www.rferl.org Open in urlscan Pro
2a02:26f0:6c00:285::1317 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/r...
Submission: On April 29 via manual (April 29th 2021, 2:32:54 pm UTC) from US

Summary HTTP 53 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 18 domains to perform 53 HTTP transactions. The main IP is 2a02:26f0:6c00:285::1317, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.rferl.org.
TLS certificate: Issued by R3 on February 19th 2021. Valid for: 3 months.

This is the only time www.rferl.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2a02:26f0:6c0... 2a02:26f0:6c00:285::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
7	104.109.77.38 104.109.77.38	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	18.203.106.177 18.203.106.177	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c09::9c	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20e8:9800:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 4	99.84.144.111 99.84.144.111	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
1 1	34.250.153.194 34.250.153.194	16509 (AMAZON-02) (AMAZON-02)
1	35.171.219.207 35.171.219.207	14618 (AMAZON-AES) (AMAZON-AES)
53	18

16 2a02:26f0:6c00:285::1317 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.109.77.38 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.203.106.177 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-106-177.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:9800:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.84.144.111 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-144-111.txl52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.153.194 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-153-194.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.219.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-219-207.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	rferl.org www.rferl.org	278 KB
7	tiqcdn.com tags.tiqcdn.com Failed	71 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
4	crazyegg.com script.crazyegg.com	27 KB
4	demdex.net 1 redirects dpm.demdex.net bbg.demdex.net	6 KB
4	facebook.net connect.facebook.net	160 KB
3	facebook.com www.facebook.com	176 B
2	omtrdc.net bbg.sc.omtrdc.net	753 B
2	google-analytics.com www.google-analytics.com	20 KB
2	youtube.com www.youtube.com	41 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	everesttech.net 1 redirects cm.everesttech.net	517 B
1	google.de www.google.de	505 B
1	google.com www.google.com	293 B
1	chartbeat.com static.chartbeat.com	23 KB
1	doubleclick.net stats.g.doubleclick.net	445 B
1	googletagmanager.com www.googletagmanager.com	34 KB
1	onesignal.com cdn.onesignal.com	3 KB
53	18

	Domain	Requested by
16	www.rferl.org	www.rferl.org
7	tags.tiqcdn.com	www.rferl.org tags.tiqcdn.com
4	sb.scorecardresearch.com	2 redirects www.rferl.org
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	connect.facebook.net	www.rferl.org connect.facebook.net tags.tiqcdn.com
3	www.facebook.com	connect.facebook.net www.rferl.org
3	dpm.demdex.net	1 redirects www.rferl.org
2	bbg.sc.omtrdc.net	tags.tiqcdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.rferl.org www.youtube.com
1	ping.chartbeat.net	www.rferl.org
1	cm.everesttech.net	1 redirects
1	bbg.demdex.net	tags.tiqcdn.com
1	www.google.de	www.rferl.org
1	www.google.com	www.rferl.org
1	static.chartbeat.com	tags.tiqcdn.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.rferl.org
1	cdn.onesignal.com	www.rferl.org
53	19

This site contains no links.

Subject Issuer	Validity	Valid
www.rferl.org R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-04` - `2021-08-04`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Frame ID: 41578F16A003B4C467D4FCCECE3AF660
Requests: 52 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 3C922FAC3B844E98EC1C7B0F285892C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

53
Requests

98 %
HTTPS

67 %
IPv6

18
Domains

19
Subdomains

18
IPs

5
Countries

667 kB
Transfer

2013 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587

Request Chain 36

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 38

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&c9=

Request Chain 45

https://cm.everesttech.net/cm/dd?d_uuid=62757580613185872970735230309797248445 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIrDjwAAAHzcyxNg

53 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request 31217945.html Show response
www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/ 30 KB
31 KB 267ms
252ms Document
text/html 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

13225b0b80625f2c46059843b9d6297a2b6822016c01612e2092de9c4925aaf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.rferl.org
:scheme: https
:path: /a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
content-language: en
x-pangeaerrorhandled: true
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 30963
cache-control: public, max-age=300
expires: Thu, 29 Apr 2021 14:37:17 GMT
date: Thu, 29 Apr 2021 14:32:17 GMT
set-cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; expires=Fri, 29-Apr-2022 14:32:17 GMT; path=/; secure; HttpOnly SessionID=2712670636.47873.0000; path=/; Httponly; Secure AKA_A2=A; expires=Thu, 29-Apr-2021 15:32:17 GMT; path=/; domain=rferl.org; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=17 origin; dur=222
strict-transport-security: max-age=31536000

GET
H2 200 Merriweather-Light_v2.woff
www.rferl.org/Content/responsive/fonts/ 60 KB
61 KB 87ms
85ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.rferl.org
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
:path: /Content/responsive/fonts/Merriweather-Light_v2.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.rferl.org
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 61544
x-xss-protection: 1; mode=block
expires: Sat, 29 May 2021 14:32:17 GMT

GET
H2 200 RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ 355 KB
56 KB 50ms
48ms Stylesheet
text/css 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

502c91bdb663b2aebcf4c3dfaf975d3e7d83ae355eee92ac94609aaa7b922516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Apr 2021 13:13:09 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, no-transform, max-age=2477793
server-timing: cdn-cache; desc=HIT edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 57225
x-xss-protection: 1; mode=block
expires: Fri, 28 May 2021 06:48:50 GMT

GET utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 0
0

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 29 Apr 2021 14:32:17 GMT

GET
H2 200 infographics.b Show response
www.rferl.org/Scripts/responsive/ 4 KB
2 KB 132ms
132ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=208

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=208
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 28 May 2021 06:49:38 GMT
cache-control: public, no-transform, max-age=2477841
server-timing: cdn-cache; desc=HIT edge; dur=1
strict-transport-security: max-age=31536000
content-length: 1471
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 loader.b Show response
www.rferl.org/Scripts/responsive/ 84 KB
24 KB 154ms
154ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e2a9caaabbe6fa552dc244d8f318de3bac65073cea62299fb1771e004c2ce359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Fri, 28 May 2021 06:49:32 GMT
cache-control: public, no-transform, max-age=2477835
server-timing: cdn-cache; desc=HIT edge; dur=23
strict-transport-security: max-age=31536000
content-length: 24618
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 logo-compact.png
www.rferl.org/Content/responsive/RFE/en-US/img/ 2 KB
3 KB 13ms
13ms Image
image/png 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-compact.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f61b3d7e54980fe29047b7596ec4da17b1c6a3a50065a0906e0cca629d2a8356

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/RFE/en-US/img/logo-compact.png
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=1812382
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 2341
x-xss-protection: 1; mode=block
expires: Thu, 20 May 2021 13:58:39 GMT

GET
H2 200 logo.png
www.rferl.org/Content/responsive/RFE/en-US/img/ 9 KB
9 KB 14ms
14ms Image
image/png 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2e310e7e6e403013389ccc5faa01d400d072351231670a22324969f8f2fe4ed5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/RFE/en-US/img/logo.png
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=717588
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 9191
x-xss-protection: 1; mode=block
expires: Fri, 07 May 2021 21:52:05 GMT

GET
H2 200 logo-print.gif
www.rferl.org/Content/responsive/RFE/en-US/img/ 4 KB
4 KB 12ms
11ms Image
image/gif 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print.gif

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/RFE/en-US/img/logo-print.gif
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: public, max-age=2245871
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 3762
x-xss-protection: 1; mode=block
expires: Tue, 25 May 2021 14:23:28 GMT

GET
H2 200 logo-print_color.png
www.rferl.org/Content/responsive/RFE/en-US/img/ 7 KB
8 KB 13ms
12ms Image
image/png 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print_color.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/RFE/en-US/img/logo-print_color.png
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=595217
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
accept-ranges: bytes
content-length: 7663
x-xss-protection: 1; mode=block
expires: Thu, 06 May 2021 11:52:34 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 33ms
15ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: gzip
cf-cache-status: HIT
server: cloudflare
age: 820
etag: W/"e96732c560b171a3c798575723231e7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 64793d25dccc5363-FRA
cf-request-id: 09bfa48ba300005363c7348000000001
expires: Sun, 02 May 2021 14:32:17 GMT

GET
H2 200 conf.js Show response
www.rferl.org/ 8 KB
2 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/conf.js?x=208

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0c6b1b7efa07342cc59f08982fb6ca1cbfd0591065025546686b1f01d458dfad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /conf.js?x=208
pragma: no-cache
cookie: Pangea-NodeId=ZVMybKrtgK4LkMpugAqESA==; SessionID=2712670636.47873.0000; AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: public, max-age=2477750
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=1
content-type: application/javascript
content-length: 1900
x-xss-protection: 1; mode=block
expires: Fri, 28 May 2021 06:48:07 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/ 110 KB
39 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 15:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 00:28:48 GMT
server: sffe
age: 82380
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40076
x-xss-protection: 0
expires: Thu, 28 Apr 2022 15:39:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
34 KB 34ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

70e96da00d3c920f00e537dc052a5ddcf24cbe2b5361adad08ed8af4b713e576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34465
x-xss-protection: 0
last-modified: Thu, 29 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Apr 2021 14:32:47 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 84 KB
27 KB 180ms
83ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f9cfedb1d5b9684ff8026bcbe96a168a3446dd8424a53f9bb90b661078098b8

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:13 GMT
server: AkamaiNetStorage
etag: "8fb4823483483d3f0f27346a9824ca90:1618971913.316699"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 27000
expires: Thu, 29 Apr 2021 14:37:47 GMT

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
www.rferl.org/Content/responsive/fonts/ 40 KB
41 KB 36ms
24ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
pragma: no-cache
origin: https://www.rferl.org
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.rferl.org
referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.rferl.org
Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=11
accept-ranges: bytes
content-length: 41216
x-xss-protection: 1; mode=block
expires: Sat, 29 May 2021 14:32:47 GMT

GET
H2 200 icons-1602750059534.woff
www.rferl.org/Content/responsive/fonts/ 20 KB
20 KB 41ms
29ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/icons-1602750059534.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b0baf52e6911831b998923d8ac3f0347802ce76e0ba571b1e09330a263c76bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /Content/responsive/fonts/icons-1602750059534.woff
pragma: no-cache
origin: https://www.rferl.org
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.rferl.org
referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.rferl.org
Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=208
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=6
accept-ranges: bytes
content-length: 20268
x-xss-protection: 1; mode=block
expires: Sat, 29 May 2021 14:32:47 GMT

GET
H2 200 res Show response
www.rferl.org/ 57 KB
14 KB 23ms
23ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=208&dependencies=prog_install_prompt,header,facebook_api,collapsible,highlights,hljson_loader,navigation_mobile,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,tree_walker,typo_reporter

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a608df44e60070b64993f65eac5a40bcbbbc6aa4df3b0f16a75f245bc2f770bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res?callback=_resourceLoaderReceiver_0&x=208&dependencies=prog_install_prompt,header,facebook_api,collapsible,highlights,hljson_loader,navigation_mobile,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,tree_walker,typo_reporter
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: public, no-transform, max-age=2481519
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=10
content-type: application/javascript; charset=utf-8
content-length: 13495
x-xss-protection: 1; mode=block
expires: Fri, 28 May 2021 07:51:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3134
date: Thu, 29 Apr 2021 13:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Thu, 29 Apr 2021 15:40:33 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=208&dependencies=prog_install_prompt,header,facebook_api,collapsible,highlights,hljson_loader,navigation_mobile,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,tree_walker,typo_reporter

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b46603f26376d9f2ee7eeedfec6e7c0546ce11e6273a6b5caf457f0e72fe114b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: IHjc9huU2z0EoTM7LIZFKg==
cross-origin-resource-policy: cross-origin
expires: Thu, 29 Apr 2021 14:45:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1777
x-fb-rlafr: 0
x-fb-debug: 4qu1z+oML+oSpG4XNAzxtwxtrJF4uTBRE1Z94rvqyQTTBBexI7vZO4QKtqIbuAJ8f/GUmiVwrWK0eggqawy9DA==
x-fb-trip-id: 2050670934
x-fb-content-md5: aa1788c5b87c1dd516b3a1f98279beea
date: Thu, 29 Apr 2021 14:32:47 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "92e93672d9fa13dcbc510739459d970e"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 hljson Show response
www.rferl.org/ 87 B
371 B 45ms
44ms XHR
application/json 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/hljson

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: clickCounter=0
:path: /hljson
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=50
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=31
content-type: application/json; charset=utf-8
content-length: 77
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 14:33:37 GMT

GET
H2 200 hljson Show response
www.rferl.org/ 87 B
370 B 47ms
46ms XHR
application/json 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/hljson

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: clickCounter=0
:path: /hljson
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=11
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=29
content-type: application/json; charset=utf-8
content-length: 77
x-xss-protection: 1; mode=block
expires: Thu, 29 Apr 2021 14:32:58 GMT

GET
H2 200 res Show response
www.rferl.org/ 13 KB
4 KB 44ms
43ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/res?callback=_resourceLoaderReceiver_1&x=208&dependencies=navigation_horizontal,navigation_horizontal_sticked,content_tabs

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=Q3pvkBvT_zj0tkn_n4NXiG7IJns5sms_-l4yJOkN5DE1?&av=0.1.0.0&cb=208

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4283024ca80ed7b170436f281c1b310d3808834a022bbb02959de56fcbe1c661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:path: /res?callback=_resourceLoaderReceiver_1&x=208&dependencies=navigation_horizontal,navigation_horizontal_sticked,content_tabs
pragma: no-cache
cookie: clickCounter=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.rferl.org
referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: public, no-transform, max-age=2477905
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT edge; dur=16
content-type: application/javascript; charset=utf-8
content-length: 3579
x-xss-protection: 1; mode=block
expires: Fri, 28 May 2021 06:51:12 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587

362 B
1 KB

67ms
67ms

XHR
application/json

18.203.106.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.106.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-106-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

057a0d99c38c61e7531e2aaf78e0f6d0056869ef07e73ffed141e91dc35ca0df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0001cbe23.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: VuzN5zpqS4g=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.rferl.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 305
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v005-04d937ff6.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.rferl.org
X-TID: r4NPnZzqRE8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1619706767587
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.17.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 78 KB
22 KB 58ms
57ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202104210225
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 70d01f64506f0ee9616cc3cea6c0bd8295edec2b3f57168c8c681f7533d71f4e

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:14 GMT
server: AkamaiNetStorage
etag: "27a53ea683e9cd62632d35aa4fe69043:1618971914.425587"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 21827
expires: Fri, 14 May 2021 14:32:47 GMT

GET
H2 200 utag.24.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 10 KB
4 KB 54ms
52ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202008191613
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 610330771e510eab126ae47bd60fadd4c84d4be769c616e8085d62401586a4bb

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 16:13:20 GMT
server: AkamaiNetStorage
etag: "1ab162c9e089e5a5744bf3e2362ee310:1597853600.735526"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3533
expires: Fri, 14 May 2021 14:32:47 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
816 B 49ms
47ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
last-modified: Mon, 18 Nov 2019 20:48:23 GMT
server: AkamaiNetStorage
etag: "d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 607
expires: Fri, 14 May 2021 14:32:47 GMT

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 75ms
74ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:48:34 GMT
server: AkamaiNetStorage
etag: "4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 17297
expires: Fri, 14 May 2021 14:32:47 GMT

GET
H2 200 utag.36.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 2 KB
1 KB 67ms
66ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac1c460fd2f93f6dd792aca2ae7d4443539863658d19ab41c5b1686c388262b6

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 18:26:11 GMT
server: AkamaiNetStorage
etag: "80c62d702b7674d27c1d5a5c0b0e5d21:1594232771.932712"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1089
expires: Fri, 14 May 2021 14:32:47 GMT

GET
H3-29 200 all.js Show response
connect.facebook.net/en_US/ 211 KB
62 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=cf54bdea76e607c7f4b10302b3e2032f&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5ad072b5e48595e3f8465bbbd62398eb4a5fbf5a487f39c8bcd7d37ed370971a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://www.rferl.org
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 0qxN1ZudU2HkFo9S92LsnA==
cross-origin-resource-policy: cross-origin
expires: Fri, 29 Apr 2022 13:55:47 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63726
x-fb-rlafr: 0
x-fb-debug: GzOVHa9ySQQ6EfQbXvgCdK85ay6GoJYWO61UeX+p9JNPcNW/FmT/eybtvE3+BW0SCH6uvyYVhhp6QAK75o+ZkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 68aeeae6d473ef325158b9b6c161c28d
date: Thu, 29 Apr 2021 14:32:47 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "59188a93bf69751a4e0c5fad0b375791"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1419551397&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&ul=en-us&de=UTF-8&dt=Page%20doesn%27t%20exist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=677039008&gjid=1782401837&cid=555405497.1619706768&tid=UA-75913661-40&_gid=646113311.1619706768&_r=1&gtm=2wg4l3WXZBPZ&z=1796604205

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
445 B 43ms
16ms XHR
text/plain 2a00:1450:400c:c09::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-75913661-40&cid=555405497.1619706768&jid=677039008&gjid=1782401837&_gid=646113311.1619706768&_u=YEBAAAAAAAAAAC~&z=150895253

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 29 Apr 2021 14:32:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 4 KB
2 KB 33ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28349f6654e3cddbff0057637e9e0de21f4699ecc1a67f55541a3dbc0e107ebb

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75364
cf-polished: origSize=4157
ce-version: 11.1.277
cf-request-id: 09bfa5017a00004ea4cd19f000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:36:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 64793de25b3d4ea4-FRA
cf-bgj: minify

GET
H3-29 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
23 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-xss-protection: 0
pragma: public
x-fb-debug: kGHlVESDE8TgDyC53NeoA8WSryvBAl8Fz1QQzUAaI6L7vUZSIzlEyQu/WABUpZ804koVlPXRPOmbW/cu/NGnKQ==
date: Thu, 29 Apr 2021 14:32:47 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 51ms
16ms Script
application/x-javascript 2600:9000:20e8:9800:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:9800:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 16:51:20 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:06:15 GMT
server: nginx
age: 78087
etag: W/"60665ff7-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 df2b5b3f847bbe9ad7f475c0831bcc3a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: UZXcYxiFC3f9utFOaio2BxXZEbg1a1-bN1_y4FjnzfaIHqeft8Gs8A==
expires: Thu, 29 Apr 2021 16:51:20 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 54ms
41ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=953446944667626&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=cf54bdea76e607c7f4b10302b3e2032f&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: YLy99EMvA6OXKZOnAN6GYs5ElRAnWPYXgfd2b03QS2M6g+FxKeRkjEO6HzuCOv0FY99zsTicmEMavwunhIQ7Sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 29 Apr 2021 14:32:47 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rferl.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
351 B

66ms
66ms

Script
application/javascript

99.84.144.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-111.txl52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:11:31 GMT
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1278
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: cOO9bfNlARpGSNLnmkWjZX75cFWm1P6V0Ro_T9jO8DhW8lTHT-BrVA==

Redirect headers

date: Thu, 29 Apr 2021 14:32:47 GMT
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: ocoanEOaGLP1lWLfOFMOrBJTUsaHEP25aMEEKApVoZ-xOJ2BRk06Rw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 57ms
56ms Script
application/x-javascript 104.109.77.38
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202104210225&cb=1619706767742
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Thu, 29 Apr 2021 14:42:47 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-g...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-...

64 B
331 B

93ms
92ms

Image
image/gif

99.84.144.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&c9=
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.144.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-144-111.txl52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:48 GMT
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: d-xIXK-VaFirFbrGXHL3FvMUwf6a3QJ_7ifNVQTSYg0Di1DBZPEGwQ==

Redirect headers

date: Thu, 29 Apr 2021 14:32:47 GMT
via: 1.1 5cf5bc69324ade55eebb5e539fa6c2fa.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL52-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1619706767741&ns_c=UTF-8&c8=Page%20doesn't%20exist&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&c9=
content-length: 348
x-amz-cf-id: pxRrcwu6feGqzOPi-ch5oLT-uDbzrAEoLN4XZU59mIkEWciMwPgDfQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 36ms
30ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-75913661-40&cid=555405497.1619706768&jid=677039008&_u=YEBAAAAAAAAAAC~&z=1892597283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 59ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-75913661-40&cid=555405497.1619706768&jid=677039008&_u=YEBAAAAAAAAAAC~&z=1892597283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1949494258686877 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 444ms
443ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1949494258686877?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2cb83fab70379b4c0a6aa20594641d516cffc37748df837ebbbe5ecf959799e3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: BrlTYc05+qseVeC3pqp2/0VXLmB7MgoKbBnw6ZSCL27xolI/mLBCVTFStnVNf6+QAeFcTufZOGQUza9IOV1vYQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Thu, 29 Apr 2021 14:32:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0255.json Show response
script.crazyegg.com/pages/data-scripts/0026/ 95 KB
4 KB 36ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a55fc1ae139008f0736a9278343243748637c60e975853244a6f81b90f8e7ec

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75365
ce-version: 11.1.277
content-length: 3380
cf-request-id: 09bfa501a700004a6e4db2a000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:36:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 64793de2a8634a6e-FRA

GET
H/1.1 200
OK dest5.html Show response
bbg.demdex.net/ Frame 3C92 7 KB
3 KB 259ms
65ms Document
text/html 18.203.106.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.106.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-106-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: bbg.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.rferl.org/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=62757580613185872970735230309797248445
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.rferl.org/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 29 Apr 2021 14:32:48 GMT
DCS: dcs-prod-irl1-1-v005-08288f6cd.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 22 Apr 2021 14:22:49 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: MEBveHpsSWg=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
316 B 178ms
55ms XHR
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=62759302504117200580737321404429222758&ts=1619706767775

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5db677d464-w8ccx
vary: Origin
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YIrDjwAAAHzcyxNg
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=62757580613185872970735230309797248445
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIrDjwAAAHzcyxNg

42 B
975 B

69ms
68ms

Image
image/gif

18.203.106.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIrDjwAAAHzcyxNg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.106.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-106-177.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v005-0ebe0d43e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mWplFkSWSts=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YIrDjwAAAHzcyxNg
Date: Thu, 29 Apr 2021 14:32:47 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 365ms
121ms Image
image/gif 35.171.219.207
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.english&p=%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&u=BZMW6iDU14jbB8aPXB&d=rferl.org&g=62557&g0=rferl.org&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=30897&t=CMnIbvCmSWiHC7IgiMDpp17KThbVE&V=126&i=Page%20doesn%27t%20exist&tz=-120&sn=1&sv=D8kPc3DVFNZ_BBrkD4DX9q-2Cf1qDa&sd=1&im=06030403&_
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.219.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-219-207.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Apr 2021 14:32:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 11.1.277.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 61 KB
20 KB 16ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.277.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41c2ed4f30212356ab3a8c6a25d17ade4f4bfd15da0d5f852d5bba836071ee1d

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75368
cf-ray: 64793de33d074ea4-FRA
content-length: 20689
cf-request-id: 09bfa5020000004ea4e41e1000000001
last-modified: Mon, 19 Apr 2021 13:00:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 0255.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0026/ 7 KB
1 KB 13ms
13ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0026/0255.json?t=449918
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.277.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62a8a9db7af46ee865614212206318bed431c76b8399868eaadb250f9405ec7

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 75365
ce-version: 11.1.277
content-length: 1409
cf-request-id: 09bfa5021f00004a6ee3bd9000000001
timing-allow-origin: *
last-modified: Wed, 28 Apr 2021 17:36:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 64793de369e64a6e-FRA

POST
H2 200 s21922150523143 Show response
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/ 43 B
437 B 173ms
56ms XHR
image/gif 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s21922150523143

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202104210225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 29 Apr 2021 14:32:48 GMT
x-content-type-options: nosniff
x-c: main-1455.Icbb9a9.M0-487
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Apr 2021 14:32:48 GMT
server: jag
xserver: anedge-5db677d464-f6b74
etag: 3478293800344387584-4622008451516065632
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 28 Apr 2021 14:32:48 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&rl=&if=false&ts=1619706768254&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1619706768252.1021509658&it=1619706767760&coo=false&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 14:32:48 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=Microdata&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.htmlhttps%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-bulgaria-arms-depot-explosions-gru-agents-gebrev%2F31217945.html&rl=&if=false&ts=1619706769757&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Page%20doesn%27t%20exist%22%2C%22meta%3Adescription%22%3A%22RFE%2FRL%20journalists%20report%20the%20news%20in%2027%20languages%20in%2023%20countries%20where%20a%20free%20press%20is%20banned%20by%20the%20government%20or%20not%20fully%20established.%20We%20provide%20what%20many%20people%20cannot%20get%20locally%3A%20uncensored%20news%2C%20responsible%20discussion%2C%20and%20open%20debate.%22%2C%22meta%3Akeywords%22%3A%22RFERL%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1619706768252.1021509658&it=1619706767760&coo=false&es=automatic&tm=3&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 14:32:49 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Thu, 29 Apr 2021 14:32:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 22:14:18	Name: demdex Value: 62757580613185872970735230309797248445
.rferl.org/	1970-01-20 11:26:18	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1406116232%7CMCIDTS%7C18747%7CMCMID%7C62759302504117200580737321404429222758%7CMCAAMLH-1620311567%7C6%7CMCAAMB-1620311567%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1619713967s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18754%7CvVersion%7C2.5.0
.rferl.org/	1970-01-20 02:40:42	Name: utag_main Value: v_id:01791e0be87c0023000cf4ed4fa40007200ba06a00b08$_sn:1$_se:1$_ss:1$_st:1619708567561$ses_id:1619706767561%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rferl.org
.rferl.org/	1969-12-31 23:59:59	Name: s_cc Value: true
www.rferl.org/	1970-01-20 03:23:54	Name: _chartbeat2 Value: .1619706767790.1619706767790.1.D8kPc3DVFNZ_BBrkD4DX9q-2Cf1qDa.1
.rferl.org/	1970-01-19 17:56:33	Name: _gid Value: GA1.2.646113311.1619706768
www.rferl.org/	1970-01-20 03:23:54	Name: _cb_ls Value: 1
.rferl.org/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
www.rferl.org/	1970-01-20 03:23:54	Name: _cb Value: BZMW6iDU14jbB8aPXB
.rferl.org/	1970-01-19 17:55:06	Name: _gat_UA-75913661-40 Value: 1
www.rferl.org/	1970-01-19 17:55:08	Name: _cb_svref Value: null
.rferl.org/	1970-01-19 20:04:42	Name: _fbp Value: fb.1.1619706768252.1021509658
.rferl.org/	1970-01-20 11:26:18	Name: _ga Value: GA1.2.555405497.1619706768
www.rferl.org/	1969-12-31 23:59:59	Name: clickCounter Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api	error	URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1) Message: TypeError: Cannot read property 'numVisitsTrigger' of null
console-api	log	URL: https://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.htmlhttps://www.rferl.org/a/russia-bulgaria-arms-depot-explosions-gru-agents-gebrev/31217945.html(Line 685) Message: ServiceWorker registration successful with scope: https://www.rferl.org/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
stats.g.doubleclick.net
tags.tiqcdn.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.rferl.org
www.youtube.com
tags.tiqcdn.com
104.109.77.38
15.237.76.117
18.203.106.177
2600:9000:20e8:9800:18:1fcd:34e:d2a1
2606:4700::6812:e134
2606:4700::6813:9308
2a00:1450:4001:811::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c09::9c
2a02:26f0:6c00:285::1317
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.250.153.194
35.171.219.207
99.84.144.111
057a0d99c38c61e7531e2aaf78e0f6d0056869ef07e73ffed141e91dc35ca0df
0c6b1b7efa07342cc59f08982fb6ca1cbfd0591065025546686b1f01d458dfad
0f9cfedb1d5b9684ff8026bcbe96a168a3446dd8424a53f9bb90b661078098b8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13225b0b80625f2c46059843b9d6297a2b6822016c01612e2092de9c4925aaf5
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
28349f6654e3cddbff0057637e9e0de21f4699ecc1a67f55541a3dbc0e107ebb
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cb83fab70379b4c0a6aa20594641d516cffc37748df837ebbbe5ecf959799e3
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2e310e7e6e403013389ccc5faa01d400d072351231670a22324969f8f2fe4ed5
2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
41c2ed4f30212356ab3a8c6a25d17ade4f4bfd15da0d5f852d5bba836071ee1d
4283024ca80ed7b170436f281c1b310d3808834a022bbb02959de56fcbe1c661
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f
4acc1ad1225689fe2c5479e7f8d822ecba31f2fe25bf5897678f12e640fc2321
502c91bdb663b2aebcf4c3dfaf975d3e7d83ae355eee92ac94609aaa7b922516
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
59bf4920a322377c761eec2dba5b7de57b64267e82b0d3a7e9fafcfd4a954e34
5ad072b5e48595e3f8465bbbd62398eb4a5fbf5a487f39c8bcd7d37ed370971a
610330771e510eab126ae47bd60fadd4c84d4be769c616e8085d62401586a4bb
70d01f64506f0ee9616cc3cea6c0bd8295edec2b3f57168c8c681f7533d71f4e
70e96da00d3c920f00e537dc052a5ddcf24cbe2b5361adad08ed8af4b713e576
7a55fc1ae139008f0736a9278343243748637c60e975853244a6f81b90f8e7ec
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a608df44e60070b64993f65eac5a40bcbbbc6aa4df3b0f16a75f245bc2f770bc
ac1c460fd2f93f6dd792aca2ae7d4443539863658d19ab41c5b1686c388262b6
b0baf52e6911831b998923d8ac3f0347802ce76e0ba571b1e09330a263c76bf3
b46603f26376d9f2ee7eeedfec6e7c0546ce11e6273a6b5caf457f0e72fe114b
c62a8a9db7af46ee865614212206318bed431c76b8399868eaadb250f9405ec7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
e2a9caaabbe6fa552dc244d8f318de3bac65073cea62299fb1771e004c2ce359
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61b3d7e54980fe29047b7596ec4da17b1c6a3a50065a0906e0cca629d2a8356
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

www.rferl.org Open in urlscan Pro 2a02:26f0:6c00:285::1317 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

53 Requests

98 %HTTPS

67 %IPv6

18 Domains

19 Subdomains

18 IPs

5 Countries

667 kBTransfer

2013 kBSize

14 Cookies

0 Outgoing links

Redirected requests

53 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rferl.org Open in urlscan Pro
2a02:26f0:6c00:285::1317 Public Scan

Screenshot
Live screenshot

Full Image

53
Requests

98 %
HTTPS

67 %
IPv6

18
Domains

19
Subdomains

18
IPs

5
Countries

667 kB
Transfer

2013 kB
Size

14
Cookies

53 HTTP transactions
0 data transactions