EE42AD621C9C25
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Votvot. Видеоконтент без цензуры

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

50
Requests

92 %
HTTPS

53 %
IPv6

16
Domains

18
Subdomains

16
IPs

2
Countries

22708 kB
Transfer

23470 kB
Size

15
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/ru/app/votvot/id1667840613

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.twentyfouri.tvbridge.rferl

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B0BZ8589PT

Search URL Search Domain Scan URL

URL: https://us.lgappstv.com/main/tvapp/detail?appId=1207969

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/votvot
Title: О проекте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Votvot.tv/

Search URL Search Domain Scan URL

URL: https://twitter.com/VotvotTV

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@VotvotTV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/votvottv/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@votvot.tv

Search URL Search Domain Scan URL

URL: https://t.me/VotvotTV

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981

Request Chain 13

https://cm.everesttech.net/cm/dd?d_uuid=53488684926502999523330372157877649664 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZX7mWAAAAEl6VAN2

Request Chain 22

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 24

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&c9=

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d2yghw5qu3v3et.cloudfront.net/ 11 KB
12 KB 2471ms
735ms Document
text/html 18.164.93.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.93.223 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-93-223.jfk50.r.cloudfront.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

99870a94667377b760190dd7d51d72c17e6ec6788fd5818ba4eac8ed5cc7c734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=108
content-language: ru
content-type: text/html; charset=utf-8
date: Sun, 17 Dec 2023 12:15:19 GMT
expires: Sun, 17 Dec 2023 12:17:07 GMT
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
x-amz-cf-id: C7y2IMlZVL0w_ILdOmD3CFSxP9sfCJlc5acAXL8Q_YYXLKc1_bQNgA==
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-sticky-incompatible: 1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
1 KB 298ms
66ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MsLd0ENYttoJNN9snQW4N9fSCmBP2oEb
content-encoding: br
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 12:12:48 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 152
x-amz-server-side-encryption: AES256
etag: W/"3f9113fdbc232b35c3b669ac64c6d145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 0yg9ghPI-Ywx8SwHWZzNFm6nNS_tQ70VbFNVUJiZdGFVFDyNRGRtTg==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 324ms
94ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Sun, 17 Dec 2023 12:15:19 GMT

GET
H2 200 infographics.b Show response
d2yghw5qu3v3et.cloudfront.net/Scripts/responsive/ 4 KB
4 KB 228ms
226ms Script
application/javascript 18.164.93.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yghw5qu3v3et.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.93.223 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-93-223.jfk50.r.cloudfront.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Sun, 17 Dec 2023 12:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: JFK50-P5
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=2137273
x-amz-cf-id: HiPRRSd-pJJO6MJWI4xwONOBI6Zi1_QmMC9kLRlrcyyc3K6doJAznw==
content-length: 3943
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 05:56:32 GMT

GET
H2 200 ifg-blank.css
d2yghw5qu3v3et.cloudfront.net/Content/ 284 B
793 B 243ms
241ms Stylesheet
text/css 18.164.93.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yghw5qu3v3et.cloudfront.net/Content/ifg-blank.css?av=0.1.0.0&cb=333

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.93.223 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-93-223.jfk50.r.cloudfront.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 06:11:59 GMT
date: Sun, 17 Dec 2023 12:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: JFK50-P5
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//Content/ifg-blank.css?av=0.1.0.0&cb=333
content-type: text/css
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=2138200
x-amz-cf-id: ZMHzA6UziUqx-mNaHK__4NEq1Z19dBM3HJod7uBBS_FOcwxtg9iuSg==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1021 B 310ms
80ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2c0133c36b8fa9944a6add01b8f7f84bab5a39315bb2d337b3c0657aedd9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 12:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 11:36:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 12:15:19 GMT

GET
H/1.1 200
OK main.min.js Show response
stdatavisualpublic001.blob.core.windows.net/votvot/static/js/ 250 KB
251 KB 718ms
153ms Script
application/javascript 20.38.118.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.118.132 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d0f9502bc7aa7b95e4234ebf44f95348dfa767627d8b60b7e767b677251c30d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sun, 17 Dec 2023 12:15:19 GMT
Last-Modified: Wed, 27 Sep 2023 18:29:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: agzqldJao5o0c82RNa/qfQ==
ETag: 0x8DBBF87ABF7F585
Vary: Origin
Content-Type: application/javascript
x-ms-request-id: 1b91579a-701e-0029-49e2-30c1e3000000
x-ms-version: 2009-09-19
Content-Length: 256458

GET
H2 200 conf.js Show response
d2yghw5qu3v3et.cloudfront.net/ 5 KB
6 KB 299ms
298ms Script
application/javascript 18.164.93.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2yghw5qu3v3et.cloudfront.net/conf.js?x=333

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.93.223 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-93-223.jfk50.r.cloudfront.net

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

29239288962cd6a3ca5484159529bdafb7e443cec8f2f0e2f038afa2c107dcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 38bc9c97daf30f968ccac44ef89e14e0.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-length: 5426
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//conf.js?x=333
content-language: ru
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2138192
x-amz-cf-id: cHzTBWkinYl6u2KSa-5QVzlRNPcX2GRZInShBmJeRvP7k4FMzfLUHw==
expires: Thu, 11 Jan 2024 06:11:51 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ 216 KB
67 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:18:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 16 Dec 2024 05:18:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
90 KB 225ms
80ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f9dcc184bdd1747c90a9de1a6a042d10edf51faecc50c1d0d074206039fa3b0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91299
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 17 Dec 2023 12:15:20 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 103 KB
31 KB 77ms
77ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ktuod7oUGQ1iM5mrE4cEesdd9KazSkhI
content-encoding: br
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 12:14:50 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 30
x-amz-server-side-encryption: AES256
etag: W/"3b5d35e0a59e2ad66782cf5411d15344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 0M_vNxvkwCOafCIiE2lhQ7JRgZuIlx1pxb1EkwDnGluzwWE4Hcr-ZA==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981

362 B
919 B

60ms
60ms

XHR
application/json

54.83.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Server

54.83.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-248-93.compute-1.amazonaws.com

Software

Resource Hash

bd2fcf532ce251898f08a0c6eb2c98fc14177b2fff4fddcc1174659696a91b46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0b811dbb5.edge-va6.demdex.com 1 ms
pragma: no-cache
date: Sun, 17 Dec 2023 12:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: /YMTZtCjRlM=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://d2yghw5qu3v3et.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 306
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-2-v053-056b5d04f.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Sun, 17 Dec 2023 12:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: cbKVv5EjS1g=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702815319981
access-control-allow-origin: https://d2yghw5qu3v3et.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 dest5.html Show response
bbg.demdex.net/ Frame ADCB 7 KB
3 KB 60ms
59ms Document
text/html 54.83.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.83.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-248-93.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d2yghw5qu3v3et.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Sun, 17 Dec 2023 12:15:20 GMT
dcs: dcs-prod-va6-2-v053-0e893f715.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Sun, 12 Nov 2023 20:32:57 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: YblGWotkSLs=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
277 B 191ms
60ms XHR
application/x-javascript 63.140.38.160
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=53473411706498736433330612234467246043&ts=1702815320374

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.160 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-160.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d2yghw5qu3v3et.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 17 Dec 2023 12:15:20 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://d2yghw5qu3v3et.cloudfront.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZX7mWAAAAEl6VAN2
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=53488684926502999523330372157877649664
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZX7mWAAAAEl6VAN2

42 B
716 B

60ms
60ms

Image
image/gif

54.83.248.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZX7mWAAAAEl6VAN2

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Server

54.83.248.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-83-248-93.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-0c4d5cca0.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Sun, 17 Dec 2023 12:15:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 5X6bHuTbQ4w=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZX7mWAAAAEl6VAN2
Date: Sun, 17 Dec 2023 12:15:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 Articles Show response
sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/ 13 KB
5 KB 402ms
245ms Fetch
application/json 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/Articles?alt=json&key=AIzaSyDliBdIaszCPY0qUrpbRZZyNpBIlzpAous

Requested by

Host: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

317868e0504fcf326bf96aa91ab7b2b1993514cbf254b5c44f71e37953f52183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-l2-request-path: l2-managed-6
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://d2yghw5qu3v3et.cloudfront.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4890
x-xss-protection: 0

GET
H2 200 Strings Show response
sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/ 2 KB
1 KB 406ms
250ms Fetch
application/json 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/Strings?alt=json&key=AIzaSyDliBdIaszCPY0qUrpbRZZyNpBIlzpAous

Requested by

Host: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

863d2238231ce5fe83a7d205e3b77347f992a202862a6a8e0ad9e554dcdf914e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-l2-request-path: l2-managed-6
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://d2yghw5qu3v3et.cloudfront.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
x-xss-protection: 0

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 85 KB
24 KB 77ms
77ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202312122139
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9gH2UWQSXg.fEs3vi8QBv0Yy3Zc2Xm.j
content-encoding: gzip
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 12:10:54 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 267
x-amz-server-side-encryption: AES256
etag: W/"4b302efc5b38e5b3f50431325b1802a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: X2bcycgl37hdDqrhKb-_qh8d7BjJwmEFTiPWJYiP4csuLhRc60sIVA==

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
1 KB 78ms
77ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MFRvDMha7pw77iq_14RzZbP.bsM2IlF8
date: Sun, 17 Dec 2023 12:11:00 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 261
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
etag: "b04c2a096a5d839a6fb21261392ba882"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: xgdOgjg96xwwiC8WBn4ApgTxS0fk7gbvYxBRgsMXSS4QbRanKgbJfQ==

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 86ms
86ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: nMiMcodGGXZuDEOr_LkuOTdEG1s4..Nc
content-encoding: br
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 12:10:54 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 267
x-amz-server-side-encryption: AES256
etag: W/"6a5e55f6c53de2c5fad8f6eaefc225c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: CFpFQmNvBzuC0yWAS6r6c5-5JpXKNx_POBFEibapmG8vkxdYltHIFA==

GET
H2 200 utag.73.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 4 KB
2 KB 84ms
84ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: j5H5BcarJL3JyoJ9vTyZM7tpL83fYq5U
content-encoding: br
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
date: Sun, 17 Dec 2023 12:13:26 GMT
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
age: 115
x-amz-server-side-encryption: AES256
etag: W/"bd506405154704ba3ad1b776f24dd192"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 6pQbpvPg9DA-Je-7pUNKxiIiMADBSI9BQGC_-do6eIPISqv99Y9nDw==

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 6 KB
3 KB 131ms
49ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1133
cf-polished: origSize=6157
ce-version: 11.5.160
cf-bgj: minify
last-modified: Sun, 17 Dec 2023 11:56:28 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 836f174c8c41333d-MIA

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 210ms
77ms Script
application/x-javascript 2600:9000:24f1:8e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:8e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 19:53:17 GMT
content-encoding: gzip
via: 1.1 e8a811941c8b094e985333a44bc18f46.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 01:53:13 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 58924
etag: W/"657a6009-11b4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: WKuy2GOgPTlOUy2TJz2XSg4dLaByPCoWh7bcetqg9FrFEuu1yt5hig==
expires: Sun, 17 Dec 2023 19:53:17 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
366 B

62ms
61ms

Script
application/javascript

108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: H2
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 19:02:46 GMT
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P1
age: 61956
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: KH-mYBR1cZyYWhv9gVXIfDtafq4n77ABFcPkQg_J_P6RMMsyO_YpvA==

Redirect headers

date: Sun, 17 Dec 2023 12:15:21 GMT
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: eaWyEcqf5_xWawE6_cp1DcJ7CiU_5blORvNbR1z7SuVOroqMFl1gqw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 66ms
65ms Script
application/javascript 2600:9000:2511:ea00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202312141307&cb=1702815320975
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:ea00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Sun, 17 Dec 2023 12:15:08 GMT
via: 1.1 3ce8b408dfcacf1e62d9fe4b346a6a62.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P6
age: 14
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: KSSfGTaNCRzSsws1YfQ33ftB8ffyqWq16AXBihr6sDb6mUAxJmcpuw==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%8...

0
224 B

68ms
68ms

Image
text/plain

108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&c9=
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: H2
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-amz-cf-id: 4-ULnkEussYfRbdgcmKam2w9belkCUhYm_neN4N3VHz-oxaEJY_KfQ==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 17 Dec 2023 12:15:21 GMT
via: 1.1 e2d34a357aab1d6cff5cce981d09ebba.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035794&ns__t=1702815320974&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&c9=
content-length: 0
x-amz-cf-id: vNhmwsQrpZ8GGwD2AanqOi-OKSJXlKXEhCFk0eok7roA09P8Ok5Eeg==

GET
H2 200 d2yghw5qu3v3et.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 107 KB
6 KB 268ms
200ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d2yghw5qu3v3et.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc79c90963306ec5797c2c48de4e75a07188ecee48cd952c0a6601d958c698d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 12:15:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836f174d4c418da2-MIA
content-length: 5838

GET
H2 200 s89430667297044
ssc.votvot.tv/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
373 B 482ms
64ms Image
image/gif 63.140.38.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.votvot.tv/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s89430667297044?AQB=1&ndh=1&pf=1&t=17%2F11%2F2023%202%3A15%3A21%200%20600&sdid=07110712B45FCC32-5CE326135C899AAB&mid=53473411706498736433330612234467246043&aamlh=7&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Avot%3Ar%3Aspecial%20projects%3Avotvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&g=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&cc=USD&ch=%2F&server=d2yghw5qu3v3et.cloudfront.net&events=event1%2Cevent52%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&v4=article&v5=special%20projects&v6=votvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v7=votvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v10=01%2F04%2F2023&v11=14&v14=32207601&v15=russian&v16=votvot&v17=responsive&v20=yes&v21=special%20projects&v23=53473411706498736433330612234467246043&v24=018c77b3c7a20012cfded171506403074002606c00b08&v25=rfe&v27=RFERL%20VotVot%20&v29=d2yghw5qu3v3et.cloudfront.net&v30=102&v31=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&v32=rfe%3Avot%3Ar%3Aspecial%20projects%3Avotvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v36=8.28.0.0.333&v38=special%20projects&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v82=view&v100=2023-12-17%3A02.15%3A-10.00&v101=Pacific%2FHonolulu&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.123 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-123.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Mon, 18 Dec 2023 12:15:21 GMT
server: jag
etag: 3656768059325710336-4617765608851914595
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 16 Dec 2023 12:15:21 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 177ms
58ms Image
image/gif 44.206.111.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.votvot&p=%2Fa%2F32207601.html&u=DB26-3CIqRk2CbkxmR&d=d2yghw5qu3v3et.cloudfront.net&g=62557&g0=special%20projects&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd2yghw5qu3v3et.cloudfront.net%2F&b=4143&t=neNhzDM-xiLCBhY_1ClwOtzC3dtDc&V=142&i=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&tz=600&sn=1&sv=79iQfB9X_y_DEcfHT00m6uB_Vnqt&sr=external&sd=1&im=061b2cf3&_
Requested by: Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.206.111.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-206-111-52.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 17 Dec 2023 12:15:21 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 01000000-0a00-0242-848d-08dbacb225ed.jpg
gdb.rferl.org/ 218 KB
219 KB 470ms
225ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-848d-08dbacb225ed.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f8a5164230824acc03cf03f834d523b88fc6ff3800ad6f5a6b094a3ac496ed01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "223455"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2338490
gdb-fall-back: false
content-length: 223455
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:11 GMT

GET
H2 200 01000000-c0a8-0242-f461-08dbeb5fcb62.jpg
gdb.rferl.org/ 371 KB
371 KB 832ms
588ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-f461-08dbeb5fcb62.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91ff1611a43a65f4916d3fcfd4c675393e9bca27088faac5da9d9ba7b8af44a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "379962"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/jpeg
cache-control: public, max-age=2338425
gdb-fall-back: false
content-length: 379962
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:06 GMT

GET
H2 200 01000000-c0a8-0242-7d1b-08dbea69d4c3.png
gdb.rferl.org/ 1 MB
1 MB 472ms
227ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-7d1b-08dbea69d4c3.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0cf848262743e79a769460b2d3ecf5a601e9ecc0bb9347ed0b937345a02c7cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "1520750"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/png
cache-control: public, max-age=2338439
gdb-fall-back: false
content-length: 1520750
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:20 GMT

GET
H2 200 01000000-0a00-0242-90de-08dbde5e6fa8.jpg
gdb.rferl.org/ 898 KB
899 KB 472ms
228ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-90de-08dbde5e6fa8.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a10301e9a3a419180540b4e5047c35ece773914b766e87863da4e8957241a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "919590"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/jpeg
cache-control: public, max-age=2336066
gdb-fall-back: false
content-length: 919590
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:09:47 GMT

GET
H2 200 01000000-0aff-0242-2fe2-08dbca6b61f9.jpg
gdb.rferl.org/ 699 KB
699 KB 326ms
82ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-2fe2-08dbca6b61f9.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f163fb2a0fe12499bad23c3e41f23b67c1232c6732206d9cf9908f7445bb7bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "715406"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/jpeg
cache-control: public, max-age=2338504
gdb-fall-back: false
content-length: 715406
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:25 GMT

GET
H2 200 01000000-0aff-0242-7e0f-08dbc575794e.jpg
gdb.rferl.org/ 335 KB
336 KB 324ms
82ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-7e0f-08dbc575794e.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df83f246643d3cbb2c8e8330464c52a7df2c4c0c681a0c3111eb28fb0a2717a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "343157"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/jpeg
cache-control: public, max-age=2338520
gdb-fall-back: false
content-length: 343157
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:41 GMT

GET
H2 200 01000000-0aff-0242-2932-08dbafbfacc2.png
gdb.rferl.org/ 3 MB
3 MB 557ms
556ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-2932-08dbafbfacc2.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79460f770d3b567264613e9366752b3206a5ce0f77d39f6acac418cab306d8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "3628568"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/png
cache-control: public, max-age=2338495
gdb-fall-back: false
content-length: 3628568
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:16 GMT

GET
H2 200 01000000-c0a8-0242-53d0-08dbe90b83a4.png
gdb.rferl.org/ 2 MB
2 MB 557ms
556ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-53d0-08dbe90b83a4.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3ab04f1fde99a55df30af317ad145f4d782d90045eebc66658c7e93ef96f557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "2054169"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/png
cache-control: public, max-age=2338424
gdb-fall-back: false
content-length: 2054169
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:05 GMT

GET
H2 200 01000000-0aff-0242-a25b-08dbab017602.jpg
gdb.rferl.org/ 925 KB
925 KB 558ms
556ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-a25b-08dbab017602.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

219a6c77dcfa6ca9a7d5158c4ec907cc366b165f013411b23f159f1ac5ee57fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "946930"
pangea-nodeid: HvEjCg4KEWjHYYSlvB3ziw==
content-type: image/jpeg
cache-control: public, max-age=2336139
gdb-fall-back: false
content-length: 946930
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:11:00 GMT

GET
H2 200 01000000-0aff-0242-69ed-08dbaa1a59ab.jpg
gdb.rferl.org/ 398 KB
399 KB 558ms
557ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-69ed-08dbaa1a59ab.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93b8290c695c0ca619f4628ef5cf3e0580e2fb69e75fb75cba67b90ff7cf6ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "408011"
pangea-nodeid: Myz2bXffLWM1qCn6CvFAuA==
content-type: image/jpeg
cache-control: public, max-age=2338432
gdb-fall-back: false
content-length: 408011
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:13 GMT

GET
H2 200 01000000-0a00-0242-e0ea-08dbaa58bf3d.jpg
gdb.rferl.org/ 715 KB
715 KB 558ms
557ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-e0ea-08dbaa58bf3d.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02dc551949bf9685293f6ce5869b56b3d74f6fdc7df5d59a307e064ba4a8e558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "731934"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2338524
gdb-fall-back: false
content-length: 731934
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:45 GMT

GET
H2 200 01000000-0aff-0242-56e5-08dbab2a5517.png
gdb.rferl.org/ 3 MB
3 MB 559ms
558ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-56e5-08dbab2a5517.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3593c11c06c647669e14ee1811edf2460579262ff0297304528342b2928d315b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "3287363"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/png
cache-control: public, max-age=2338462
gdb-fall-back: false
content-length: 3287363
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:43 GMT

GET
H2 200 01000000-0aff-0242-9aca-08dbcf275861.png
gdb.rferl.org/ 852 KB
853 KB 699ms
698ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-9aca-08dbcf275861.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf6f409b76703c6a5a5acf38bb818472a8b8459fad76984a1f9d569debbc44dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "872487"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/png
cache-control: public, max-age=2338486
gdb-fall-back: false
content-length: 872487
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:07 GMT

GET
H2 200 01000000-0aff-0242-8645-08db66921b85.jpg
gdb.rferl.org/ 2 MB
2 MB 699ms
698ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-8645-08db66921b85.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85606cefee91516e7f9dc02c27e77871fcf3b37118caa32a87ab879111893e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "1983137"
pangea-nodeid: ogJFsMhgsy4co7VMOEvBoA==
content-type: image/jpeg
cache-control: public, max-age=2336141
gdb-fall-back: false
content-length: 1983137
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:11:02 GMT

GET
H2 200 01000000-0aff-0242-ce3c-08db5d2d46b0.jpg
gdb.rferl.org/ 1 MB
1 MB 699ms
698ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-ce3c-08db5d2d46b0.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1eee718e26fdefe4a08a3a3fba82d45c065aa1063286ba00f81095d9da20a916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "1202466"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/jpeg
cache-control: public, max-age=2338430
gdb-fall-back: false
content-length: 1202466
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:11 GMT

GET
H2 200 01000000-c0a8-0242-1140-08dbd0b495c3.jpg
gdb.rferl.org/ 556 KB
556 KB 700ms
699ms Image
image/jpeg 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-1140-08dbd0b495c3.jpg

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a5d26ba41760137394aa7e1437b75bc45434c8a11c9e66749601dde44732d143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "569150"
pangea-nodeid: Myz2bXffLWM1qCn6CvFAuA==
content-type: image/jpeg
cache-control: public, max-age=2338473
gdb-fall-back: false
content-length: 569150
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:54 GMT

GET
H2 200 01000000-0aff-0242-fa98-08dbd6d1ac30.png
gdb.rferl.org/ 3 MB
3 MB 700ms
700ms Image
image/png 2600:141b:1c00:10a1::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-fa98-08dbd6d1ac30.png

Requested by

Host: d2yghw5qu3v3et.cloudfront.net
URL: https://d2yghw5qu3v3et.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:10a1::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07d6d023d268e23b96a4488e03bfe3ebe4d99531c8d5f48f68c4f540770fc86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
strict-transport-security: max-age=31536000
etag: "2794989"
pangea-nodeid: HvEjCg4KEWjHYYSlvB3ziw==
content-type: image/png
cache-control: public, max-age=2338384
gdb-fall-back: false
content-length: 2794989
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:48:25 GMT

GET
H2 200 xn7gYHE41ni1AdIRggOxSuXd.woff2
fonts.gstatic.com/s/manrope/v15/ 14 KB
14 KB 268ms
131ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggOxSuXd.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26287892a20de80394d7a7d8e223125973b82fcb0a183204f6c492c999127983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2yghw5qu3v3et.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 09:56:40 GMT
x-content-type-options: nosniff
age: 181121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14204
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 09:56:40 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 24 KB
24 KB 203ms
67ms Font
font/woff2 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d2yghw5qu3v3et.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:41:57 GMT
x-content-type-options: nosniff
age: 290004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 03:41:57 GMT

GET
H2 200 aa11c6ba4e87d897b23473b84559fbe8.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 138 KB
46 KB 41ms
41ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 19:16:01 GMT
server: cloudflare
age: 149389
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836f174e8e25333d-MIA
content-length: 46770

GET
H2 200 d2yghw5qu3v3et.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 8 KB
2 KB 100ms
100ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d2yghw5qu3v3et.cloudfront.net.json?t=473004
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03d67cbda3c9aa043a0a8737b9b6212c2302d7b06d715100034e8a993b15ce60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d2yghw5qu3v3et.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 12:15:21 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Sun, 17 Dec 2023 12:15:21 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836f174eedce8da2-MIA
content-length: 1498

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 1mZSX9FUT_k
.youtube.com/	1970-01-20 21:19:27	Name: VISITOR_INFO1_LIVE Value: s_O6ZbDv6lw
.demdex.net/	1970-01-20 21:19:27	Name: demdex Value: 53488684926502999523330372157877649664
.d2yghw5qu3v3et.cloudfront.net/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 01:45:51	Name: everest_g_v2 Value: g_surferid~ZX7mWAAAAEl6VAN2
.dpm.demdex.net/	1970-01-20 21:19:27	Name: dpm Value: 53488684926502999523330372157877649664
.d2yghw5qu3v3et.cloudfront.net/	1970-01-21 02:36:15	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19709%7CMCMID%7C53473411706498736433330612234467246043%7CMCAAMLH-1703420120%7C7%7CMCAAMB-1703420120%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1702822520s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19716%7CvVersion%7C5.4.0
.d2yghw5qu3v3et.cloudfront.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.scorecardresearch.com/	1970-01-21 02:36:15	Name: UID Value: 1F8375a40afd38004d2aabe1702815321
.d2yghw5qu3v3et.cloudfront.net/	1970-01-21 02:29:03	Name: _cb Value: DB26-3CIqRk2CbkxmR
.d2yghw5qu3v3et.cloudfront.net/	1970-01-21 02:29:03	Name: _chartbeat2 Value: .1702815321199.1702815321199.1.79iQfB9X_y_DEcfHT00m6uB_Vnqt.1
.d2yghw5qu3v3et.cloudfront.net/	1970-01-20 17:00:17	Name: _cb_svref Value: external
.d2yghw5qu3v3et.cloudfront.net/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.d2yghw5qu3v3et.cloudfront.net/	1969-12-31 23:59:59	Name: cebs Value: 1
.d2yghw5qu3v3et.cloudfront.net/	1970-01-21 01:45:51	Name: _ce.s Value: v~eef1cc50a9dad54a483883646973a63e45092c3e~lcw~1702815321527~lva~1702815321527~vpv~0~lcw~1702815321528

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cm.everesttech.net
d2yghw5qu3v3et.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
gdb.rferl.org
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
sheets.googleapis.com
ssc.votvot.tv
static.chartbeat.com
stdatavisualpublic001.blob.core.windows.net
tags.tiqcdn.com
www.googletagmanager.com
www.youtube.com
108.139.47.108
18.164.93.223
20.38.118.132
2600:141b:1c00:10a1::1317
2600:9000:24f1:8e00:18:1fcd:353:c61
2600:9000:2511:ea00:7:2bfb:7c00:93a1
2606:4700::6813:9308
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:81c::2003
2607:f8b0:4006:820::200a
2607:f8b0:4006:823::200e
44.206.111.52
54.146.191.139
54.83.248.93
63.140.38.123
63.140.38.160
02dc551949bf9685293f6ce5869b56b3d74f6fdc7df5d59a307e064ba4a8e558
03d67cbda3c9aa043a0a8737b9b6212c2302d7b06d715100034e8a993b15ce60
07d6d023d268e23b96a4488e03bfe3ebe4d99531c8d5f48f68c4f540770fc86e
0cf848262743e79a769460b2d3ecf5a601e9ecc0bb9347ed0b937345a02c7cb7
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
1eee718e26fdefe4a08a3a3fba82d45c065aa1063286ba00f81095d9da20a916
219a6c77dcfa6ca9a7d5158c4ec907cc366b165f013411b23f159f1ac5ee57fd
26287892a20de80394d7a7d8e223125973b82fcb0a183204f6c492c999127983
29239288962cd6a3ca5484159529bdafb7e443cec8f2f0e2f038afa2c107dcc5
317868e0504fcf326bf96aa91ab7b2b1993514cbf254b5c44f71e37953f52183
3593c11c06c647669e14ee1811edf2460579262ff0297304528342b2928d315b
3fc79c90963306ec5797c2c48de4e75a07188ecee48cd952c0a6601d958c698d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4a10301e9a3a419180540b4e5047c35ece773914b766e87863da4e8957241a95
54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3
79460f770d3b567264613e9366752b3206a5ce0f77d39f6acac418cab306d8ae
7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1
85606cefee91516e7f9dc02c27e77871fcf3b37118caa32a87ab879111893e79
863d2238231ce5fe83a7d205e3b77347f992a202862a6a8e0ad9e554dcdf914e
9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c
91ff1611a43a65f4916d3fcfd4c675393e9bca27088faac5da9d9ba7b8af44a2
93b8290c695c0ca619f4628ef5cf3e0580e2fb69e75fb75cba67b90ff7cf6ba4
98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d
99870a94667377b760190dd7d51d72c17e6ec6788fd5818ba4eac8ed5cc7c734
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a5d26ba41760137394aa7e1437b75bc45434c8a11c9e66749601dde44732d143
afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d
bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f
bd2fcf532ce251898f08a0c6eb2c98fc14177b2fff4fddcc1174659696a91b46
bf6f409b76703c6a5a5acf38bb818472a8b8459fad76984a1f9d569debbc44dd
ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f9502bc7aa7b95e4234ebf44f95348dfa767627d8b60b7e767b677251c30d1
d2c0133c36b8fa9944a6add01b8f7f84bab5a39315bb2d337b3c0657aedd9646
df83f246643d3cbb2c8e8330464c52a7df2c4c0c681a0c3111eb28fb0a2717a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f163fb2a0fe12499bad23c3e41f23b67c1232c6732206d9cf9908f7445bb7bfe
f3ab04f1fde99a55df30af317ad145f4d782d90045eebc66658c7e93ef96f557
f8a5164230824acc03cf03f834d523b88fc6ff3800ad6f5a6b094a3ac496ed01
f9dcc184bdd1747c90a9de1a6a042d10edf51faecc50c1d0d074206039fa3b0f
fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

d2yghw5qu3v3et.cloudfront.net Open in urlscan Pro 18.164.93.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

53 %IPv6

16 Domains

18 Subdomains

16 IPs

2 Countries

22708 kBTransfer

23470 kBSize

15 Cookies

11 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

d2yghw5qu3v3et.cloudfront.net Open in urlscan Pro
18.164.93.223 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

53 %
IPv6

16
Domains

18
Subdomains

16
IPs

2
Countries

22708 kB
Transfer

23470 kB
Size

15
Cookies

50 HTTP transactions
0 data transactions