d1rw5k8sc912xp.cloudfront.net Open in urlscan Pro
2600:9000:2304:d400:a:a1b7:8740:21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d1rw5k8sc912xp.cloudfront.net/
Submission: On September 27 via manual (September 27th 2022, 2:29:01 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 14 domains to perform 61 HTTP transactions. The main IP is 2600:9000:2304:d400:a:a1b7:8740:21, located in United States and belongs to AMAZON-02, US. The main domain is d1rw5k8sc912xp.cloudfront.net.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.

This is the only time d1rw5k8sc912xp.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2600:9000:230... 2600:9000:2304:d400:a:a1b7:8740:21	16509 (AMAZON-02) (AMAZON-02)
8	92.123.36.220 92.123.36.220	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:9a00:11:fbd8:f840:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
11	2600:9000:223... 2600:9000:223d:f800:18:3288:fc00:21	16509 (AMAZON-02) (AMAZON-02)
1 4	54.154.199.204 54.154.199.204	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:223... 2600:9000:223c:4c00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.121.21 13.32.121.21	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::714	54113 (FASTLY) (FASTLY)
1	3.216.39.200 3.216.39.200	14618 (AMAZON-AES) (AMAZON-AES)
1	34.252.39.216 34.252.39.216	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	52.215.56.149 52.215.56.149	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
61	17

16 2600:9000:2304:d400:a:a1b7:8740:21 (United States)

ASN16509 (AMAZON-02, US)

d1rw5k8sc912xp.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 92.123.36.220 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-36-220.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:9a00:11:fbd8:f840:21 (United States)

ASN16509 (AMAZON-02, US)

d2qii21258vzz5.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:223d:f800:18:3288:fc00:21 (United States)

ASN16509 (AMAZON-02, US)

d146ehq26eduy8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.154.199.204 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-199-204.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:4c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.121.21 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-21.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.216.39.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-39-200.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.39.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-39-216.eu-west-1.compute.amazonaws.com

bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.56.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-56-149.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	cloudfront.net d1rw5k8sc912xp.cloudfront.net d2qii21258vzz5.cloudfront.net d146ehq26eduy8.cloudfront.net	1 MB
8	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1002	70 KB
5	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 bbg.demdex.net — Cisco Umbrella Rank: 113833	7 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 1729	41 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 153	777 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1317 mab.chartbeat.com — Cisco Umbrella Rank: 2270	34 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3387 onesignal.com — Cisco Umbrella Rank: 1231	73 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	89 KB
2	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 89620	840 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	53 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 113
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036	517 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1220	201 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	62 KB
61	14

	Domain	Requested by
16	d1rw5k8sc912xp.cloudfront.net	d1rw5k8sc912xp.cloudfront.net
11	d146ehq26eduy8.cloudfront.net	d1rw5k8sc912xp.cloudfront.net
8	tags.tiqcdn.com	d1rw5k8sc912xp.cloudfront.net tags.tiqcdn.com
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	dpm.demdex.net	1 redirects d1rw5k8sc912xp.cloudfront.net tags.tiqcdn.com
3	sb.scorecardresearch.com	1 redirects d1rw5k8sc912xp.cloudfront.net
2	connect.facebook.net	d1rw5k8sc912xp.cloudfront.net connect.facebook.net
2	bbg.sc.omtrdc.net	tags.tiqcdn.com
2	static.chartbeat.com	tags.tiqcdn.com
2	cdn.onesignal.com	d1rw5k8sc912xp.cloudfront.net cdn.onesignal.com
2	www.youtube.com	d1rw5k8sc912xp.cloudfront.net www.youtube.com
1	www.facebook.com	connect.facebook.net
1	cm.everesttech.net	1 redirects
1	bbg.demdex.net	tags.tiqcdn.com
1	ping.chartbeat.net	d1rw5k8sc912xp.cloudfront.net
1	mab.chartbeat.com	static.chartbeat.com
1	onesignal.com	cdn.onesignal.com
1	www.googletagmanager.com	d1rw5k8sc912xp.cloudfront.net
1	d2qii21258vzz5.cloudfront.net	d1rw5k8sc912xp.cloudfront.net
61	19

This site contains links to these domains. Also see Links.

Domain
www.radiomarsho.com
www.facebook.com
www.youtube.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-06` - `2022-10-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://d1rw5k8sc912xp.cloudfront.net/
Frame ID: 0C115FBF38041F7C2970A14E4EC43E4F
Requests: 60 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 0466B7AE205542B3BDCF68E0038BF72E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Кавказ.Реалии

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

61
Requests

95 %
HTTPS

61 %
IPv6

14
Domains

19
Subdomains

17
IPs

5
Countries

1877 kB
Transfer

2967 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.radiomarsho.com/
Title: На чеченском

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KavkazRealii/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCa0Vkb4iSyFGyy8arlz7MCQ

Search URL Search Domain Scan URL

URL: https://twitter.com/kavkaz_realii

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kavkaz.realii/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835

Request Chain 42

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 50

https://cm.everesttech.net/cm/dd?d_uuid=47931254932992329742434821616369820460 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzMIpwAAAHIJ4AMx

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d1rw5k8sc912xp.cloudfront.net/ 100 KB
101 KB 945ms
815ms Document
text/html 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0afb05db268a00c3bd1948c8761763e8db08bed28d60bace504590f6e1f72497

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=56
content-language: ru
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 14:28:53 GMT
expires: Tue, 27 Sep 2022 14:29:49 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-amz-cf-id: BVJcJ8RmZ0hA0hb18PO-h0Nzpe1qO9xKOw2_OJOMzSJxxaY30Ebd5g==
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 RFE-ru-CAU.css
d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/ 302 KB
303 KB 751ms
748ms Stylesheet
text/css 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

6ac9bf5bddd3778c46b318b88b89776b233bd6f9023bf1964a0821df455b2ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:53 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: VIE50-P1
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292
content-type: text/css
expires: Thu, 06 Oct 2022 05:11:52 GMT
cache-control: public, no-transform, max-age=744179
x-cache: Miss from cloudfront
x-amz-cf-id: wWTnsWUFkav0JLMSotNv3uFtmR204Ck6E6fhDZsM0oMKJjRrXtwZSg==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
1 KB 198ms
62ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4d1a00651c28269c37674393b411eeb3daef7884924248081c1def8f580da197

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:53 GMT
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 20:39:04 GMT
server: AkamaiNetStorage
etag: "8b56c5ab8f7e72dbc009b6a97e3ee4d9:1664224744.839722"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1047
expires: Tue, 27 Sep 2022 14:33:53 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 153ms
59ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ba9ddfec9fa85ebafb5402e0c4fce0a30f22f24d0703c642ba305267ce45fa7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 27 Sep 2022 14:28:53 GMT

GET
H2 200 infographics.b Show response
d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/ 4 KB
4 KB 573ms
568ms Script
application/javascript 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=292

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: VIE50-P1
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=292
content-type: application/javascript; charset=utf-8
cache-control: public, no-transform, max-age=744168
x-ua-compatible: IE=edge
x-cache: Miss from cloudfront
content-length: 3943
x-xss-protection: 1; mode=block
x-amz-cf-id: Py_jWhwEWHIzA0I8K6gUWo8iOIfb4we7CbB_556UWUoxrGxLqYQA2Q==
expires: Thu, 06 Oct 2022 05:11:41 GMT

GET
H2 200 loader.b Show response
d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/ 87 KB
88 KB 594ms
589ms Script
application/javascript 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c4b6ef09aa79f173c8b4c5b3ef08295d12a905ebdd15dfbbafcc74bead5f6fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:53 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: VIE50-P1
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
content-type: application/javascript; charset=utf-8
expires: Thu, 06 Oct 2022 05:11:44 GMT
cache-control: public, no-transform, max-age=744171
x-cache: Miss from cloudfront
x-amz-cf-id: 0NdRnGUics-OH7pdwrkcX6hG7cA6wprTVz_G43RqF-pIFt1HUalR3w==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Skolar-Lt_Cyrl_v2.4.woff
d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/ 33 KB
33 KB 557ms
552ms Font
application/font-woff 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
Origin: https://d1rw5k8sc912xp.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 33340
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:07 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:53 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: MgbfgMbC8rISBvfEbd8NW0oPTyNGEdr389Df1mhC8GMLWx8dm9jd6w==
expires: Thu, 27 Oct 2022 14:28:53 GMT

GET
H2 200 sectionversioncss
d1rw5k8sc912xp.cloudfront.net/api/customization/ 989 B
1 KB 664ms
659ms Stylesheet
text/css 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/api/customization/sectionversioncss?sectionversionid=5662&cv=0

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

5e84f90502ac8813c9bf06822fddd11eaa514ff7fe16c016534cfd76e99c7ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: VIE50-P1
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/api/customization/sectionversioncss?sectionversionid=5662&cv=0
content-type: text/css; charset=utf-8
expires: Wed, 05 Oct 2022 09:40:06 GMT
cache-control: max-age=673872
x-cache: Miss from cloudfront
x-amz-cf-id: ulxr7Ge9gOe9kdcI-8Z1r84ZvWjG7mhrdlsA0BAmtYla-6Xkd4GSOg==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 logo-compact.svg
d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/ 6 KB
6 KB 225ms
224ms Image
image/svg+xml 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/logo-compact.svg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

410f67eab332fbbc30474677b7474cee1aaf58051ae966584d4eb815d65ffad7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 5711
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:01 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:54 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/RFE/ru-CAU/img/logo-compact.svg
content-type: image/svg+xml
cache-control: public, max-age=333046
x-amz-cf-id: 4gdE6ZIf7pqXKcl50fm3Peao4EnIiWigVJFtTOlzSOQf1XRvf9s8-A==
expires: Sat, 01 Oct 2022 10:59:40 GMT

GET
H2 200 logo.svg
d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/ 40 KB
40 KB 224ms
220ms Image
image/svg+xml 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/logo.svg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

bd314b35670d05a9dc0b4f755d021e6bf8148876313084800a4b2d973b73509c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 40701
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:01 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:54 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/RFE/ru-CAU/img/logo.svg
content-type: image/svg+xml
cache-control: public, max-age=336902
x-amz-cf-id: VyzQksAEXzH6MgZ6eUTnZMC3-QEFkC8IgYgdKrVrSiuyIjk163Lszw==
expires: Sat, 01 Oct 2022 12:03:56 GMT

GET
H2 200 logo-print.gif
d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/ 5 KB
5 KB 228ms
223ms Image
image/gif 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/logo-print.gif

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2a16311c22471595d08b62641b53648b01c7c6b511d028fefd7989eb8bc3d05d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 4910
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:01 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:54 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/RFE/ru-CAU/img/logo-print.gif
content-type: image/gif
cache-control: public, max-age=333833
accept-ranges: bytes
x-amz-cf-id: acX2abhiCvqr11vr-rCCBkMlEZWgeGx6mapUuxvc8mlFPvYtK8CEvg==
expires: Sat, 01 Oct 2022 11:12:47 GMT

GET
H2 200 logo-print_color.png
d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/ 5 KB
6 KB 221ms
217ms Image
image/png 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/img/logo-print_color.png

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

b5f555588a39e7f08f9cd7026c1e3b732548875ca8378852154aa5177f1948d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 5145
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:01 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:54 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/RFE/ru-CAU/img/logo-print_color.png
content-type: image/png
cache-control: public, max-age=334170
accept-ranges: bytes
x-amz-cf-id: Hhb9vF7OzhHAwVL8JH79naIcJdJDeaFgeAm6W-8jJYz1CzmEBCoFdw==
expires: Sat, 01 Oct 2022 11:18:24 GMT

GET
H2 200 banners-styles.css
d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/ 4 KB
1 KB 152ms
46ms Stylesheet
text/css 2600:9000:223c:9a00:11:fbd8:f840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/banners-styles.css

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:9a00:11:fbd8:f840:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
etag: "0ba49726b9ed31:0"
x-amz-cf-pop: FRA56-P2
x-cache: RefreshHit from cloudfront
content-length: 849
access-control-allow-origin: *
last-modified: Mon, 05 Feb 2018 10:24:04 GMT
server: Microsoft-IIS/8.5
date: Tue, 27 Sep 2022 14:28:54 GMT
vary: Accept-Encoding
content-type: text/css
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: vdEVqQTnQ-NgZ-SYmqXUGtpomPEHIbTo1eI8U7EYq5UiDlebMPxuPw==
expires: Thu, 27 Oct 2022 14:28:54 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 134ms
52ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514edb27f63916e-FRA
date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 386
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 30 Sep 2022 14:28:54 GMT

GET
H2 200 conf.js Show response
d1rw5k8sc912xp.cloudfront.net/ 5 KB
6 KB 266ms
265ms Script
application/javascript 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/conf.js?x=292

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

69ae6e1276a39f74b03603773d4dad355f54c8e36e0ade87773a8b59b8c54989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-length: 5566
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/conf.js?x=292
content-language: ru
cache-control: public, max-age=744121
content-type: application/javascript; charset=utf-8
x-amz-cf-id: dZvdljlNNBd7yltwOdxBYRlneZcMQnElehNAkW2rSonz-RlXj7v2KA==
expires: Thu, 06 Oct 2022 05:10:55 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/bd1343fa/www-widgetapi.vflset/ 156 KB
52 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/bd1343fa/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae94172fecb9819a939650b1e726452790c63f610638a26218b23fa6f81bf353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:50:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52500
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 27 Sep 2023 13:50:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
62 KB 135ms
45ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

98b496bef8b16d7093362e722e359b484372087147aa08c93f7c67374247ab11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62569
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Sep 2022 14:28:54 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 84 KB
27 KB 59ms
57ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 537c79159c6d673e3cf4d9c53dfd40236159a1e16a11dd20ffb6e7a483239b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: gzip
last-modified: Mon, 26 Sep 2022 20:39:05 GMT
server: AkamaiNetStorage
etag: "d1162ad3d428a1c422761b49017d2128:1664224745.017094"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 27063
expires: Tue, 27 Sep 2022 14:33:54 GMT

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/ 40 KB
41 KB 236ms
233ms Font
application/font-woff 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292
Origin: https://d1rw5k8sc912xp.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-length: 41216
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 09 May 2022 06:32:24 GMT
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: HRbovODh9hNnkXVS1sGth_H5nEjCa1Ah5b2tOvvhGEG9Q4Do2Kci6Q==
expires: Thu, 27 Oct 2022 14:28:54 GMT

GET
H2 200 icons-font-1661417065025.woff
d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/ 17 KB
18 KB 228ms
226ms Font
application/font-woff 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/fonts/icons-font-1661417065025.woff

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292
Origin: https://d1rw5k8sc912xp.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 17808
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 25 Aug 2022 13:57:51 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:54 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/fonts/icons-font-1661417065025.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: DM9F3tGKIcebM6pUmNc6HSBvyx3nurRhKQKbqYLwjyeS1q4FqUJvvg==
expires: Thu, 27 Oct 2022 14:28:54 GMT

GET
H2 200 res Show response
d1rw5k8sc912xp.cloudfront.net/ 51 KB
52 KB 564ms
563ms Script
application/javascript 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

464d2843180d5268ac6b953c5fee415d4ff3b2d94d0a353c2ae67aae7b7f2085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: VIE50-P1
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20
content-language: ru
cache-control: public, no-transform, max-age=744483
x-ua-compatible: IE=edge
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: RaxiDRIB8REIan_dmCwiznDOC8_tviUQI6jsiZ4NT1m_aymUVE71Fw==
x-xss-protection: 1; mode=block
expires: Thu, 06 Oct 2022 05:16:58 GMT

GET
H2 200 072c0000-0aff-0242-fa3b-08da37f6a9e8_w1232.jpg
d146ehq26eduy8.cloudfront.net/ 40 KB
40 KB 174ms
65ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/072c0000-0aff-0242-fa3b-08da37f6a9e8_w1232.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

dd87aaf9b5abe5ff2e73527f283f1e68424383c8b6d7c4fdc1a12095a233a487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-serial: 552
x-amz-cf-pop: FRA56-P3
etag: "57480"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2437524
last-modified: Tue, 17 May 2022 11:18:40 GMT
content-length: 40529
x-amz-cf-id: lm0XuLAyzsQbYtv6jpYNM50jajb3Gsr03htEKlfFoeyMlpKvN3jh-w==
server: Akamai Image Manager
expires: Tue, 25 Oct 2022 19:34:18 GMT

GET
H2 200 image-placeholder.svg
d1rw5k8sc912xp.cloudfront.net/Content/responsive/img/ 709 B
1 KB 448ms
448ms Image
image/svg+xml 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/img/image-placeholder.svg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/Content/responsive/RFE/ru-CAU/RFE-ru-CAU.css?&av=0.1.0.0&cb=292
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: RefreshHit from cloudfront
content-length: 709
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Mon, 08 Aug 2022 13:53:08 GMT
server: nginx/1.18.0 (Ubuntu)
date: Tue, 27 Sep 2022 14:28:55 GMT
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/Content/responsive/img/image-placeholder.svg
content-type: image/svg+xml
cache-control: public, max-age=332969
x-amz-cf-id: Sp0sPhEBR9fCHrTrHyDb5Mx_UJ4I86fsSS8tI5hHc8qlXYBCVgqE5g==
expires: Sat, 01 Oct 2022 10:58:24 GMT

GET
H2 200 B83F8BD5-41FA-4A1D-8465-5E3899BD8352.png
d146ehq26eduy8.cloudfront.net/ 88 KB
89 KB 242ms
137ms Image
image/png 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/B83F8BD5-41FA-4A1D-8465-5E3899BD8352.png

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

47b956bc72783b02e59485a968bc846e6fb61044a27a73130ac3860090fc79cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: "90162"
gdb-fall-back: false
x-cache: RefreshHit from cloudfront
content-type: image/png
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
cache-control: public, max-age=866577
date: Tue, 27 Sep 2022 14:28:54 GMT
content-length: 90162
x-xss-protection: 1; mode=block
x-amz-cf-id: ZBClGqBULcDkG5jFJjablzc_9UrMoAZ7SCXvkZjuiB1_O65wNnRO9Q==
expires: Fri, 07 Oct 2022 15:11:51 GMT

GET
H2 200 7e4e966d-7b81-41e4-b2c9-654e054b7664.jpg
d146ehq26eduy8.cloudfront.net/ 94 KB
94 KB 265ms
164ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/7e4e966d-7b81-41e4-b2c9-654e054b7664.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7c7f47d91058fefb0dfc53691852eb6b00ca48dedcf3321cbc56422f55b5b591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
etag: "96007"
gdb-fall-back: false
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
cache-control: public, max-age=1861576
date: Tue, 27 Sep 2022 14:28:54 GMT
content-length: 96007
x-xss-protection: 1; mode=block
x-amz-cf-id: zn3417E4K_kDxmWkJqnxkDiAsxwzjQPtM2Wtb93bGUEWEJ7-PgWZjw==
expires: Wed, 19 Oct 2022 03:35:10 GMT

GET
H2 200 09850000-0aff-0242-0827-08da9fd1df1d_cx0_cy6_cw0_w650_r1.jpg
d146ehq26eduy8.cloudfront.net/ 76 KB
77 KB 226ms
173ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/09850000-0aff-0242-0827-08da9fd1df1d_cx0_cy6_cw0_w650_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

498c590f1965853ae33e3325d7560a525d28cc4094835994b3f2d1cd0e940c4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 13:14:59 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P3
etag: "132659"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2587584
content-length: 77976
x-amz-cf-id: FY8-8DSNR90Zue5Vh6frfwH1Sl9yvjiy8cgilH6M87O-8msINLdi-w==
expires: Thu, 27 Oct 2022 13:15:18 GMT

GET
H2 200 0c530000-0aff-0242-f86c-08da9fd1939e_w408_r6.png
d146ehq26eduy8.cloudfront.net/ 328 KB
329 KB 237ms
184ms Image
image/png 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/0c530000-0aff-0242-f86c-08da9fd1939e_w408_r6.png

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7f55029f1791ebb931b91e58cba42b4cff249020f2b554397a33f697f43f5219

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-serial: 116
x-amz-cf-pop: FRA56-P3
etag: "454001"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/png
cache-control: private, no-transform, max-age=2511782
last-modified: Mon, 26 Sep 2022 16:12:28 GMT
content-length: 335651
x-amz-cf-id: 0QSLvAPoZqmytU1siT46m5HK6MwL0aEIn5b9UeN1npaj5c2fUWUCgQ==
server: Akamai Image Manager
expires: Wed, 26 Oct 2022 16:11:56 GMT

GET
H2 200 0c530000-0aff-0242-8d0d-08da9fd20121_w144_r1.png
d146ehq26eduy8.cloudfront.net/ 19 KB
20 KB 180ms
128ms Image
image/png 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/0c530000-0aff-0242-8d0d-08da9fd20121_w144_r1.png

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

315fc157243236600e3d2515e242ae94238a96bb95bbed8cbc31053e6bc4b7cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-serial: 1679
x-amz-cf-pop: FRA56-P3
etag: "27527"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/png
cache-control: private, no-transform, max-age=2529652
last-modified: Mon, 26 Sep 2022 21:11:22 GMT
content-length: 19871
x-amz-cf-id: OzY1SjMAzffHmir6pSwfI0z9vbkL_XoN125bKF9zcnX9ZK4HBgKE7g==
server: Akamai Image Manager
expires: Wed, 26 Oct 2022 21:09:46 GMT

GET
H2 200 e9246e5a-adfc-40bf-b936-55478fd3adb0_w144_r1.jpg
d146ehq26eduy8.cloudfront.net/ 6 KB
7 KB 105ms
54ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/e9246e5a-adfc-40bf-b936-55478fd3adb0_w144_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

60f225adec75807c84c264689bcde47945c2dbe05f5d129b10164c8230b60fd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified: Mon, 26 Sep 2022 12:56:55 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P3
etag: "13089"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2500048
content-length: 6358
x-amz-cf-id: J_bvIk0g889O6qi_qc8HV5fo_BtyzKy8QRIq7aXAav26IdpuGsP5Qg==
expires: Wed, 26 Oct 2022 12:56:22 GMT

GET
H2 200 0c530000-0aff-0242-87eb-08da9f313222_w144_r1.jpg
d146ehq26eduy8.cloudfront.net/ 6 KB
6 KB 101ms
50ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/0c530000-0aff-0242-87eb-08da9f313222_w144_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

828c81f249b0d68f636820830eb0ee9b3a13e42fd355ce3199e84b9bae321879

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-serial: 4
x-amz-cf-pop: FRA56-P3
etag: "9962"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2479613
last-modified: Mon, 26 Sep 2022 07:16:21 GMT
content-length: 5934
x-amz-cf-id: zsKn1bVcbzwYb6s7zNiVzq-Pn2ZMAa2eHUlfMF2qPgRQVTrZp0uNlQ==
server: Akamai Image Manager
expires: Wed, 26 Oct 2022 07:15:47 GMT

GET
H2 200 0c530000-0aff-0242-8572-08da9fa25a49_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/ 22 KB
23 KB 183ms
132ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/0c530000-0aff-0242-8572-08da9fa25a49_w408_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4eb1d9d3a3675593c6edaf1108dae3215bc2c58d3a8e234f378ae49de2b568b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified: Mon, 26 Sep 2022 09:56:31 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P3
etag: "39348"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2489274
content-length: 22630
x-amz-cf-id: W6xOxVGt2jmOx9GBIm-_TiKECjmm6dpWOZSPbl3pN1aHUGWaJ8Sthw==
expires: Wed, 26 Oct 2022 09:56:48 GMT

GET
H2 200 F8733D6E-AC2A-440E-B5E7-A32F2162631E_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/ 28 KB
28 KB 173ms
122ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/F8733D6E-AC2A-440E-B5E7-A32F2162631E_w408_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

214211d7d3ea3ff52e8cd40ce74688b7d979ad27005746c2dbe48f6157d3e230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 13:08:57 GMT
server: Akamai Image Manager
x-amz-cf-pop: FRA56-P3
etag: "52898"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2587160
content-length: 28415
x-amz-cf-id: kRiVDTOv8wyH8MW5tJQnWukU3yppLC_3mbGHVnjJ-BhIv-1bbwZfUg==
expires: Thu, 27 Oct 2022 13:08:14 GMT

GET
H2 200 09870000-0aff-0242-2b92-08da9d61f5f6_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/ 27 KB
28 KB 150ms
99ms Image
image/jpeg 2600:9000:223d:f800:18:3288:fc00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d146ehq26eduy8.cloudfront.net/09870000-0aff-0242-2b92-08da9d61f5f6_w408_r1.jpg

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0b9aa88bbad031f7130c9b2a94fa98bbd132c6bf2d2f75a441a2c452277a2376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 d79861a030d3421826a919f9c2b00146.cloudfront.net (CloudFront)
x-check-cacheable: YES
x-serial: 687
x-amz-cf-pop: FRA56-P3
etag: "50009"
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2502631
last-modified: Mon, 26 Sep 2022 13:39:53 GMT
content-length: 27868
x-amz-cf-id: yI_WyfXfGRptwfuBx-Inzvc0DhV8phO4Cj3F7idaNcdQbL4ltc9FEg==
server: Akamai Image Manager
expires: Wed, 26 Oct 2022 13:39:25 GMT

GET
H2 200 utag.53.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 2 KB
1 KB 152ms
151ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:48:26 GMT
server: AkamaiNetStorage
etag: "ac8019f27f0b21231abe8e581d40e753:1574110106.939453"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 835
expires: Wed, 12 Oct 2022 14:28:54 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835

362 B
1 KB

57ms
56ms

XHR
application/json

54.154.199.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

HTTP/1.1

Server

54.154.199.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-199-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0e8fb37cce02760c9da82b1afdd344fedb99a9ae6183bb285add6aee43b0c4f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v043-0389b606b.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 53JU3LyXShQ=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://d1rw5k8sc912xp.cloudfront.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v043-0543cf70e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://d1rw5k8sc912xp.cloudfront.net
X-TID: AD1kUU4MSS8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1664288934835
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.17.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 79 KB
22 KB 155ms
146ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202208161936
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a608a7eaed908eae054c9edb70e4ae9a2fea33f4dc81d1f89f5c75f82ab04eec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 19:36:23 GMT
server: AkamaiNetStorage
etag: "02944a8aa1b8ca3edfbb420cce773994:1660678583.149797"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 22100
expires: Wed, 12 Oct 2022 14:28:54 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
830 B 132ms
123ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 27 Sep 2022 14:28:54 GMT
last-modified: Mon, 18 Nov 2019 20:48:23 GMT
server: AkamaiNetStorage
etag: "d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 607
expires: Wed, 12 Oct 2022 14:28:54 GMT

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 180ms
171ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:48:34 GMT
server: AkamaiNetStorage
etag: "4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 17297
expires: Wed, 12 Oct 2022 14:28:54 GMT

GET
H2 200 utag.40.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 2 KB
1 KB 192ms
184ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.40.js?utv=ut4.46.202208161936
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9b3f85798df686abaeb73e5b3b306d1a257b5b243f3f339ff87b065e7f8ae205

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:54 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 18:26:13 GMT
server: AkamaiNetStorage
etag: "d648a78c927c1bc68c9fee5d9d66d871:1594232773.905495"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1092
expires: Wed, 12 Oct 2022 14:28:54 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 144ms
100ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 7514edb3286590a6-FRA
date: Tue, 27 Sep 2022 14:28:54 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 387
etag: W/"2f96824aee4bf927e734cc519e3e726d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
strict-transport-security: max-age=15552000; includeSubDomains
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 30 Sep 2022 14:28:54 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 23 KB
10 KB 146ms
41ms Script
application/x-javascript 2600:9000:223c:4c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:33:21 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:57:56 GMT
server: nginx
age: 3334
etag: W/"62d75314-5d6b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: bqaQi35pjDtAakz25Ev4jJWhZxxqPZo7MxHNbLj9KAPRNpVJBUBTAA==
expires: Tue, 27 Sep 2022 15:33:21 GMT

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 6 KB
2 KB 197ms
69ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e41e2c5fd9eed93594388bd76f12dc4436e3606f5ed719ddb21921a383d09c2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3510
cf-polished: origSize=5675
cf-ray: 7514edb4bc255cb0-FRA
ce-version: 11.4.10
last-modified: Tue, 27 Sep 2022 13:30:25 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 70 KB
24 KB 102ms
51ms Script
application/x-javascript 2600:9000:223c:4c00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.40.js?utv=ut4.46.202208161936
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:55:44 GMT
content-encoding: gzip
last-modified: Wed, 20 Jul 2022 00:51:11 GMT
server: nginx
age: 5591
etag: W/"62d7517f-1181e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: IApTKSTDXkn4wGpZGGB_sl4nBFgA_sx2NqnYD9tSiOTDpZWutQRFSg==
expires: Tue, 27 Sep 2022 14:55:44 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
359 B

37ms
37ms

Script
application/javascript

13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/
Protocol: H2
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:26:04 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 172
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: dxdQhp-PvdJWvMCvRC8vKs-S-bZ458vwCbyUAwOqAOyg-hrgtxxryQ==

Redirect headers

location: /internal-c2/default/cs.js
date: Tue, 27 Sep 2022 14:28:55 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
content-length: 0
x-amz-cf-id: vPJrfBL_VRqsu5USHiEtb5c-1BMKXZb7jUhwsd44FPm3wH4xBgK_HQ==
x-cache: Miss from cloudfront

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 63ms
62ms Script
application/x-javascript 92.123.36.220
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202209262038&cb=1664288935064
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-36-220.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Tue, 27 Sep 2022 14:38:55 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 149ms
41ms Image
text/plain 13.32.121.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1664288935063&ns_c=UTF-8&c8=%D0%9A%D0%B0%D0%B2%D0%BA%D0%B0%D0%B7.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&c7=https%3A%2F%2Fd1rw5k8sc912xp.cloudfront.net%2F&c9=
Requested by: Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-21.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
via: 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: B9B-XuCElJNYxfrDQllzO1t2V_ku7VUqIktGNptxOkOXVXEiEXu_Uw==
x-cache: Miss from cloudfront

GET
H2 200 web Show response
onesignal.com/api/v1/sync/7e0395a7-a121-45c8-92b6-d050973df536/ 5 KB
2 KB 49ms
48ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/7e0395a7-a121-45c8-92b6-d050973df536/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfd9ea62e82c4ec9fdf90501dfe01cd8ecb5dd1fe791813246a698c0cd0da5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 2956
cf-polished: origSize=5209
status: 200 OK
x-envoy-upstream-service-time: 27
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7a498632-8fec-4979-8848-9ed62107215d
x-runtime: 0.025408
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"df37ca8800b923b0d47f8bbf1450ea9e"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7514edb48cb5916e-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 27 Sep 2022 15:28:55 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 179 B
503 B 264ms
133ms XHR
application/json 2a04:4e42:200::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.northcaucasus&domain=d1rw5k8sc912xp.cloudfront.net&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b754156091f3b6fafe48849416b3e338eb57e9ccb9770d467ba2fddf4db98529

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 150
x-served-by: cache-hhn4062-HHN
access-control-allow-origin: *
x-timer: S1664288935.310424,VS0,VE95
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 25 Sep 2022 14:28:55 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 383ms
123ms Image
image/gif 3.216.39.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.northcaucasus&p=%2F&u=Cu2gtcCF3SZ1CgadHo&d=d1rw5k8sc912xp.cloudfront.net&g=62557&g0=d1rw5k8sc912xp.cloudfront.net&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4523&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2669&t=Cqbfr2DUY-voBhy2enruIYjD8EeP_&V=136&i=%D0%9A%D0%B0%D0%B2%D0%BA%D0%B0%D0%B7.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&tz=0&sn=1&sv=DKvsMrC0Esb-CQzLtMk9uUdo0YPX&sd=1&im=061b2ff3&_
Requested by: Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.216.39.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-216-39-200.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:28:55 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK dest5.html Show response
bbg.demdex.net/ Frame 0466 7 KB
3 KB 229ms
55ms Document
text/html 34.252.39.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.39.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-39-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v043-0e015fa3e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: putSK5jyRug=
content-encoding: gzip
date: Tue, 27 Sep 2022 14:28:55 GMT
last-modified: Mon, 26 Sep 2022 14:06:08 GMT
vary: accept-encoding

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 42 B
442 B 176ms
49ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=47951986616677985492433444251794742775&ts=1664288935255

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

bea2cc42c4d54854173dacb5c73a688829d768a46fc4824914533d46fef65afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://d1rw5k8sc912xp.cloudfront.net
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 42
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YzMIpwAAAHIJ4AMx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=47931254932992329742434821616369820460
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzMIpwAAAHIJ4AMx

42 B
942 B

117ms
57ms

Image
image/gif

54.154.199.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzMIpwAAAHIJ4AMx

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/

Protocol

HTTP/1.1

Server

54.154.199.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-199-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v043-051a052ba.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: NK2kKdyFQWA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YzMIpwAAAHIJ4AMx
Date: Tue, 27 Sep 2022 14:28:55 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 d1rw5k8sc912xp.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 120 KB
7 KB 372ms
292ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d1rw5k8sc912xp.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f880b2c182deefac1fe31e3db4312ea08b8cdfcba1017198e107e6706539eb82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:28:55 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 27 Sep 2022 14:28:55 GMT
server: cloudflare
ce-version: 11.4.10
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7514edb5fae19168-FRA
content-length: 6537

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 120ms
40ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96d08fd7d9f118ab3a00db2a26372ee1612884a95b3ebc61f829ce9afef86c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XXnRXjNYpsSmDOQ4H/UBig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: qwxVJZIeYM+Z7Mp5XlBAxoUdHjAZTnFG6SjjRVUZHLkOhBw7maSlt28GqMld4nnmmcB0qjMiNm70sdismQ47lw==
x-fb-trip-id: 686109401
x-fb-content-md5: bfc14913036a6985545d6f3b8257eb56
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 14:28:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "0c5e024f9b6c36ee5f1b2439e7f110c7"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 27 Sep 2022 14:34:04 GMT

GET
H2 200 hljson Show response
d1rw5k8sc912xp.cloudfront.net/ 87 B
602 B 226ms
225ms XHR
application/json 2600:9000:2304:d400:a:a1b7:8740:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1rw5k8sc912xp.cloudfront.net/hljson

Requested by

Host: d1rw5k8sc912xp.cloudfront.net
URL: https://d1rw5k8sc912xp.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:d400:a:a1b7:8740:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:28:55 GMT
via: 1.1 e8763d44c4998cd590854aad30f4704e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
content-length: 87
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
onion-location: https://www.kavkazrtsgiv5be4orqcben4bbr2zfikcx2zb4uceuhbu6vhlxbnbjqd.onion/hljson
content-language: ru
cache-control: max-age=21
content-type: application/json; charset=utf-8
x-amz-cf-id: QA3OrJckR8E311LZh1XOlU3cyP2LwdcZIArd2id2TUpym4xvSXefhw==
expires: Tue, 27 Sep 2022 14:29:16 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 362 B
1 KB 58ms
58ms XHR
application/json 54.154.199.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&d_mid=47951986616677985492433444251794742775&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%0131998453E855B2AF-4000012567C74AAD&ts=1664288935473

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.154.199.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-154-199-204.eu-west-1.compute.amazonaws.com

Software

Resource Hash

257139bf69debadd5130961ffa9dee151bfe62d1ff3a69a0cf66d8522ade4d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v043-007b23e30.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: hIng/x1ISUg=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://d1rw5k8sc912xp.cloudfront.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 306
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 s08945459305030 Show response
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/ 43 B
398 B 146ms
49ms XHR
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s08945459305030

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202208161936

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 14:28:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 28 Sep 2022 14:28:55 GMT
server: jag
etag: 3574033275486601216-4619871900350137533
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://d1rw5k8sc912xp.cloudfront.net
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: image/gif;charset=utf-8
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 26 Sep 2022 14:28:55 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 322 KB
87 KB 77ms
37ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=693272f627fd27b4c0e2c9eaac8a6168

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89026f819b8597cd99d0a3a8e5aaabe2f11eeac57ca0931447dfa15685d49909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://d1rw5k8sc912xp.cloudfront.net/
Origin: https://d1rw5k8sc912xp.cloudfront.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YgruVMdWR4g+KAadJnuHDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88751
x-fb-rlafr: 0
x-fb-debug: iz4QuSq/O+iqBK3/xbFLgJpTK6nNSU8LJAPkgi5x2rdWVSLC7Pg+nq+jtYWzFmKkap8zBNZDnti7IVLyjfRB3Q==
x-fb-content-md5: a1b09c378b63eea72c520a47db6a7745
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 27 Sep 2022 14:28:55 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "be5ad6756fa62905e8c30461d55b62cd"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Sep 2023 12:06:54 GMT

GET
H2 200 a18bb0e21d11a839b7adb013c92ee611.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 94 KB
30 KB 51ms
50ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b27f38e2543c9093abd281dfd9354f97c4efca61ce6d2e339048d449ffbd586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:28:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 17 Sep 2022 06:58:49 GMT
server: cloudflare
age: 13701
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 7514edb7db305cb0-FRA
content-length: 30751

GET
H2 200 d1rw5k8sc912xp.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 7 KB
1 KB 207ms
206ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d1rw5k8sc912xp.cloudfront.net.json?t=462302
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/a18bb0e21d11a839b7adb013c92ee611.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cbd62e82c521cf8188fc94ecfb7bfdbd1e6a8802bfa25c011b2a9169ffa91b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 14:28:55 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 27 Sep 2022 14:28:55 GMT
server: cloudflare
ce-version: 11.4.10
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 7514edb84f1d9168-FRA
content-length: 1462

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 163ms
85ms Fetch
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=815684045235704&input_token&origin=1&redirect_uri=https%3A%2F%2Fd1rw5k8sc912xp.cloudfront.net%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=693272f627fd27b4c0e2c9eaac8a6168

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1rw5k8sc912xp.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: UKKrg6eim8UwqSSvaAZygM8myefdLqkYMOjObUv4xbZWAgnfzs5tEZDpeZftdz73ywNNcnyMQrYJR+6QozqCXw==
fb-s: unknown
date: Tue, 27 Sep 2022 14:28:55 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://d1rw5k8sc912xp.cloudfront.net
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: MGktDylMuNs
.youtube.com/	1970-01-20 10:37:20	Name: VISITOR_INFO1_LIVE Value: mMIl-nzZRFM
.demdex.net/	1970-01-20 10:37:20	Name: demdex Value: 47931254932992329742434821616369820460
.d1rw5k8sc912xp.cloudfront.net/	1970-01-20 15:46:56	Name: _cb Value: Cu2gtcCF3SZ1CgadHo
.d1rw5k8sc912xp.cloudfront.net/	1970-01-20 15:46:56	Name: _chartbeat2 Value: .1664288935205.1664288935205.1.DKvsMrC0Esb-CQzLtMk9uUdo0YPX.1
.d1rw5k8sc912xp.cloudfront.net/	1970-01-20 06:18:10	Name: _cb_svref Value: null
.d1rw5k8sc912xp.cloudfront.net/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
d1rw5k8sc912xp.cloudfront.net/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.omtrdc.net/	1970-01-20 15:54:08	Name: s_vi Value: [CS]v1\|31998453E855B2AF-4000012567C74AAD[CE]
.everesttech.net/	1970-01-20 15:03:44	Name: everest_g_v2 Value: g_surferid~YzMIpwAAAHIJ4AMx
.dpm.demdex.net/	1970-01-20 10:37:20	Name: dpm Value: 47931254932992329742434821616369820460
.d1rw5k8sc912xp.cloudfront.net/	1970-01-20 15:54:08	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1406116232%7CMCIDTS%7C19263%7CMCMID%7C47951986616677985492433444251794742775%7CMCAAMLH-1664893735%7C6%7CMCAAMB-1664893735%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1664296135s%7CNONE%7CMCAID%7C31998453E855B2AF-4000012567C74AAD%7CMCSYNCSOP%7C411-19270%7CvVersion%7C2.5.0
.d1rw5k8sc912xp.cloudfront.net/	1969-12-31 23:59:59	Name: cebs Value: 1
.d1rw5k8sc912xp.cloudfront.net/	1970-01-20 15:03:44	Name: _ce.s Value: v~e437f31bf7945fa9f5bea91f8515b4139282e500~vpv~0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
d146ehq26eduy8.cloudfront.net
d1rw5k8sc912xp.cloudfront.net
d2qii21258vzz5.cloudfront.net
dpm.demdex.net
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
tags.tiqcdn.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
13.32.121.21
13.36.218.177
2600:9000:223c:4c00:18:1fcd:351:7bc1
2600:9000:223c:9a00:11:fbd8:f840:21
2600:9000:223d:f800:18:3288:fc00:21
2600:9000:2304:d400:a:a1b7:8740:21
2606:4700::6812:e234
2606:4700::6813:9308
2a00:1450:4001:80b::2008
2a00:1450:4001:812::200e
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::714
3.216.39.200
34.252.39.216
52.215.56.149
54.154.199.204
92.123.36.220
0afb05db268a00c3bd1948c8761763e8db08bed28d60bace504590f6e1f72497
0b9aa88bbad031f7130c9b2a94fa98bbd132c6bf2d2f75a441a2c452277a2376
0e8fb37cce02760c9da82b1afdd344fedb99a9ae6183bb285add6aee43b0c4f8
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
1b27f38e2543c9093abd281dfd9354f97c4efca61ce6d2e339048d449ffbd586
1cbd62e82c521cf8188fc94ecfb7bfdbd1e6a8802bfa25c011b2a9169ffa91b1
214211d7d3ea3ff52e8cd40ce74688b7d979ad27005746c2dbe48f6157d3e230
257139bf69debadd5130961ffa9dee151bfe62d1ff3a69a0cf66d8522ade4d2f
2a16311c22471595d08b62641b53648b01c7c6b511d028fefd7989eb8bc3d05d
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
315fc157243236600e3d2515e242ae94238a96bb95bbed8cbc31053e6bc4b7cb
410f67eab332fbbc30474677b7474cee1aaf58051ae966584d4eb815d65ffad7
464d2843180d5268ac6b953c5fee415d4ff3b2d94d0a353c2ae67aae7b7f2085
47b956bc72783b02e59485a968bc846e6fb61044a27a73130ac3860090fc79cb
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f
498c590f1965853ae33e3325d7560a525d28cc4094835994b3f2d1cd0e940c4c
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4d1a00651c28269c37674393b411eeb3daef7884924248081c1def8f580da197
4eb1d9d3a3675593c6edaf1108dae3215bc2c58d3a8e234f378ae49de2b568b0
537c79159c6d673e3cf4d9c53dfd40236159a1e16a11dd20ffb6e7a483239b91
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5ba9ddfec9fa85ebafb5402e0c4fce0a30f22f24d0703c642ba305267ce45fa7
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5e84f90502ac8813c9bf06822fddd11eaa514ff7fe16c016534cfd76e99c7ddf
60f225adec75807c84c264689bcde47945c2dbe05f5d129b10164c8230b60fd6
69ae6e1276a39f74b03603773d4dad355f54c8e36e0ade87773a8b59b8c54989
6ac9bf5bddd3778c46b318b88b89776b233bd6f9023bf1964a0821df455b2ea0
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c7f47d91058fefb0dfc53691852eb6b00ca48dedcf3321cbc56422f55b5b591
7f55029f1791ebb931b91e58cba42b4cff249020f2b554397a33f697f43f5219
828c81f249b0d68f636820830eb0ee9b3a13e42fd355ce3199e84b9bae321879
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
89026f819b8597cd99d0a3a8e5aaabe2f11eeac57ca0931447dfa15685d49909
94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223
96d08fd7d9f118ab3a00db2a26372ee1612884a95b3ebc61f829ce9afef86c10
98b496bef8b16d7093362e722e359b484372087147aa08c93f7c67374247ab11
9b3f85798df686abaeb73e5b3b306d1a257b5b243f3f339ff87b065e7f8ae205
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a608a7eaed908eae054c9edb70e4ae9a2fea33f4dc81d1f89f5c75f82ab04eec
ae94172fecb9819a939650b1e726452790c63f610638a26218b23fa6f81bf353
b5f555588a39e7f08f9cd7026c1e3b732548875ca8378852154aa5177f1948d5
b754156091f3b6fafe48849416b3e338eb57e9ccb9770d467ba2fddf4db98529
bd314b35670d05a9dc0b4f755d021e6bf8148876313084800a4b2d973b73509c
bea2cc42c4d54854173dacb5c73a688829d768a46fc4824914533d46fef65afb
c4b6ef09aa79f173c8b4c5b3ef08295d12a905ebdd15dfbbafcc74bead5f6fd2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
dd87aaf9b5abe5ff2e73527f283f1e68424383c8b6d7c4fdc1a12095a233a487
dfd9ea62e82c4ec9fdf90501dfe01cd8ecb5dd1fe791813246a698c0cd0da5cd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41e2c5fd9eed93594388bd76f12dc4436e3606f5ed719ddb21921a383d09c2a
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f880b2c182deefac1fe31e3db4312ea08b8cdfcba1017198e107e6706539eb82
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

d1rw5k8sc912xp.cloudfront.net Open in urlscan Pro 2600:9000:2304:d400:a:a1b7:8740:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

95 %HTTPS

61 %IPv6

14 Domains

19 Subdomains

17 IPs

5 Countries

1877 kBTransfer

2967 kBSize

14 Cookies

5 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d1rw5k8sc912xp.cloudfront.net Open in urlscan Pro
2600:9000:2304:d400:a:a1b7:8740:21 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

95 %
HTTPS

61 %
IPv6

14
Domains

19
Subdomains

17
IPs

5
Countries

1877 kB
Transfer

2967 kB
Size

14
Cookies

61 HTTP transactions
0 data transactions