d38cu4l7j3gu4c.cloudfront.net Open in urlscan Pro
2600:9000:223f:200:1c:90ee:df00:21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d38cu4l7j3gu4c.cloudfront.net/
Submission: On November 11 via api (November 11th 2024, 10:02:36 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 13 domains to perform 63 HTTP transactions. The main IP is 2600:9000:223f:200:1c:90ee:df00:21, located in United States and belongs to AMAZON-02, US. The main domain is d38cu4l7j3gu4c.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 30th 2024. Valid for: a year.

This is the only time d38cu4l7j3gu4c.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
29	2600:9000:223... 2600:9000:223f:200:1c:90ee:df00:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
10	2600:9000:249... 2600:9000:2491:d400:11:74aa:1f00:21	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223e:5000:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	52.31.224.145 52.31.224.145	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:264... 2600:9000:2646:8800:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
1	52.16.55.91 52.16.55.91	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1 1	52.210.64.198 52.210.64.198	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
2	54.174.101.54 54.174.101.54	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
63	15

29 2600:9000:223f:200:1c:90ee:df00:21 (United States)

ASN16509 (AMAZON-02, US)

d38cu4l7j3gu4c.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2491:d400:11:74aa:1f00:21 (United States)

ASN16509 (AMAZON-02, US)

d25j9kz3kxbgcc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223e:5000:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.224.145 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-224-145.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:8800:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.55.91 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-55-91.eu-west-1.compute.amazonaws.com

bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.64.198 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-64-198.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.174.101.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-101-54.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	cloudfront.net d38cu4l7j3gu4c.cloudfront.net d25j9kz3kxbgcc.cloudfront.net	1 MB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2568	65 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 243 bbg.demdex.net — Cisco Umbrella Rank: 149474	2 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 170	860 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1731 mab.chartbeat.com — Cisco Umbrella Rank: 2733	35 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1492	401 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1314	862 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 77	12 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1371	490 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 195254	277 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	110 KB
63	13

	Domain	Requested by
29	d38cu4l7j3gu4c.cloudfront.net	d38cu4l7j3gu4c.cloudfront.net
10	d25j9kz3kxbgcc.cloudfront.net	d38cu4l7j3gu4c.cloudfront.net
4	script.crazyegg.com	d38cu4l7j3gu4c.cloudfront.net script.crazyegg.com
3	sb.scorecardresearch.com	1 redirects d38cu4l7j3gu4c.cloudfront.net
3	dpm.demdex.net	1 redirects d38cu4l7j3gu4c.cloudfront.net
2	www.facebook.com	d38cu4l7j3gu4c.cloudfront.net
2	ping.chartbeat.net	d38cu4l7j3gu4c.cloudfront.net
2	connect.facebook.net	d38cu4l7j3gu4c.cloudfront.net connect.facebook.net
2	static.chartbeat.com	d38cu4l7j3gu4c.cloudfront.net
2	tags.tiqcdn.com	d38cu4l7j3gu4c.cloudfront.net
2	www.youtube.com	d38cu4l7j3gu4c.cloudfront.net www.youtube.com
1	mab.chartbeat.com	static.chartbeat.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	d38cu4l7j3gu4c.cloudfront.net
1	bbg.demdex.net	d38cu4l7j3gu4c.cloudfront.net
1	www.googletagmanager.com	d38cu4l7j3gu4c.cloudfront.net
63	16

This site contains links to these domains. Also see Links.

Domain
www.ozodi.org
www.facebook.com
twitter.com
www.youtube.com
ok.ru
www.instagram.com
rus.azattyk.org
news.google.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
script.crazyegg.com Cloudflare Inc ECC CA-3	`2024-08-02` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-20` - `2024-11-18`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://d38cu4l7j3gu4c.cloudfront.net/
Frame ID: CB2A0BDE9077C367D7B93C43762FFD21
Requests: 62 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 73679E2C68C4BCE01EF9F4CD400DA768
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Радио Озоди

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

63
Requests

95 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

1416 kB
Transfer

2160 kB
Size

13
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ozodi.org/
Title: Тоҷикӣ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/radio.ozodi

Search URL Search Domain Scan URL

URL: https://twitter.com/RadioiOzodi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/Ozodivideo

Search URL Search Domain Scan URL

URL: https://ok.ru/radioiozodi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radioiozodi/?hl=en

Search URL Search Domain Scan URL

URL: https://rus.azattyk.org/a/33194051.html
Title: «Ваш паспорт будет уничтожен».Мигрантов начали лишать гражданства России за отказ воевать

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqKAgKIiJDQklTRXdnTWFnOEtEWEoxY3k1dmVtOWthUzV2Y21jb0FBUAE?hl=ru&gl=RU&ceid=RU%3Aru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735

Request Chain 44

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 49

https://cm.everesttech.net/cm/dd?d_uuid=21811391533963213944058614278606971977 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzHWLQAAAN6WTQN-

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d38cu4l7j3gu4c.cloudfront.net/ 76 KB
76 KB 1067ms
928ms Document
text/html 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

99a17ef9c3022bb28904872ed338a13537561a253e307e11dfa4428d14c8fb04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: must-revalidate, max-age=16
content-language: ru
content-type: text/html; charset=utf-8
date: Mon, 11 Nov 2024 10:02:18 GMT
expires: Mon, 11 Nov 2024 10:02:34 GMT
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-amz-cf-id: aMptq4-sMGtZp-8RFezVq5dlDTLgu4y2vQbDvdAPRr4Rak2Xm12YLw==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 RFE-ru-TJ.css
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/ 291 KB
292 KB 509ms
508ms Stylesheet
text/css 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7fe63cded50c383b988b4c9829d62db5919685538974dac20096e33bf20a1048

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, no-transform, max-age=1555823
x-content-type-options: nosniff
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
expires: Fri, 29 Nov 2024 10:12:41 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 6_CNkohEApkA7nsqCp6TRvc6Ytj6EYpB7LgNAbpwzw7Uw4bR7Vkgnw==
date: Mon, 11 Nov 2024 10:02:18 GMT
x-xss-protection: 1; mode=block
content-type: text/css
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 utag.sync.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 3 KB
4 KB 447ms
444ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.sync.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ed21406ab39a313ffe9443eb455c32f7fa26a36e14135058cb1000ae8ca53e66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=300
etag: "ded51cf33b1b5cc1c3dfe71afcf30b30:1727201861.29631"
age: 299
via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: jyS23eGPpcy3tUtkJLBbTMsM8Md0TmdtRp-Vc-gwzmwwFaDFbPR-Eg==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 157ms
30ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: br
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
x-content-type-options: nosniff
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
expires: Mon, 11 Nov 2024 10:02:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: require-trusted-types-for 'script'
cache-control: private, max-age=0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
x-xss-protection: 0
server: ESF

GET
H2 200 infographics.b Show response
d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/ 4 KB
4 KB 364ms
361ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.0.0.0&cb=347

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, no-transform, max-age=1555843
x-content-type-options: nosniff
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.0.0.0&cb=347
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
expires: Fri, 29 Nov 2024 10:13:01 GMT
x-cache: Miss from cloudfront
content-length: 3943
x-ua-compatible: IE=edge
date: Mon, 11 Nov 2024 10:02:18 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-id: uk6hK-ugiGZhgDsH9fzgAfWPFNrvZfPvtrS1Nz_UcaiwgVVBkB-yxw==

GET
H2 200 loader.b Show response
d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/ 72 KB
73 KB 513ms
510ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/loader.b?v=30VQUiWXosHphOp_Ev4exf9-Zblp1cWYM6kwdEz_V7o1?&av=0.0.0.0&cb=347

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6ba55c504092ca8d4a8246ca0a4cb63fa7f9292c84305f0e5646bf55690c3dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, no-transform, max-age=1555801
x-content-type-options: nosniff
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Scripts/responsive/loader.b?v=30VQUiWXosHphOp_Ev4exf9-Zblp1cWYM6kwdEz_V7o1?&av=0.0.0.0&cb=347
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
expires: Fri, 29 Nov 2024 10:12:19 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: DLfkwEudquERbgrohh_ftxupHJiSdDVAUTiaoJapmsn3ELAWlz331g==
date: Mon, 11 Nov 2024 10:02:18 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript; charset=utf-8
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 Skolar-Lt_Cyrl_v2.4.woff
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/ 33 KB
33 KB 457ms
456ms Font
application/font-woff 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://d38cu4l7j3gu4c.cloudfront.net
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:02:18 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: Non64cL5XjpPVeAMxjwD3WWY3FyaRThhipqy1x7qyDokJHNpEv2v5g==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: application/font-woff
last-modified: Mon, 14 Oct 2024 10:14:15 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 33340
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/ 40 KB
41 KB 567ms
566ms Font
application/font-woff 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://d38cu4l7j3gu4c.cloudfront.net
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:02:18 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: TY7NvBxb931vKD_7foHML3ldOdkuzeQBC-RHh0oE1uc1AI4hzU5HAw==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: application/font-woff
last-modified: Wed, 04 Sep 2024 13:59:25 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 41216
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 sectionversioncss
d38cu4l7j3gu4c.cloudfront.net/api/customization/ 109 B
626 B 364ms
363ms Stylesheet
text/css 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/api/customization/sectionversioncss?sectionversionid=6199&cv=3

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d69fb1faa6eb062736fea44ede6a6544f7a473fa6edddf6bec6035d1f18d1dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=462224
x-content-type-options: nosniff
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/api/customization/sectionversioncss?sectionversionid=6199&cv=3
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
expires: Sat, 16 Nov 2024 18:26:02 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 0T5NXFQ3JIvhqtrAcllJzvI-Z-yHXzbsrxLEYyJ-QDpqs3upsp7hIw==
date: Mon, 11 Nov 2024 10:02:18 GMT
x-xss-protection: 1; mode=block
content-type: text/css; charset=utf-8
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-compact.svg
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/ 4 KB
4 KB 434ms
433ms Image
image/svg+xml 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/logo-compact.svg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

59d4778de65a3d3b310ba31ecce0b5434a076cc888ea9fa48297c146d6548ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 18:07:51 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: wnEigzqHSxMsoE9SuATKhOPZR8ARTJfrl_AlHHWptnBJHqQlqPYnNA==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 10:14:14 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=893133
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/img/logo-compact.svg
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 3958
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo.svg
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/ 4 KB
4 KB 418ms
418ms Image
image/svg+xml 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/logo.svg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

15c2d80eab8ae829c1f5d3aa7cde3473ffe91bb0f95c1afa227ffa3e07049309

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Sun, 24 Nov 2024 14:40:54 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: QcEsaPxfAKW4h6hmAv7MU3wLTJ6zzbURy0NquL74PXkjxF9SIPHETQ==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: image/svg+xml
last-modified: Wed, 23 Oct 2024 10:38:46 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=1139916
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/img/logo.svg
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 3907
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-print.gif
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/ 3 KB
3 KB 151ms
150ms Image
image/gif 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/logo-print.gif

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

036c7d2b7e1c58ba92c739c5b5ebf6d6a1a57afb5f4703e432d625ebc1b8ac06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: public, max-age=769871
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/img/logo-print.gif
x-content-type-options: nosniff
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
expires: Wed, 20 Nov 2024 07:53:29 GMT
accept-ranges: bytes
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: OJmVgz0W3T50lI6-VopovmHeUFIwUHHU9k10e2ZnVRyc0pbzSPKakw==
date: Mon, 11 Nov 2024 10:02:18 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 logo-print_color.png
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/ 6 KB
6 KB 162ms
161ms Image
image/png 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/logo-print_color.png

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

77f0b90e32a5e7759924148effb8884fcd98a03b430b0fe447c010820b142635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Mon, 25 Nov 2024 09:43:31 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: LFtPUCdg_EHBR7-k7P1RFUrKivRrpwG-g3jgNaRAwwLz5K5ZDdflbw==
date: Mon, 11 Nov 2024 10:02:18 GMT
content-type: image/png
last-modified: Wed, 04 Sep 2024 13:59:20 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=1208473
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/img/logo-print_color.png
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 5792
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 serviceWorkerInstall.js Show response
d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/ 2 KB
2 KB 149ms
141ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/serviceWorkerInstall.js?cb=347

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdf53f7b7c4ecebf2c33cdc82fe9bf7daaf58b9dd6cad415fc9623f3a0852afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 10:11:07 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: x_Bb25QvMOVR8dDbJ0rRCGGmGpATAaOLhiy4iIPf357dOXiANPkzfQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
last-modified: Wed, 30 Oct 2024 08:47:59 GMT
strict-transport-security: max-age=31536000
cache-control: public, no-transform, max-age=1555728
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Scripts/responsive/serviceWorkerInstall.js?cb=347
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 1573
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 conf.js Show response
d38cu4l7j3gu4c.cloudfront.net/ 3 KB
4 KB 169ms
165ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/conf.js?x=347

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

087a885df76843f283b43da7ada4d28d6ad1b7b8cedbbdaddd4e7617065b4f7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 10:15:18 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 0Qe93El_V9lc6ftFcUUfxIH1zcrC9TcAW5q-9Vh5YPotlZIWUmkiKg==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=31536000
cache-control: public, max-age=1555980
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/conf.js?x=347
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 3526
x-xss-protection: 1; mode=block
content-language: ru
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 348 KB
110 KB 126ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a39bec3791cb038fc00fdf7cce7b50a8816f64f796ef13ec98d24f58f06b657

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 11 Nov 2024 10:02:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 11 Nov 2024 09:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 111746
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 utag.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 113 KB
114 KB 155ms
154ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 690f22e318566db67f8be0427ea16c55cb4c525327994a5b5466187089c06389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=300
etag: "e80f15f5b5cf77428f8af924e655a27a:1727201861.418255"
age: 186
via: 1.1 ade0cadf195b634f1ce60fe31eb474a2.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: A5eOfKW4K4ttkYXWAbwnM0FzFbakn90FeBdh_i_EqkbcROVzRk3QZQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 icons-font-1722858121855.woff
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/ 18 KB
19 KB 323ms
322ms Font
application/font-woff 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/fonts/icons-font-1722858121855.woff

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fd62d66650a4e8b3b06d011165945de993696f6e7c4a7a944ba64a314a9c2bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://d38cu4l7j3gu4c.cloudfront.net
Referer: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Response headers

x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:02:19 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 7ygK3DsSd2iqIkd2bO1imVsg3wA0o8b1IOW2hGOWD81hpte0g1WpDw==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/font-woff
last-modified: Wed, 23 Oct 2024 10:38:49 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/fonts/icons-font-1722858121855.woff
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 18628
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 icons-custom.woff
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/ 2 KB
2 KB 158ms
158ms Font
application/font-woff 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/img/icons-custom.woff?cb=10

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b2589acc09d8b5ee8b82d1779c2527bf0aec46e9e4d5fa456b6a6a6951a11eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://d38cu4l7j3gu4c.cloudfront.net
Referer: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Response headers

x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 10:02:19 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 0S0W1ccfxOmgrQumGIx1Lx-AuAJcthi3mMkMFc04k_KcFP96iPKULQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/font-woff
last-modified: Wed, 30 Oct 2024 08:47:59 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=2592000
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/ru-TJ/img/icons-custom.woff?cb=10
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 1580
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 image-placeholder.svg
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/img/ 709 B
1 KB 185ms
185ms Image
image/svg+xml 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/img/image-placeholder.svg?cb=0

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/ru-TJ/RFE-ru-TJ.css?&av=0.0.0.0&cb=347

Response headers

x-content-type-options: nosniff
expires: Sat, 16 Nov 2024 15:42:01 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: WpeBDnIs60LJOGon9BmOVUrnvu2rElcw5QLV9-_NFStuOc0e8pmH6A==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 10:14:15 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=452382
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/img/image-placeholder.svg?cb=0
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 709
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/baafab19/www-widgetapi.vflset/ 30 KB
10 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/baafab19/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: br
age: 3255
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 09:08:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 11 Nov 2024 09:08:04 GMT
last-modified: Wed, 06 Nov 2024 05:17:00 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
content-length: 10157
x-xss-protection: 0
server: sffe

GET
H2 200 res Show response
d38cu4l7j3gu4c.cloudfront.net/ 46 KB
47 KB 167ms
167ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=347&dependencies=prog_install_prompt,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/loader.b?v=30VQUiWXosHphOp_Ev4exf9-Zblp1cWYM6kwdEz_V7o1?&av=0.0.0.0&cb=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5e3ec10ee722aeae227fe501ca29bd9612eea93e69759a0746994b239d969896

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 10:12:55 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: HsNtZLOw2vH7-EWoUfZJrCzfX1BfPMPnNrNh8XjBU3aop6VOhCn_JQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript; charset=utf-8
strict-transport-security: max-age=31536000
cache-control: public, no-transform, max-age=1555836
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/res?callback=_resourceLoaderReceiver_0&x=347&dependencies=prog_install_prompt,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 47266
x-xss-protection: 1; mode=block
content-language: ru
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 00200000-0aff-0242-b715-08dac3bb9714_w650_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 69 KB
70 KB 556ms
289ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/00200000-0aff-0242-b715-08dac3bb9714_w650_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

c7d0113fea4b32db071584a1ff1abab52148818201c4a1861e942e51671c077f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2575897
etag: "122037"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Wed, 11 Dec 2024 05:33:56 GMT
x-cache: Miss from cloudfront
content-length: 70898
x-amz-cf-id: I-yebCPgFuX_hO3vFOwfC5JONnf59ZOmuPwVJ9CJR6SKYJDE1E8bNA==
x-serial: 422
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Mon, 11 Nov 2024 05:34:31 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 13bf9619-1955-4de9-a8c4-14cc84ede5b8_cx0_cy3_cw0_w144_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 4 KB
4 KB 356ms
89ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/13bf9619-1955-4de9-a8c4-14cc84ede5b8_cx0_cy3_cw0_w144_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7722a454ad1aeb3f94473cb43d4eafcb5d2042c747ff1ccf8dc0e742f00d327b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2326328
etag: "9062"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Sun, 08 Dec 2024 08:14:27 GMT
x-cache: Miss from cloudfront
content-length: 4054
x-amz-cf-id: TvGxZU052fqY70plyTinkpT-Uv67N2sVfaosg-1d44OocfD9bifd5w==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Fri, 08 Nov 2024 08:13:19 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 eb084543-d689-4a5c-bd43-90b59658cff4_cx0_cy6_cw0_w144_r1.jpeg
d25j9kz3kxbgcc.cloudfront.net/ 5 KB
5 KB 404ms
137ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/eb084543-d689-4a5c-bd43-90b59658cff4_cx0_cy6_cw0_w144_r1.jpeg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

983716e60cbd792bdc8371c37c0f5a4b50d20317df7d213fd2b5fb44106e14f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2325769
etag: "8151"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Sun, 08 Dec 2024 08:05:08 GMT
x-cache: Miss from cloudfront
content-length: 4899
x-amz-cf-id: y_BGMBlskO3DwAtskuSt8tB2bqPtO4wcFTpVUmVQlXjLvwmXeWimzw==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Fri, 08 Nov 2024 08:05:04 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 f897a44d-236f-49b2-bafc-5e473be164bb_w144_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 5 KB
6 KB 345ms
78ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/f897a44d-236f-49b2-bafc-5e473be164bb_w144_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

92bd9c688e769099bcc76ca74e23e9b49d426094e3f7c6507b35ef224b3f44b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2247179
etag: "8927"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Sat, 07 Dec 2024 10:15:18 GMT
x-cache: Miss from cloudfront
content-length: 5260
x-amz-cf-id: 915KJ6UsCG9EflM-FJzgWTu41lWM4czXN2w02cDmdTdTP9XrZwhNxA==
x-serial: 2033
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Thu, 07 Nov 2024 10:16:13 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 5ed3d4d6-da04-4435-a67c-351bdaaec3c4_cx0_cy18_cw0_w144_r1.png
d25j9kz3kxbgcc.cloudfront.net/ 28 KB
29 KB 343ms
77ms Image
image/png 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/5ed3d4d6-da04-4435-a67c-351bdaaec3c4_cx0_cy18_cw0_w144_r1.png

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

9a4071d916940a17e1f5c5012c0890e6638bc6ed3de7621bc2ae6e68d2f2f334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2230505
etag: "35941"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Sat, 07 Dec 2024 05:37:24 GMT
x-cache: Miss from cloudfront
content-length: 28894
x-amz-cf-id: j7UJPzwsVwdreD7aoAcRUKT0Vnj7YeLIZrqNhiHFVpH80rO2EgghWw==
x-serial: 1158
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/png
last-modified: Thu, 07 Nov 2024 05:35:58 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 12aef699-96bc-47d7-8c24-b7d6e54424f7_w144_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 5 KB
6 KB 357ms
90ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/12aef699-96bc-47d7-8c24-b7d6e54424f7_w144_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

97bf6128500dea363bc137bce0f69f4d0bdbb802a64b004eeea3dbcd78bd73a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2227735
etag: "11632"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Sat, 07 Dec 2024 04:51:14 GMT
x-cache: Miss from cloudfront
content-length: 5620
x-amz-cf-id: kb2xZZR1M5SXritA7S2yH8F4V1Jz50Sq7bW8RgbIoBtksAH8z4CXJw==
x-serial: 1042
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Thu, 07 Nov 2024 04:51:23 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 bf720ceb-cc34-4e33-a59a-b7581630dea5_w408_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 24 KB
25 KB 275ms
52ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/bf720ceb-cc34-4e33-a59a-b7581630dea5_w408_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

d3d4cf5698d244452aa35f9be18147cd80f6f41853fd8fb5c2506ac319606bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2176369
etag: "40259"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Fri, 06 Dec 2024 14:35:08 GMT
x-cache: Miss from cloudfront
content-length: 24965
x-amz-cf-id: -V-K6ShDifGMyvZp7qk4AakrOgrp9Eu_-ERGKNqNvXSKKLoB2ElXKQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Wed, 06 Nov 2024 14:36:01 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 07d2ce3f-866c-4b1e-8d4d-e7e7a8d23133_w408_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 26 KB
26 KB 273ms
50ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/07d2ce3f-866c-4b1e-8d4d-e7e7a8d23133_w408_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

193ee695b305347e97e4497c492e88433827cbc31526fffb0a427396b3af0d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=1973112
etag: "48528"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Wed, 04 Dec 2024 06:07:31 GMT
x-cache: Miss from cloudfront
content-length: 26290
x-amz-cf-id: 1qgDHNYqftObBnewbRDgA_iVmycO5m8JjxmqU-22wSfEh_HUMC_SWA==
x-serial: 178
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 06:07:51 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 01000000-0aff-0242-2455-08dca71649b7_cx0_cy10_cw0_w408_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 34 KB
34 KB 311ms
88ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/01000000-0aff-0242-2455-08dca71649b7_cx0_cy10_cw0_w408_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0d947e4848dabfddb34549f2203cf48f29bee6256714a390ac3027228c9d2aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=2181614
etag: "63064"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Fri, 06 Dec 2024 16:02:33 GMT
x-cache: Miss from cloudfront
content-length: 34642
x-amz-cf-id: MO3LvNYKuWJb9BMvoaqPu-gS0z3VREhyHq1p7xwtH82hWOFMch-2jg==
x-serial: 817
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Wed, 06 Nov 2024 16:02:34 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 5cdd4d1f-0178-4500-b975-06763d52cb88_cx3_cy4_cw91_w408_r1.jpg
d25j9kz3kxbgcc.cloudfront.net/ 10 KB
10 KB 264ms
41ms Image
image/jpeg 2600:9000:2491:d400:11:74aa:1f00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d25j9kz3kxbgcc.cloudfront.net/5cdd4d1f-0178-4500-b975-06763d52cb88_cx3_cy4_cw91_w408_r1.jpg

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2491:d400:11:74aa:1f00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

df07762876afee52d6ecd562bf45e19055fccadd24c5ce7aa19c1b35b9104bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000
cache-control: private, no-transform, max-age=1978918
etag: "22656"
via: 1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
expires: Wed, 04 Dec 2024 07:44:17 GMT
x-cache: Miss from cloudfront
content-length: 10026
x-amz-cf-id: lG7pXWgpLi0HQPGut8VEBJBhvyC2p7XIuTdSxGCMr4Dy9dtvXwHUqQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: image/jpeg
last-modified: Mon, 04 Nov 2024 07:44:23 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P7

GET
H2 200 hljson Show response
d38cu4l7j3gu4c.cloudfront.net/ 87 B
601 B 352ms
350ms XHR
application/json 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/hljson

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/Scripts/responsive/loader.b?v=30VQUiWXosHphOp_Ev4exf9-Zblp1cWYM6kwdEz_V7o1?&av=0.0.0.0&cb=347

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/
X-Requested-With: XMLHttpRequest

Response headers

x-content-type-options: nosniff
expires: Mon, 11 Nov 2024 10:06:16 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: CRPaMBdkaLytpFbMC29LLAio6T-jTplbKiVqOGTjcZUcgBbDmMbfgQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
cache-control: max-age=237
pragma: no-cache
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/hljson
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 87
x-xss-protection: 1; mode=block
content-language: ru
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 783ms
7ms Script
application/javascript 2600:9000:223e:5000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202409241817&cb=1731319339698
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:5000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag: "7bc0ee636b3b83484fc3b9348863bd22"
age: 562
x-cache: Hit from cloudfront
x-amz-cf-id: yjVwaQPNAaXL1E2ncaImC1kW3LXVK5_v_-qQ9gCV5b952foVJImtMg==
date: Mon, 11 Nov 2024 09:52:59 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
cache-control: max-age=300
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 utag.53.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 2 KB
2 KB 242ms
224ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84f9a461a78449115f36216577b717affb14b02d8fd1fcdded0f28177a10d757

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "fda70af7fdb48e6db7fa105f28d111b0:1674583555.473531"
via: 1.1 ff2cda2997d759f25d189d4bd5288a18.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: gAADSwA90I_vNJofA-Q5ja9TGS80JeeGLRTBVnycrNXroQwNXUXXXQ==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735

362 B
921 B

45ms
45ms

XHR
application/json

52.31.224.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Server

52.31.224.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

48a28aaa01da28779f83689952feccc48faccd2889784bac41484e138c6f8ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v068-09e1288f9.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: fJ4OMRwFREQ=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://d38cu4l7j3gu4c.cloudfront.net
content-length: 307
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 11 Nov 2024 10:02:20 GMT
content-type: application/json;charset=utf-8
vary: Origin

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1731319339735
dcs: dcs-prod-irl1-1-v068-03e746904.edge-irl1.demdex.com 0 ms
pragma: no-cache
access-control-allow-credentials: true
x-tid: AOTyJZCcQzQ=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://d38cu4l7j3gu4c.cloudfront.net
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 11 Nov 2024 10:02:20 GMT
vary: Origin

GET
H2 200 utag.72.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 88 KB
89 KB 261ms
154ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.72.js?utv=ut4.46.202409241549
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 939fd5a12c222ce8e8c54c5d2da5bd498d5bf6cb23537ffa36b218cd586000bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "1b2bc28211c6f2d75144b25babbc86f0:1727192955.702136"
age: 14
via: 1.1 926b5281e2124486e0c9dadab33d1b9c.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 1vTneF8qpPI1gUkycPoaFnxgXP5eJUwsdEyWw23UV-xcIgR6_tE7WA==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 utag.24.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 10 KB
10 KB 283ms
176ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 56fcca3871493c818f05cbf5654d1a07dfad653a6492f78446176de5641e7eed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "46dc34d1d0cce17fa23d7d03a7d40e60:1674583553.179797"
via: 1.1 a239c31f56936d8dde678cf491dbaa28.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: zqr3jCQ6oTfjZxXnsgnGcuszaI8L8sZI3Hu5OZX_qyHdbmR_Z1XTnA==
date: Mon, 11 Nov 2024 10:02:20 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 utag.7.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 607 B
1017 B 231ms
125ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c18c77ff51fed8d81f2554bfa19929f00fadb2425d733e63435a1b892778ca8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "96a61cbf7fddf75dc152ab461c0d6124:1674583553.418274"
age: 105
via: 1.1 ff2cda2997d759f25d189d4bd5288a18.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: GDmRkQA3VPwa2duf2zASntfuWbJ3b6HrgrJrUy71qHNEABsa5kCo7Q==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 utag.4.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 55 KB
55 KB 265ms
159ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2ae5809a2fdbf9a1b54190020b99a9ebd91c43b985ef4d12b356c80810c37873

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "b4f87f57ed6f740fd0aa988fa689c0df:1674583553.546956"
age: 149
via: 1.1 6600f36fdbb63d37961eb0d99869f3fa.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: TQEjrQl3bFZCzSGG8l-zdasqzxmqz7zaQwUiJ4AyTXg8ozeBkBGZ1Q==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 utag.73.js Show response
d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/ 4 KB
4 KB 231ms
127ms Script
application/javascript 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57d4650b70ba5cf5e838da5d967b3bd2dfe4d324de063f2ae3c3360cc00e63bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=1296000
etag: "b5d8a29c55067666450a256f03096c15:1723232398.326786"
age: 149
via: 1.1 d250acc8f0df4d0f6cf0c8da374c8b8e.cloudfront.net (CloudFront), 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: AkdXlSXUFjQfN9j3sJV_WQTI9nH_wVexre7JpAdjdHDVgz_5r-wLmw==
date: Mon, 11 Nov 2024 10:02:19 GMT
content-type: application/javascript
x-amz-cf-pop: CMH68-P1, FRA56-P5
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 782ms
29ms Script
application/x-javascript 2600:9000:2646:8800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:8800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"6583925f-5f13"
age: 40436
cross-origin-resource-policy: cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
expires: Mon, 11 Nov 2024 22:48:24 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 6vUuiEj5omySLFK978nWn3qdcac7BRhAk4IPenzmhJ98t8ouYokp0Q==
date: Sun, 10 Nov 2024 22:48:24 GMT
content-type: application/x-javascript
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 7 KB
3 KB 746ms
52ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae400114c7392f32f738b53d8bf93d4a6f1689863527694f99f18d3141c05833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: HIT
age: 30667
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:20 GMT
content-type: text/javascript
last-modified: Mon, 11 Nov 2024 01:31:13 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8e0d72377c31dc94-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2483
ce-version: 11.5.306
server: cloudflare

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 707ms
29ms Script
application/x-javascript 2600:9000:2646:8800:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:8800:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: max-age=86400
content-encoding: gzip
etag: W/"665fac50-11d74"
age: 40395
cross-origin-resource-policy: cross-origin
via: 1.1 98559aba51e0c88c6e74c88152fb63ae.cloudfront.net (CloudFront)
expires: Mon, 11 Nov 2024 22:49:05 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: 4dxJQlMrfsqRDH0cvNSyAprw_p7Eql4dnRy4Fgi_9NPgVFJ3k6snEQ==
date: Sun, 10 Nov 2024 22:49:05 GMT
content-type: application/x-javascript
last-modified: Wed, 05 Jun 2024 00:07:44 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
vary: Accept-Encoding

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 670ms
31ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-2yWLqrHd' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-2yWLqrHd' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4773, tp=15, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: cRRAT5YUgQxo8AwD17SnOwTNumpHVfkzmQieSPGOa87kgRnIESFEvKL/UBD6yWUQjXy7nzy2zFpjgicdtL1ZPg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62105
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
376 B

24ms
23ms

Script
text/javascript

18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/
Protocol: H2
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

vary: accept-encoding
cache-control: max-age=86400
etag: "d41d8cd98f00b204e9800998ecf8427e"
age: 27334
via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: 9k9ELEf4KIX3chJTe92hQgl4S_vscKYcTP2ASiwWMbPci5EgvkJU6w==
date: Mon, 11 Nov 2024 02:26:47 GMT
content-type: text/javascript
last-modified: Thu, 10 Oct 2024 18:18:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-c2/default/cs.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: ppP4af4zy4Wec9pJ2duSD_hhob3McEAsGIgtR3SPTo2ZT84dJHSnqg==
date: Mon, 11 Nov 2024 10:02:20 GMT
x-amz-cf-pop: FRA56-P11

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 574ms
54ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1731319340191&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%9E%D0%B7%D0%BE%D0%B4%D0%B8&c7=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&c9=
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

via: 1.1 cbad29402e4e90baabe7151c3f1203b6.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: M-UYnuXLcII4qU-42Vhc6X80lPXfVnFkGcKGDE9GjLtd3KVIjSENHg==
date: Mon, 11 Nov 2024 10:02:20 GMT
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
430 B 265ms
9ms Script
application/javascript 2600:9000:223e:5000:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202409241817&cb=1731319340218
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:5000:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag: "7bc0ee636b3b83484fc3b9348863bd22"
age: 562
x-cache: Hit from cloudfront
x-amz-cf-id: tnu_R_KeFX1KQiK2ejKoSak_EMvKbREofNdpoPM_l1wlYt74KzNSaQ==
date: Mon, 11 Nov 2024 09:52:59 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
cache-control: max-age=300
via: 1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 2
x-amz-cf-pop: FRA56-P4
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 dest5.html
bbg.demdex.net/ Frame 7367 0
0 784ms
39ms Document
text/html 52.16.55.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.16.55.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-16-55-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d38cu4l7j3gu4c.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 11 Nov 2024 10:02:21 GMT
dcs: dcs-prod-irl1-1-v068-01c0191b0.edge-irl1.demdex.com 2 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Tue, 5 Nov 2024 08:44:10 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 7sNaIxFfRzY=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
277 B 618ms
28ms XHR
application/x-javascript 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=21830093994611964574061250524814056082&ts=1731319340626

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://d38cu4l7j3gu4c.cloudfront.net
p3p: CP="This is not a P3P policy"
content-length: 2
date: Mon, 11 Nov 2024 10:02:21 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=ZzHWLQAAAN6WTQN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21811391533963213944058614278606971977
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzHWLQAAAN6WTQN-

42 B
720 B

38ms
37ms

Image
image/gif

52.31.224.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzHWLQAAAN6WTQN-

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Server

52.31.224.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-224-145.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcscanary-prod-irl1-1-v084-095ae8c66.edge-irl1.demdex.com 3 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: USNgOZZCQHs=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZzHWLQAAAN6WTQN-
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Mon, 11 Nov 2024 10:02:21 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 179 B
510 B 874ms
128ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.tajik.russian&domain=d38cu4l7j3gu4c.cloudfront.net&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 73aee2b835eb0e29e8662cd9910b79f58c5db5b83f1a27fc75b67551707f8a3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: gzip
age: 0
expires: Sat, 09 Nov 2024 10:02:21 GMT
x-cache: MISS
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: application/json
x-served-by: cache-fra-eddf8230140-FRA
x-cache-hits: 0
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
x-timer: S1731319342.609355,VS0,VE118
cross-origin-resource-policy: cross-origin
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 151

GET
H3 200 765881180477506 Show response
connect.facebook.net/signals/config/ 67 KB
13 KB 83ms
83ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/765881180477506?v=2.9.176&r=stable&domain=d38cu4l7j3gu4c.cloudfront.net&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7dd44f928a60b14645c73ac58228e375a58bb1c40b599ca3efd106451e4325

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-ZKi9Zx4Z' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:20 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-ZKi9Zx4Z' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=24, rtx=0, c=39, mss=1232, tbw=70661, tp=71, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: RWTpPZ+EUvVcEEl/dqDCoS2zXdkq1v/gkn+eY1RsLp4+o/G2ss3oEz5+EYPjP5DG120ETM4YeIlOGufN+j9Qjw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 d38cu4l7j3gu4c.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 122 KB
9 KB 660ms
329ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d38cu4l7j3gu4c.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985327621d91c64dd164e8e2ea4caaa0c24ad7e470e0dc58d1ef56e68f4deeaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: application/json
last-modified: Mon, 11 Nov 2024 10:02:21 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8e0d723a8d1f2c00-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9174
ce-version: 11.5.306
server: cloudflare

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 952ms
91ms Image
image/gif 54.174.101.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.tajik.russian&p=%2F&u=C7r0C7DjumUjCLYyGz&d=d38cu4l7j3gu4c.cloudfront.net&g=62557&g0=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=2812&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&b=3746&t=D6pqndCdCVlzD9fmqoDwH4zAQjr4c&V=147&i=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%9E%D0%B7%D0%BE%D0%B4%D0%B8&tz=-60&sn=1&sv=DLQ2AqtaDw0DHfVz1CucIwMCghUk_&sr=external&sd=1&im=061b2ffa&_
Requested by: Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.174.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-101-54.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 11 Nov 2024 10:02:21 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 1054ms
10ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=765881180477506&ev=PageView&dl=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&rl=&if=false&ts=1731319341196&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1731319341186.82037775866232869&ler=empty&cdl=API_unavailable&it=1731319340867&coo=false&rqm=GET

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=2909, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 11 Nov 2024 10:02:22 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 1229ms
186ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=765881180477506&ev=PageView&dl=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&rl=&if=false&ts=1731319341196&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1731319341186.82037775866232869&ler=empty&cdl=API_unavailable&it=1731319340867&coo=false&rqm=FGET

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7435959952952418705"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:22 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: WC8/L7sMzJIodUL9mcx2N7XyYLCxM0Wxw9JwhDHFRPFN18we8iNJSs8/Jp1idl/CWQ4fFe2uYmo7C+evZvOKUg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7435959952952418705", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1328, tbw=3226, tp=-1, tpl=-1, uplat=154, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 s7898030839092
d38cu4l7j3gu4c.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
570 B 226ms
225ms Image
image/gif 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s7898030839092?AQB=1&ndh=1&pf=1&t=11%2F10%2F2024%2011%3A2%3A21%201%20-60&sdid=5521E729BD660838-1CABA95FBF273093&mid=21830093994611964574061250524814056082&aamlh=6&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Ataj%3Aw%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&g=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&cc=USD&ch=%2F&server=d38cu4l7j3gu4c.cloudfront.net&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&v4=index&v5=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&v6=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&v13=russian-four-column&v15=russian&v16=rferl%20tajik&v17=web&v20=yes&v21=homepage&v23=21830093994611964574061250524814056082&v24=01931aac9a880018c359c773ac8605065002605d00b08&v25=rfe&v27=RFERL%20Tajik-Russian%20Responsive&v29=d38cu4l7j3gu4c.cloudfront.net&v30=442&v31=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&v32=rfe%3Ataj%3Aw%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&v36=8.35.0.0.347&v38=homepage&v50=homepage%20view&v70=2.23.0&v82=view&v85=russian-four-column&v100=2024-11-11%3A11.02%3A%2B01.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Ade-DE&v104=iq&v111=ut4.46.202409241817&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: d38cu4l7j3gu4c.cloudfront.net
URL: https://d38cu4l7j3gu4c.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

etag: 3717979974346801152-4618348769666861470
x-content-type-options: nosniff
expires: Sun, 10 Nov 2024 10:02:21 GMT
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy"
x-amz-cf-id: HznroSj1zftutM6hAn0Iwhqkj1i1gDjGicvr4NN3eCVzPtn0rmpFDA==
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: image/gif;charset=utf-8
last-modified: Tue, 12 Nov 2024 10:02:21 GMT
vary: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 2bd3667e56bed5938b0e3543be0372ae.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 149 KB
51 KB 20ms
19ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/2bd3667e56bed5938b0e3543be0372ae.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5865437904055d59c309e2eaf748cf1fc949e7ac8d41b8e696e78a39cee5b2ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 243433
cf-ray: 8e0d723ca993dc94-FRA
accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 51889
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: text/javascript
last-modified: Mon, 21 Oct 2024 19:10:06 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 d38cu4l7j3gu4c.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 7 KB
2 KB 170ms
170ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d38cu4l7j3gu4c.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/2bd3667e56bed5938b0e3543be0372ae.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d3ab79461495a60cd2e36f06c4cc22cbd6128b304eac3231dbb34913f97f35c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

access-control-expose-headers: CE-Version
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
date: Mon, 11 Nov 2024 10:02:21 GMT
content-type: application/json
last-modified: Mon, 11 Nov 2024 10:02:21 GMT
vary: Accept-Encoding
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8e0d723e1a4868fd-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1469
ce-version: 11.5.306
server: cloudflare

GET
H2 200 favicon.ico
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/img/webApp/ 4 KB
5 KB 158ms
156ms Other
image/x-icon 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 19:41:46 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: 5WLny_4acIJ0PigSS5teksv2LbmPM3l6gMHua6uZ2UmAbmTmCeUzoA==
date: Mon, 11 Nov 2024 10:02:23 GMT
content-type: image/x-icon
last-modified: Mon, 14 Oct 2024 10:14:13 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=898763
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/img/webApp/favicon.ico
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 4414
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 favicon.svg
d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/img/webApp/ 629 B
1 KB 162ms
161ms Other
image/svg+xml 2600:9000:223f:200:1c:90ee:df00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d38cu4l7j3gu4c.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223f:200:1c:90ee:df00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

x-content-type-options: nosniff
expires: Wed, 20 Nov 2024 23:23:56 GMT
x-cache: Miss from cloudfront
x-ua-compatible: IE=edge
x-amz-cf-id: LiAColBTYkk8-jBrAZX0CR_PCeafhklMPiPzT_LURCTAh_BgBT-LnQ==
date: Mon, 11 Nov 2024 10:02:23 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Oct 2024 10:14:13 GMT
strict-transport-security: max-age=31536000
cache-control: public, max-age=825693
onion-location: https://rus.ozodi2hi3mzwzrdx2x6mobi2lel6sisajmjcpcbokxb3aflirifprryd.onion/Content/responsive/RFE/img/webApp/favicon.svg
via: 1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
content-length: 629
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P5
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 108ms
107ms Image
image/gif 54.174.101.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.tajik.russian&p=%2F&u=C7r0C7DjumUjCLYyGz&d=d38cu4l7j3gu4c.cloudfront.net&g=62557&g0=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%BE%D0%B7%D0%BE%D0%B4%D0%B8&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=2812&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&PA=https%3A%2F%2Fd38cu4l7j3gu4c.cloudfront.net%2F&b=3746&t=D6pqndCdCVlzD9fmqoDwH4zAQjr4c&V=147&tz=-60&sn=2&sv=DLQ2AqtaDw0DHfVz1CucIwMCghUk_&sr=external&sd=1&im=061b2ffa&_
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.174.101.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-101-54.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://d38cu4l7j3gu4c.cloudfront.net/

Response headers

expires: 0
cache-control: no-cache, no-store, must-revalidate
content-length: 43
date: Mon, 11 Nov 2024 10:02:35 GMT
pragma: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: Fp7NUHTgm_8
.youtube.com/	1970-01-21 05:14:31	Name: VISITOR_INFO1_LIVE Value: u1O84woiGx4
.youtube.com/	1970-01-21 05:14:31	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgFA%3D%3D
d38cu4l7j3gu4c.cloudfront.net/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.demdex.net/	1970-01-21 05:14:31	Name: demdex Value: 21811391533963213944058614278606971977
.d38cu4l7j3gu4c.cloudfront.net/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.d38cu4l7j3gu4c.cloudfront.net/	1970-01-21 10:24:07	Name: _cb Value: C7r0C7DjumUjCLYyGz
.d38cu4l7j3gu4c.cloudfront.net/	1970-01-21 10:24:07	Name: _chartbeat2 Value: .1731319340875.1731319340875.1.DLQ2AqtaDw0DHfVz1CucIwMCghUk_.1
.d38cu4l7j3gu4c.cloudfront.net/	1970-01-21 00:55:21	Name: _cb_svref Value: external
.d38cu4l7j3gu4c.cloudfront.net/	1970-01-21 03:04:55	Name: _fbp Value: fb.2.1731319341186.82037775866232869
.d38cu4l7j3gu4c.cloudfront.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-21 05:14:31	Name: dpm Value: 21811391533963213944058614278606971977
.d38cu4l7j3gu4c.cloudfront.net/	1970-01-21 10:31:19	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C20039%7CMCMID%7C21830093994611964574061250524814056082%7CMCAAMLH-1731924140%7C6%7CMCAAMB-1731924140%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1731326541s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20046%7CvVersion%7C5.4.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cm.everesttech.net
connect.facebook.net
d25j9kz3kxbgcc.cloudfront.net
d38cu4l7j3gu4c.cloudfront.net
dpm.demdex.net
mab.chartbeat.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
tags.tiqcdn.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
18.244.18.32
2600:9000:223e:5000:7:2bfb:7c00:93a1
2600:9000:223f:200:1c:90ee:df00:21
2600:9000:2491:d400:11:74aa:1f00:21
2600:9000:2646:8800:18:1fcd:354:4b41
2606:4700::6813:9408
2a00:1450:4001:808::200e
2a00:1450:4001:830::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::714
52.16.55.91
52.210.64.198
52.31.224.145
54.174.101.54
63.140.62.17
036c7d2b7e1c58ba92c739c5b5ebf6d6a1a57afb5f4703e432d625ebc1b8ac06
087a885df76843f283b43da7ada4d28d6ad1b7b8cedbbdaddd4e7617065b4f7d
0d947e4848dabfddb34549f2203cf48f29bee6256714a390ac3027228c9d2aa9
15c2d80eab8ae829c1f5d3aa7cde3473ffe91bb0f95c1afa227ffa3e07049309
17b3c384ec1b5ed6df85a810d4ae90a3b58461a35b415a9d20daa2a9bedf20d3
193ee695b305347e97e4497c492e88433827cbc31526fffb0a427396b3af0d11
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2ae5809a2fdbf9a1b54190020b99a9ebd91c43b985ef4d12b356c80810c37873
2d3ab79461495a60cd2e36f06c4cc22cbd6128b304eac3231dbb34913f97f35c
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48a28aaa01da28779f83689952feccc48faccd2889784bac41484e138c6f8ed6
56fcca3871493c818f05cbf5654d1a07dfad653a6492f78446176de5641e7eed
57d4650b70ba5cf5e838da5d967b3bd2dfe4d324de063f2ae3c3360cc00e63bd
5865437904055d59c309e2eaf748cf1fc949e7ac8d41b8e696e78a39cee5b2ba
59d4778de65a3d3b310ba31ecce0b5434a076cc888ea9fa48297c146d6548ad5
5e3ec10ee722aeae227fe501ca29bd9612eea93e69759a0746994b239d969896
690f22e318566db67f8be0427ea16c55cb4c525327994a5b5466187089c06389
6ba55c504092ca8d4a8246ca0a4cb63fa7f9292c84305f0e5646bf55690c3dfb
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
73aee2b835eb0e29e8662cd9910b79f58c5db5b83f1a27fc75b67551707f8a3c
7722a454ad1aeb3f94473cb43d4eafcb5d2042c747ff1ccf8dc0e742f00d327b
77f0b90e32a5e7759924148effb8884fcd98a03b430b0fe447c010820b142635
7fe63cded50c383b988b4c9829d62db5919685538974dac20096e33bf20a1048
84f9a461a78449115f36216577b717affb14b02d8fd1fcdded0f28177a10d757
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7
8a39bec3791cb038fc00fdf7cce7b50a8816f64f796ef13ec98d24f58f06b657
92bd9c688e769099bcc76ca74e23e9b49d426094e3f7c6507b35ef224b3f44b2
939fd5a12c222ce8e8c54c5d2da5bd498d5bf6cb23537ffa36b218cd586000bc
97bf6128500dea363bc137bce0f69f4d0bdbb802a64b004eeea3dbcd78bd73a1
983716e60cbd792bdc8371c37c0f5a4b50d20317df7d213fd2b5fb44106e14f5
985327621d91c64dd164e8e2ea4caaa0c24ad7e470e0dc58d1ef56e68f4deeaa
99a17ef9c3022bb28904872ed338a13537561a253e307e11dfa4428d14c8fb04
9a4071d916940a17e1f5c5012c0890e6638bc6ed3de7621bc2ae6e68d2f2f334
9e7dd44f928a60b14645c73ac58228e375a58bb1c40b599ca3efd106451e4325
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab729c30cf1f421e9f8d2f9d8a6f5981fc906e90da32d5a46c7cbbf251fe8af3
ae400114c7392f32f738b53d8bf93d4a6f1689863527694f99f18d3141c05833
b2589acc09d8b5ee8b82d1779c2527bf0aec46e9e4d5fa456b6a6a6951a11eb2
c18c77ff51fed8d81f2554bfa19929f00fadb2425d733e63435a1b892778ca8a
c7d0113fea4b32db071584a1ff1abab52148818201c4a1861e942e51671c077f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e
d3d4cf5698d244452aa35f9be18147cd80f6f41853fd8fb5c2506ac319606bc2
d69fb1faa6eb062736fea44ede6a6544f7a473fa6edddf6bec6035d1f18d1dde
df07762876afee52d6ecd562bf45e19055fccadd24c5ce7aa19c1b35b9104bf4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
ed21406ab39a313ffe9443eb455c32f7fa26a36e14135058cb1000ae8ca53e66
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd62d66650a4e8b3b06d011165945de993696f6e7c4a7a944ba64a314a9c2bf5
fdf53f7b7c4ecebf2c33cdc82fe9bf7daaf58b9dd6cad415fc9623f3a0852afe
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

d38cu4l7j3gu4c.cloudfront.net Open in urlscan Pro 2600:9000:223f:200:1c:90ee:df00:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

95 %HTTPS

63 %IPv6

13 Domains

16 Subdomains

15 IPs

3 Countries

1416 kBTransfer

2160 kBSize

13 Cookies

8 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d38cu4l7j3gu4c.cloudfront.net Open in urlscan Pro
2600:9000:223f:200:1c:90ee:df00:21 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

95 %
HTTPS

63 %
IPv6

13
Domains

16
Subdomains

15
IPs

3
Countries

1416 kB
Transfer

2160 kB
Size

13
Cookies

63 HTTP transactions
0 data transactions