www.rferl.org Open in urlscan Pro
2a02:26f0:480:bb5::1317 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.rferl.org/%20logRecordSource=OnPrem
Effective URL:
https://www.rferl.org/%20logRecordSource=OnPrem
Submission: On December 26 via manual (December 26th 2023, 2:18:27 pm UTC) from AE — Scanned from DE

Summary HTTP 56 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 56 HTTP transactions. The main IP is 2a02:26f0:480:bb5::1317, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.rferl.org. The Cisco Umbrella rank of the primary domain is 256820.
TLS certificate: Issued by R3 on October 12th 2023. Valid for: 3 months.

This is the only time www.rferl.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2a02:26f0:480... 2a02:26f0:480:bb5::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	18.154.63.16 18.154.63.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1 4	52.51.86.160 52.51.86.160	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:25a... 2600:9000:25a2:a800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1 3	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:231... 2600:9000:2315:6c00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	23.22.163.164 23.22.163.164	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	63.140.62.160 63.140.62.160	16509 (AMAZON-02) (AMAZON-02)
1 1	18.202.182.222 18.202.182.222	16509 (AMAZON-02) (AMAZON-02)
1	3.161.119.30 3.161.119.30	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.37 18.66.248.37	16509 (AMAZON-02) (AMAZON-02)
1	63.140.62.164 63.140.62.164	16509 (AMAZON-02) (AMAZON-02)
1	52.214.236.211 52.214.236.211	16509 (AMAZON-02) (AMAZON-02)
56	21

15 2a02:26f0:480:bb5::1317 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.154.63.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-16.dus51.r.cloudfront.net

tags.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.86.160 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-86-160.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:25a2:a800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:6c00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.22.163.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-163-164.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.160 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-160.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.182.222 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-182-222.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.119.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-119-30.vie50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-37.dus51.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-164.data.adobedc.net

ssc.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.236.211 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-236-211.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	rferl.org 1 redirects www.rferl.org — Cisco Umbrella Rank: 256820 tags.rferl.org — Cisco Umbrella Rank: 586644 ssc.rferl.org — Cisco Umbrella Rank: 697960	340 KB
7	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 4875 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 4900 tracking.crazyegg.com — Cisco Umbrella Rank: 4175	37 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	176 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 bbg.demdex.net — Cisco Umbrella Rank: 140299	5 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	869 B
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473	73 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	79 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	173 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 183159	266 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	442 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	24 KB
56	15

	Domain	Requested by
15	www.rferl.org	1 redirects www.rferl.org
7	tags.rferl.org	www.rferl.org tags.rferl.org
4	script.crazyegg.com	tags.rferl.org script.crazyegg.com
4	connect.facebook.net	www.rferl.org tags.rferl.org connect.facebook.net
3	sb.scorecardresearch.com	1 redirects www.rferl.org
3	dpm.demdex.net	1 redirects www.rferl.org
2	www.facebook.com	connect.facebook.net www.rferl.org
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.rferl.org www.googletagmanager.com
2	cdn.onesignal.com	www.rferl.org cdn.onesignal.com
2	www.youtube.com	www.rferl.org www.youtube.com
1	tracking.crazyegg.com	script.crazyegg.com
1	ssc.rferl.org	www.rferl.org
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.rferl.org
1	bbg.demdex.net	tags.rferl.org
1	ping.chartbeat.net	www.rferl.org
1	region1.google-analytics.com	www.googletagmanager.com
1	onesignal.com	cdn.onesignal.com
1	tags.tiqcdn.com	tags.rferl.org
1	static.chartbeat.com	tags.rferl.org
56	23

This site contains links to these domains. Also see Links.

Domain
www.currenttime.tv
pressroom.rferl.org
facebook.com
twitter.com
www.youtube.com
www.instagram.com
t.me
www.rferl.mobi
www.usagm.gov

Subject Issuer	Validity	Valid
www.rferl.org R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
tags.voatibetan.com Amazon RSA 2048 M03	`2023-12-07` - `2025-01-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
ssc.rferl.org DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-12` - `2025-01-11`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.rferl.org/%20logRecordSource=OnPrem
Frame ID: D9118B001273815918F56288009ED6D6
Requests: 55 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 1E7C8636E35DF03707DACAE12A551988
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page doesn't exist

Page URL History Show full URLs

http://www.rferl.org/%20logRecordSource=OnPrem HTTP 301
https://www.rferl.org/%20logRecordSource=OnPrem Page URL

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

56
Requests

91 %
HTTPS

52 %
IPv6

15
Domains

23
Subdomains

21
IPs

3
Countries

920 kB
Transfer

2785 kB
Size

30
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.currenttime.tv/
Title: Current Time

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6091.html
Title: About

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/
Title: Pressroom

Search URL Search Domain Scan URL

URL: https://facebook.com/rferl

Search URL Search Domain Scan URL

URL: https://twitter.com/RFERL

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/rferlonline

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rfe.rl/

Search URL Search Domain Scan URL

URL: https://t.me/rferl

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6085.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6116.html
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://www.rferl.mobi/jobs.html
Title: Jobs and Internships

Search URL Search Domain Scan URL

URL: https://www.usagm.gov/
Title: U.S. Agency For Global Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.rferl.org/%20logRecordSource=OnPrem HTTP 301
https://www.rferl.org/%20logRecordSource=OnPrem Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974

Request Chain 29

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=12870565941394342254335834767981829632 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYrgrwAAALT-jgNn

56 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request %20logRecordSource=OnPrem Show response
www.rferl.org/
Redirect Chain

http://www.rferl.org/%20logRecordSource=OnPrem
https://www.rferl.org/%20logRecordSource=OnPrem

33 KB
34 KB

227ms
167ms

Document
text/html

2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f85d29bc2346caba844a161efd47ccb6eac95d8d50890f380afe7f243122c5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: must-revalidate, max-age=900
content-language: en
content-length: 33861
content-type: text/html; charset=utf-8
date: Tue, 26 Dec 2023 14:18:22 GMT
expires: Tue, 26 Dec 2023 14:33:22 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/%20logRecordSource=OnPrem
pragma: no-cache
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-pangeaerrorhandled: true
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Tue, 26 Dec 2023 14:18:22 GMT
Expires: Tue, 26 Dec 2023 14:18:22 GMT
Location: https://www.rferl.org/%20logRecordSource=OnPrem
Onion-Location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/%20logRecordSource=OnPrem
Server: AkamaiGHost

GET
H2 200 RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ 290 KB
48 KB 67ms
67ms Stylesheet
text/css 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a94e7a4b587e46162e5ea42a53879ea6cb746d1a3ec7e5db4af299c81a313799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 29 Nov 2023 13:36:04 GMT
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333
content-type: text/css
cache-control: max-age=1351176
accept-ranges: bytes
content-length: 49009
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 05:37:58 GMT

GET
H2 200 utag.sync.js Show response
tags.rferl.org/rferl-pangea/prod/ 3 KB
1 KB 131ms
26ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.sync.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MsLd0ENYttoJNN9snQW4N9fSCmBP2oEb
content-encoding: br
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 14:18:22 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4, DUS51-P4
age: 41
x-amz-server-side-encryption: AES256
etag: W/"3f9113fdbc232b35c3b669ac64c6d145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: g09LSRWQfyrYUD9mYxH2ngWBoqAlg25sIoPGfJFuURnbJPDBC754Ow==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 89ms
41ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Tue, 26 Dec 2023 14:18:22 GMT

GET
H2 200 infographics.b Show response
www.rferl.org/Scripts/responsive/ 4 KB
2 KB 34ms
34ms Script
application/javascript 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 05:39:25 GMT
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
cache-control: public, no-transform, max-age=1351263
content-length: 1471
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 loader.b Show response
www.rferl.org/Scripts/responsive/ 86 KB
25 KB 46ms
46ms Script
application/javascript 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bd5d0b1889b5ee3a04a81f46a34adb21e897ad828f6f211901339e0ccc9a45d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 05:37:37 GMT
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
cache-control: public, no-transform, max-age=1351155
content-length: 25060
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Merriweather-Light_v2.woff
www.rferl.org/Content/responsive/fonts/ 60 KB
60 KB 35ms
35ms Font
application/font-woff 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/%20logRecordSource=OnPrem
Origin: https://www.rferl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 11:09:23 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/Merriweather-Light_v2.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 61544
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 14:18:22 GMT

GET
H2 200 logo-compact.svg
www.rferl.org/Content/responsive/RFE/en-US/img/ 10 KB
4 KB 43ms
42ms Image
image/svg+xml 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-compact.svg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f741f1f1d5d51b19ebdb2a93212e766850bf6bfcf3a606c75821317f17121ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Oct 2023 11:09:21 GMT
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-compact.svg
content-type: image/svg+xml
cache-control: public, max-age=457
accept-ranges: bytes
content-length: 3464
x-xss-protection: 1; mode=block
expires: Tue, 26 Dec 2023 14:25:59 GMT

GET
H2 200 logo.svg
www.rferl.org/Content/responsive/RFE/en-US/img/ 13 KB
4 KB 43ms
43ms Image
image/svg+xml 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo.svg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c981a854c0a757f362b7c398a239fc51c8b42102ab6c3af7ef016cd3766ab1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Wed, 04 Oct 2023 11:09:21 GMT
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo.svg
content-type: image/svg+xml
cache-control: public, max-age=726
accept-ranges: bytes
content-length: 4000
x-xss-protection: 1; mode=block
expires: Tue, 26 Dec 2023 14:30:28 GMT

GET
H2 200 logo-print.gif
www.rferl.org/Content/responsive/RFE/en-US/img/ 4 KB
4 KB 29ms
29ms Image
image/gif 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print.gif

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 11:09:21 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-print.gif
content-type: image/gif
cache-control: public, max-age=1644752
accept-ranges: bytes
content-length: 3762
x-xss-protection: 1; mode=block
expires: Sun, 14 Jan 2024 15:10:54 GMT

GET
H2 200 logo-print_color.png
www.rferl.org/Content/responsive/RFE/en-US/img/ 7 KB
8 KB 39ms
39ms Image
image/png 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print_color.png

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 11:09:21 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-print_color.png
content-type: image/png
cache-control: public, max-age=718
accept-ranges: bytes
content-length: 7663
x-xss-protection: 1; mode=block
expires: Tue, 26 Dec 2023 14:30:20 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 88ms
37ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 629
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83b9f3e5ba955d51-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 14:18:23 GMT

GET
H2 200 conf.js Show response
www.rferl.org/ 5 KB
1 KB 29ms
28ms Script
application/javascript 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/conf.js?x=333

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

614f1be7936b1cf0e60d7906ffec2f9551d0a03e102f0dfcedd4020eab9a28c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/conf.js?x=333
content-type: application/javascript
content-language: en
cache-control: public, max-age=1351230
content-length: 1136
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 05:38:52 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/da154528/www-widgetapi.vflset/ 216 KB
67 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/da154528/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 09:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 02:48:13 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 25 Dec 2024 09:16:58 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
90 KB 76ms
28ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b50774a08e78191dedd022b67dda2c9f586a605bc606359ec673f8848a69397

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91319
x-xss-protection: 0
last-modified: Tue, 26 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 26 Dec 2023 14:18:22 GMT

GET
H2 200 utag.js Show response
tags.rferl.org/rferl-pangea/prod/ 103 KB
31 KB 29ms
29ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ktuod7oUGQ1iM5mrE4cEesdd9KazSkhI
content-encoding: br
via: 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
date: Tue, 26 Dec 2023 14:17:19 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, DUS51-P4
age: 63
x-amz-server-side-encryption: AES256
etag: W/"3b5d35e0a59e2ad66782cf5411d15344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: twpS0eOLDafR8uSfgdQ-hOutqGYKJ4v6aY2EaZ6iMC4bwlBgAzqU3A==

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
www.rferl.org/Content/responsive/fonts/ 40 KB
41 KB 35ms
34ms Font
application/font-woff 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333
Origin: https://www.rferl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 04 Oct 2023 11:09:23 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 41216
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 14:18:22 GMT

GET
H2 200 icons-font-1698069833780.woff
www.rferl.org/Content/responsive/fonts/ 18 KB
19 KB 38ms
38ms Font
application/font-woff 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/icons-font-1698069833780.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=333
Origin: https://www.rferl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10 Nov 2023 12:29:28 GMT
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/icons-font-1698069833780.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 18624
x-xss-protection: 1; mode=block
expires: Thu, 25 Jan 2024 14:18:22 GMT

GET
H2 200 res Show response
www.rferl.org/ 38 KB
9 KB 34ms
34ms Script
application/javascript 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

99a9ce399dcc759c05bd8294ad28b86539b9a564ba82b73d65c2b00743616cc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/%20logRecordSource=OnPrem
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 26 Dec 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20
content-type: application/javascript; charset=utf-8
content-language: en
cache-control: public, no-transform, max-age=1351782
content-length: 9066
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 05:48:04 GMT

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974

362 B
906 B

49ms
49ms

XHR
application/json

52.51.86.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Server

52.51.86.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-86-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

53ee5caf7f07e578ec112e4c2fcfe18b4d666e627a6256d1ee5ce05bdfd2da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0c81d9436.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: atUtT2uwSng=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 304
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0e377c1af.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: EFy5yCgRR8U=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1703600302974
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.72.js Show response
tags.rferl.org/rferl-pangea/prod/ 85 KB
23 KB 28ms
27ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.72.js?utv=ut4.46.202312122139
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f0b83d15772f715a5b7b02f74ae0ab2c21d72e23648d37d83103dd95ce571d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 21:41:42 GMT
x-amz-version-id: lPINxXcRfqifc9pAKigyxvN6jika1teg
content-encoding: br
last-modified: Tue, 12 Dec 2023 21:40:06 GMT
server: AmazonS3
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4, DUS51-P4
etag: W/"8d49eae778a9b651a42b20d312a05317"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
age: 1183001
x-amz-cf-id: i1dNAI2yoLtLwD06PDeBEewqufxh36n1WAcM0FSMuLr0rdxpB7Ymgg==

GET
H2 200 utag.24.js Show response
tags.rferl.org/rferl-pangea/prod/ 10 KB
4 KB 30ms
30ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5c652c6736d838dbeab10585068c612d484529472c6f297bb1c60d11b529ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: AxsgGlckyzdU2_vX02gW_caXP3c.2p8M
content-encoding: br
via: 1.1 803246727539350977d724c9e4a027c6.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
date: Wed, 13 Dec 2023 19:12:08 GMT
last-modified: Tue, 12 Dec 2023 21:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, DUS51-P4
age: 1105579
x-amz-server-side-encryption: AES256
etag: W/"4036f7053cdd9a5f799d4397ae7b0916"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: l_XsGIaS4r95h9D3usD_zGupA2thEVJm-PdCT9db9f1fUcuZfy9mUg==

GET
H2 200 utag.7.js Show response
tags.rferl.org/rferl-pangea/prod/ 607 B
1 KB 31ms
31ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c1aaeaa8a8f68e991515f5bfa9baa3b26167fb48d754bdeb3b89ce380426c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 5cOTaPq1bk4yvXrVyff6r7pWMXeaEUVt
date: Wed, 13 Dec 2023 19:09:59 GMT
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4, DUS51-P4
age: 1105703
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
last-modified: Tue, 12 Dec 2023 21:40:04 GMT
server: AmazonS3
etag: "069f20165cfc2bebadf36409382e7fee"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: E0kfUBtPydTDjS-7bA3pHKI_t2zaHAEn428FBH158Z7tFGOWc7hPoA==

GET
H2 200 utag.4.js Show response
tags.rferl.org/rferl-pangea/prod/ 55 KB
17 KB 35ms
34ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: nMiMcodGGXZuDEOr_LkuOTdEG1s4..Nc
content-encoding: br
via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 20:00:25 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, DUS51-P4
age: 152280
x-amz-server-side-encryption: AES256
etag: W/"6a5e55f6c53de2c5fad8f6eaefc225c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 5nYtAV2sB2M8PPs9HAduAxi8gO6Bft7b4gaS7YRiXMe4Xlm-rdnTog==

GET
H2 200 utag.73.js Show response
tags.rferl.org/rferl-pangea/prod/ 4 KB
2 KB 36ms
35ms Script
application/javascript 18.154.63.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.rferl.org/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-16.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: j5H5BcarJL3JyoJ9vTyZM7tpL83fYq5U
content-encoding: br
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront), 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
date: Sun, 24 Dec 2023 20:42:02 GMT
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4, DUS51-P4
age: 149849
x-amz-server-side-encryption: AES256
etag: W/"bd506405154704ba3ad1b776f24dd192"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: YqlRtIZuf6ENLiW2y5rjy8aRoaK14zGG-Mvnx0olY5sHJoU5iFealQ==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 113ms
69ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e078671926b5627ff4fcee0cbe87e6bbf916aba248abb0a87807e580c9860a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 14:18:23 GMT
content-md5: ji71bPjCp7w3cCG8XfnqxQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints
x-fb-debug: n3CwHWr5RuUlgDUDf+jwrzhCmYTVzilXEqBgOyMCqJfXBGewi41qxFXb/wK4F0II/UciytrxE367Jto4J4PWgg==
x-fb-content-md5: c5f3decfbabb89411bf5d40d843bcd9a
cross-origin-opener-policy: same-origin-allow-popups
etag: "7edfcea30195e072d27208a2cee15d73"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 26 Dec 2023 14:24:35 GMT

GET
H2 200 hljson Show response
www.rferl.org/ 87 B
386 B 29ms
29ms XHR
application/json 2a02:26f0:480:bb5::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/hljson

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:bb5::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/%20logRecordSource=OnPrem
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/hljson
content-type: application/json; charset=utf-8
content-language: en
cache-control: max-age=66
content-length: 77
x-xss-protection: 1; mode=block
expires: Tue, 26 Dec 2023 14:19:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 55ms
24ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 14:18:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pSQJUrMzOTeKvunSGo0C1FOtQVsRTII5MUJHs4QXWwZPjtWEOChFIarvvyYa5H+6BGcrSYWOaBBRRMhQiRuxhw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 6 KB
2 KB 106ms
34ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a4e5f8e2b74601aaaf80c3d318ddcead634cb65ff5bc40a94e53cb46cf81f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6993
cf-polished: origSize=6112
ce-version: 11.5.164
cf-bgj: minify
last-modified: Tue, 26 Dec 2023 12:21:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 83b9f3e65ce09baa-FRA

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 110ms
29ms Script
application/x-javascript 2600:9000:25a2:a800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:25a2:a800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 25 Dec 2023 19:05:05 GMT
content-encoding: gzip
via: 1.1 6ea1443d3dc39c2be7c23883fb0bd3e0.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:04:59 GMT
server: nginx
x-amz-cf-pop: ZRH55-P1
age: 69198
etag: W/"65838f3b-11b0d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PzfrRBEsH9Y1jyPDxzKCuvQ08l95z7rQtTLHrEyqJFtxi9iMecyPYQ==
expires: Tue, 26 Dec 2023 19:05:05 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

25ms
23ms

Script
application/javascript

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 06:26:47 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 29007
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: Zek_wJhv1tIvaEIGUI5NSO5Qpn15_MU93Lm-vlBIAndbCfT0ixxZsw==

Redirect headers

date: Tue, 26 Dec 2023 14:18:23 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: u9sJa5rY_vfXX8vqCxj1SA9ZjtS1zc8ocy0LMrey7jLH1HW2FoJctw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
442 B 88ms
22ms Script
application/javascript 2600:9000:2315:6c00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202312141307&cb=1703600303019
Requested by: Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:6c00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Tue, 26 Dec 2023 14:17:04 GMT
via: 1.1 5db4f6b1c04035a37ba6548e89b362be.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 80
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: g-wkV1CZAOfCFk3jIlxwbFkECLDA0qpmCEuq6V7iM_qhuKKIqmsAkQ==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 94ms
29ms Image
text/plain 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1703600303018&ns_c=UTF-8&c8=Page%20doesn%27t%20exist&c7=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&c9=
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
via: 1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: TvTKRkEaIggRL3l5mAhvwNaCOaJbVqL4hBnkGNLukm-HeNXOgA0Guw==
x-cache: Miss from cloudfront

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 41ms
41ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 628
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83b9f3e5fad65d51-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Fri, 29 Dec 2023 14:18:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
84 KB 35ms
35ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6d09fd4e8e42e1540ddd6ac2c42448dbada80d9f90031d4279f4159d7f0695af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 26 Dec 2023 14:18:23 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 13:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1806
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 26 Dec 2023 15:48:17 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/ 5 KB
2 KB 41ms
40ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc70823a722c4d97e2c510d40f3c28d29d290b382c37fe9cd894e5491dcce092

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 782
cf-polished: origSize=5101
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 17e38392-6c8c-4028-8aa2-e979c20a3bee
x-runtime: 0.031475
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"b6bd56ad4c067ea449facc9827cf92cf"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 83b9f3e66b405d51-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 26 Dec 2023 15:18:23 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 299 KB
84 KB 44ms
21ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=5e1ad5418546d475f42a3e2bb33176cb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fa7e5d687db72532ef439e47e2c64409b07ca238c3ca5803e1915f28a764802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rferl.org/
Origin: https://www.rferl.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 26 Dec 2023 14:18:23 GMT
content-md5: Gp25/7jyswmKmhpAo45kBQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86311
reporting-endpoints
x-fb-debug: dY1jfBMmg442EY20xEMNidJgnA/rzzE6Zlol1Awkkrstmb2yUnapaDbj2NiV9l2oDmg/p1lXHfsYc1bDY57RZQ==
x-fb-content-md5: 65e8d8041663b4a716e8d2f9be1b5385
cross-origin-opener-policy: same-origin-allow-popups
etag: "bcb40e51a443c08dffcb3f77fca9bce0"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 25 Dec 2024 12:49:30 GMT

GET
H2 200 1949494258686877 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 157ms
157ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1949494258686877?v=2.9.138&r=stable&domain=www.rferl.org

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2583c135f5c38da3b346f116b9b83dc9fd417d3a8e58d223967846d692062d82

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 26 Dec 2023 14:18:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: AG4yloVLsF/Wf8ROdpikHbX+lzbs+oRayqtX2K8LK90F4d+4HQfPX7ZyWfko9LYRn3i+RzKeHEeNc4Gc6kIe8A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 75ms
27ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M4LGVTBXXT&gtm=45je3bt0v886464275z871456482&_p=1703600302929&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=244426470.1703600303&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703600303&sct=1&seg=0&dl=https%3A%2F%2Fwww.rferl.org%2F%20logRecordSource%3DOnPrem&dt=Page%20doesn%27t%20exist&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=674
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.rferl.org.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 4 KB
2 KB 79ms
33ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/www.rferl.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8645bdec7f1d595606032782d21927f5d7340e3e09643f6dc34267d0b3c274a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6337
ce-version: 11.5.164
content-length: 1705
last-modified: Tue, 26 Dec 2023 12:32:46 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b9f3e70a301c20-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 376ms
122ms Image
image/gif 23.22.163.164
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.english&p=%2F%2520logRecordSource%3DOnPrem&u=42Z3DldK0PCyXkVo&d=rferl.org&g=62557&g0=404%20error&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&b=687&t=DxiS_piNcLJCmsDlwDe3-vFBR0am0&V=143&i=404%20error&tz=-60&sn=1&sv=C9k2fE3gTZ3BoHsMrBJWwAPBRloQQ&sr=external&sd=1&im=06030403&_
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.22.163.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-22-163-164.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 30ms
30ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=631710214&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&ul=en-us&de=UTF-8&dt=Page%20doesn%27t%20exist&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1397776405&gjid=892813959&cid=244426470.1703600303&tid=UA-75913661-40&_gid=2101545393.1703600303&_r=1&_slc=1&gtm=45He3bt0n71WXZBPZv71456482&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=632856560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 164ms
122ms Fetch
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=953446944667626&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=5e1ad5418546d475f42a3e2bb33176cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), keyboard-map=()
strict-transport-security: max-age=15552000; preload
date: Tue, 26 Dec 2023 14:18:23 GMT
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: opQBjtsaUg7MIcY4qtZeWYuwCHp5Cpte7j4UCLXdC0ZhArPxMUsjJs9Pe9p+KdBpXmHW1G0nt8U4r+uxKgOwUA==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rferl.org
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 8ba07dcc278cb95cb008c6e507593ee9.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 96 KB
31 KB 31ms
30ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 07:22:31 GMT
server: cloudflare
age: 354353
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b9f3e73e4a9baa-FRA
content-length: 31973

GET
H2 200 dest5.html Show response
bbg.demdex.net/ Frame 1E7C 7 KB
3 KB 78ms
47ms Document
text/html 52.51.86.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.51.86.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-86-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.rferl.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 26 Dec 2023 14:18:23 GMT
dcs: dcs-prod-irl1-1-v054-06695c737.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Wed, 8 Nov 2023 21:00:41 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: wRpGg6V7Rdw=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
266 B 112ms
32ms XHR
application/x-javascript 63.140.62.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=12846241527131141544333755062460555483&ts=1703600303242

Requested by

Host: tags.rferl.org
URL: https://tags.rferl.org/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.160 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-160.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.rferl.org
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZYrgrwAAALT-jgNn
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=12870565941394342254335834767981829632
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYrgrwAAALT-jgNn

42 B
717 B

48ms
48ms

Image
image/gif

52.51.86.160
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYrgrwAAALT-jgNn

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Server

52.51.86.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-86-160.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-03a8f348b.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: HXMGdtdzRjk=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYrgrwAAALT-jgNn
Date: Tue, 26 Dec 2023 14:18:23 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 www.rferl.org.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 150 B
233 B 41ms
41ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/www.rferl.org.json?t=473222
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3a2df6bf8e64709c784e8c6d8f3139e631defa33c4a03e86ca0e8fe703f576e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 14:18:23 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6336
ce-version: 11.5.164
content-length: 142
last-modified: Tue, 26 Dec 2023 12:32:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83b9f3e78ac01c20-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 233ms
33ms XHR
application/json 3.161.119.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.119.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-119-30.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 21e3976732d94cc8844cd643b7eb43fe.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P2
age: 8426096
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 471nHuWS-nm9LrtK7_zngXu0FjwYEKwpSLBV3aak8lgcqx_zN_XSkg==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
471 B 102ms
24ms XHR
application/json 18.66.248.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-37.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 11182655
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: x5R404wjq7u96ICCEfTkou0XTmKLjMczTNvtf9j1bkKgvTXPiMdoQw==

GET
BLOB 200
OK c832223b-7b47-4daa-aedb-3fcfecf7b9c0
https://www.rferl.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rferl.org/c832223b-7b47-4daa-aedb-3fcfecf7b9c0
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 0
79 B 20ms
20ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&rl=&if=false&ts=1703600303371&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1703600303371.1953929467&ler=empty&it=1703600303125&coo=false&rqm=GET

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 26 Dec 2023 14:18:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 s01356457202578
ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
372 B 126ms
35ms Image
image/gif 63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s01356457202578?AQB=1&ndh=1&pf=1&t=26%2F11%2F2023%2015%3A18%3A23%202%20-60&sdid=7543AE525B5F40C7-7AC6F370634443DA&mid=12846241527131141544333755062460555483&aamlh=6&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3A404%20error%3Apage%20doesn%27t%20exist&g=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem&cc=USD&ch=%2F%2520logRecordSource%3DOnPrem&server=www.rferl.org&pageType=errorPage&events=event53%2Cevent1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fwww.rferl.org%2F%20logRecordSource%3DOnPrem&v4=404%20error&v5=404%20error&v6=page%20doesn%27t%20exist&v15=english&v16=rferl%20english&v17=responsive&v20=yes&v21=404%20error&v23=12846241527131141544333755062460555483&v24=018ca67dab77001fd15b252d440f03074002f06c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2F%20logRecordSource%3DOnPrem&v32=rfe%3Aeng%3Ar%3A404%20error%3Apage%20doesn%27t%20exist&v36=8.28.0.0.333&v38=404%20error&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v82=view&v100=2023-12-26%3A15.18%3A%2B01.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/%20logRecordSource=OnPrem

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Dec 2023 14:18:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 27 Dec 2023 14:18:23 GMT
server: jag
etag: 3658453794401976320-4617722282536809793
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 25 Dec 2023 14:18:23 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 30 B
137 B 225ms
109ms XHR
text/plain 52.214.236.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1703600303557&tk=293a36a5155a6d5eebbcaa960a972cba&s=149718&p=%2F%2520logRecordSource%3DOnPrem&u=260255&v=ac4436b49764909a04eb98ab48da1ed838152d58&f=rferl.org%2F*&ul=https%3A%2F%2Fwww.rferl.org%2F%2520logRecordSource%3DOnPrem
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/8ba07dcc278cb95cb008c6e507593ee9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.236.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-236-211.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 2927788e1a8db24a98f9b9e953cd37adcfcf6267bc3c9b9824e650cb01d9d4eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 26 Dec 2023 14:18:23 GMT
cache-control: no-store
server: awselb/2.0
content-length: 30
content-type: text/plain

GET
BLOB 200
OK d5075780-4235-4c3d-93ac-d7c0d21e5ac9
https://www.rferl.org/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rferl.org/d5075780-4235-4c3d-93ac-d7c0d21e5ac9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.rferl.org/	1970-01-20 18:53:20	Name: .ASPXANONYMOUS Value: -adBsaCmLaXpYcSIcTeKoZmCw_KpGTYAHi0Un1-HXcDX9O8Qlap4F_-0pmq8afNcGRjXUZ_wm_ZFwAp8x819ksz_DhvdXEH3KSSibtZUj039bAsDk4e4mRxQ-et1bOfqqW0VKw2
www.rferl.org/	1970-01-21 02:00:22	Name: PangeaEnvironment Value: 1
www.rferl.org/	1970-01-21 01:58:56	Name: Pangea-NodeId Value: 0OLYLChwj8U5DMiSwQa7LQ==
www.rferl.org/	1969-12-31 23:59:59	Name: SessionID Value: 2729448364.47873.0000
.rferl.org/	1970-01-20 17:13:23	Name: AKA_A2 Value: A
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YnzeXTvWAgk
.youtube.com/	1970-01-20 21:32:32	Name: VISITOR_INFO1_LIVE Value: 3DAZCV_Xqyk
.rferl.org/	1970-01-21 01:58:56	Name: utag_main Value: v_id:018ca67dab77001fd15b252d440f03074002f06c00b08$_sn:1$_se:1$_ss:1$_st:1703602102967$ses_id:1703600302967%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:rferl.org
www.rferl.org/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.rferl.org/	1970-01-21 02:49:20	Name: _ga_M4LGVTBXXT Value: GS1.1.1703600303.1.0.1703600303.0.0.0
.rferl.org/	1970-01-21 02:42:08	Name: _cb Value: 42Z3DldK0PCyXkVo
.rferl.org/	1970-01-21 02:42:08	Name: _chartbeat2 Value: .1703600303150.1703600303150.1.C9k2fE3gTZ3BoHsMrBJWwAPBRloQQ.1
.rferl.org/	1970-01-20 17:13:22	Name: _cb_svref Value: external
.rferl.org/	1970-01-21 02:49:20	Name: _ga Value: GA1.2.244426470.1703600303
.rferl.org/	1970-01-20 17:14:46	Name: _gid Value: GA1.2.2101545393.1703600303
.rferl.org/	1970-01-20 17:13:20	Name: _gat_UA-75913661-40 Value: 1
.demdex.net/	1970-01-20 21:32:32	Name: demdex Value: 12870565941394342254335834767981829632
.rferl.org/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.rferl.org/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.rferl.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.rferl.org/	1970-01-20 19:22:56	Name: _fbp Value: fb.1.1703600303371.1953929467
.everesttech.net/	1970-01-21 01:58:56	Name: everest_g_v2 Value: g_surferid~ZYrgrwAAALT-jgNn
.rferl.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 21:32:32	Name: dpm Value: 12870565941394342254335834767981829632
.rferl.org/	1970-01-21 02:49:20	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19718%7CMCMID%7C12846241527131141544333755062460555483%7CMCAAMLH-1704205103%7C6%7CMCAAMB-1704205103%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1703607503s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19725%7CvVersion%7C5.4.0
.rferl.org/	1970-01-20 17:14:46	Name: _ce.clock_event Value: 1
.onesignal.com/	1970-01-20 17:13:22	Name: __cf_bm Value: MKq_46JMLRgdAVIqiutdR7673U1wic1SdXylW1HcsmY-1703600303-1-ASf1URtSYMHK19c+W6t6ttDYhy1atWAxKfzjQzD5DR3qaEv97tQLd+2PyE6EwR6wLIXQw1+6hnjJ2O5SLyuhNxs=
.rferl.org/	1970-01-20 17:14:46	Name: _ce.clock_data Value: 79%2C217.114.218.24%2C1%2Cf5ef61ca1e560a2377dfd6c236fd3eb9
.rferl.org/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.rferl.org/	1970-01-21 01:58:56	Name: _ce.s Value: v~ac4436b49764909a04eb98ab48da1ed838152d58~lcw~1703600303787~lva~1703600303319~vpv~0~v11.cs~149718~v11.s~a0f837b0-a3f9-11ee-80b8-5dbfbe81ec50~lcw~1703600303788

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.rferl.org/%20logRecordSource=OnPrem Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets-tracking.crazyegg.com
bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
dpm.demdex.net
onesignal.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
region1.google-analytics.com
sb.scorecardresearch.com
script.crazyegg.com
ssc.rferl.org
static.chartbeat.com
tags.rferl.org
tags.tiqcdn.com
tracking.crazyegg.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.rferl.org
www.youtube.com
108.157.4.121
18.154.63.16
18.202.182.222
18.66.248.37
2001:4860:4802:32::36
23.22.163.164
2600:9000:2315:6c00:7:2bfb:7c00:93a1
2600:9000:25a2:a800:18:1fcd:353:c61
2606:4700::6812:d63b
2606:4700::6813:9408
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:82a::200e
2a02:26f0:480:bb5::1317
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.161.119.30
52.214.236.211
52.51.86.160
63.140.62.160
63.140.62.164
0b50774a08e78191dedd022b67dda2c9f586a605bc606359ec673f8848a69397
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1f0b83d15772f715a5b7b02f74ae0ab2c21d72e23648d37d83103dd95ce571d3
2583c135f5c38da3b346f116b9b83dc9fd417d3a8e58d223967846d692062d82
2927788e1a8db24a98f9b9e953cd37adcfcf6267bc3c9b9824e650cb01d9d4eb
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f
3c1aaeaa8a8f68e991515f5bfa9baa3b26167fb48d754bdeb3b89ce380426c87
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
53ee5caf7f07e578ec112e4c2fcfe18b4d666e627a6256d1ee5ce05bdfd2da15
54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3
54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
614f1be7936b1cf0e60d7906ffec2f9551d0a03e102f0dfcedd4020eab9a28c9
64a4e5f8e2b74601aaaf80c3d318ddcead634cb65ff5bc40a94e53cb46cf81f8
6d09fd4e8e42e1540ddd6ac2c42448dbada80d9f90031d4279f4159d7f0695af
7ac9f0e85d1ed4d4ccf7a151ec6b9b80f89baa745841db8efd82713671ff5ab8
7bb2a9b0b57103bb573bb91e43ef305d3b9fe7bf80a61adf26234f17bc32c5f5
7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fa7e5d687db72532ef439e47e2c64409b07ca238c3ca5803e1915f28a764802
82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8645bdec7f1d595606032782d21927f5d7340e3e09643f6dc34267d0b3c274a8
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
99a9ce399dcc759c05bd8294ad28b86539b9a564ba82b73d65c2b00743616cc1
9e078671926b5627ff4fcee0cbe87e6bbf916aba248abb0a87807e580c9860a3
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a94e7a4b587e46162e5ea42a53879ea6cb746d1a3ec7e5db4af299c81a313799
afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d
bd5d0b1889b5ee3a04a81f46a34adb21e897ad828f6f211901339e0ccc9a45d1
c981a854c0a757f362b7c398a239fc51c8b42102ab6c3af7ef016cd3766ab1c3
cc70823a722c4d97e2c510d40f3c28d29d290b382c37fe9cd894e5491dcce092
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3a2df6bf8e64709c784e8c6d8f3139e631defa33c4a03e86ca0e8fe703f576e
d6d0824c232f1be9cf8778e2f91360b3562ac7464795f81882f95d22defbd146
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8
e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c652c6736d838dbeab10585068c612d484529472c6f297bb1c60d11b529ae1
f741f1f1d5d51b19ebdb2a93212e766850bf6bfcf3a606c75821317f17121ea6
f85d29bc2346caba844a161efd47ccb6eac95d8d50890f380afe7f243122c5d8
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

www.rferl.org Open in urlscan Pro 2a02:26f0:480:bb5::1317 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

56 Requests

91 %HTTPS

52 %IPv6

15 Domains

23 Subdomains

21 IPs

3 Countries

920 kBTransfer

2785 kBSize

30 Cookies

12 Outgoing links

Page URL History

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rferl.org Open in urlscan Pro
2a02:26f0:480:bb5::1317 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

91 %
HTTPS

52 %
IPv6

15
Domains

23
Subdomains

21
IPs

3
Countries

920 kB
Transfer

2785 kB
Size

30
Cookies

56 HTTP transactions
0 data transactions