www.rferl.org Open in urlscan Pro
2600:1400:d:588::1317  Public Scan

23 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

• https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845 HTTP 302
• https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845

Request Chain 46

• https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31157751.html?layout=1 HTTP 301
• https://www.rferl.org/a/31157751.html?layout=1

Request Chain 50

• https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
• https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 51

• https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&c9=

Request Chain 58

• https://cm.everesttech.net/cm/dd?d_uuid=32800994703064597663363660907479482931 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3UXAAAAB60HgN-

Request Chain 87

• https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
• https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 90

• https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D7070107A-06AD83599929E014&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v4=snippet&v5=snippet&v6=week%20in%20russia%20region%20widget-gr-1878&v14=31157751&v15=english&v16=rferl%20english&v17=responsive&v21=iframe&v24=0187d00586b3009ebf9a669b474803074006206c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v38=snippet&v50=iframe&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v65=week%20in%20russia%20region%20widget-gr-1878&v72=prod&v100=2023-04-30%3A02.37%3A%2B00.00&v101=Etc%2FUnknown&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=150&AQE=1 HTTP 302
• https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&pccr=true&vidn=3226EA2ECF868353-600004FA492C8B7B&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D7070107A-06AD83599929E014&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v4=snippet&v5=snippet&v6=week%20in%20russia%20region%20widget-gr-1878&v14=31157751&v15=english&v16=rferl%20english&v17=responsive&v21=iframe&v24=0187d00586b3009ebf9a669b474803074006206c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v38=snippet&v50=iframe&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v65=week%20in%20russia%20region%20widget-gr-1878&v72=prod&v100=2023-04-30%3A02.37%3A%2B00.00&v101=Etc%2FUnknown&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=150&AQE=1

97 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request 31005048.html Show response www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/	70 KB 17 KB	497ms 384ms	Document text/html	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash d8f297f7cae63497c4ffc1354bb2178dac352d08ab6df9223bb406542356e642 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control must-revalidate, max-age=297 content-encoding gzip content-language en content-length 16479 content-type text/html; charset=utf-8 date Sun, 30 Apr 2023 02:37:15 GMT expires Sun, 30 Apr 2023 02:42:12 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html pragma no-cache strict-transport-security max-age=31536000 vary Accept-Encoding x-akamai-transformed 9 16011 0 pmb=mRUM,1 x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	RFE-en-US.css www.rferl.org/Content/responsive/RFE/en-US/	289 KB 48 KB	166ms 165ms	Stylesheet text/css	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f3d9740af8ac281d45977f7d686c7918e7ab101856eb9b25dd791e15c1a75f72 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Tue, 28 Mar 2023 14:11:37 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 content-type text/css cache-control public, no-transform, max-age=487037 accept-ranges bytes content-length 49010 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:54:32 GMT
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	3 KB 1 KB	108ms 18ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6732f81d44cfb9e5756f4945168f1c79a2ef9a3d53d755d808abe9273f0681b8 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id OmArxMZ_GLyvwAVRvu2L5.mmz4Xhi8iy content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:35:32 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 124 x-amz-server-side-encryption AES256 etag W/"043cf323f1711597ec795215416e0b5c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id 9SNsaSCdEbpn5hC7oLmzkn2buwGXacdrNQa3eG5GfKlZQAVgxK0wfg==
GET H2	200	iframe_api Show response www.youtube.com/	1 KB 2 KB	88ms 47ms	Script text/javascript	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fa0508572bc08a5cde3bd8041250e70364fec655c6513e73cb8dfb6a040f8c8b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sun, 30 Apr 2023 02:37:15 GMT
GET H2	200	infographics.b Show response www.rferl.org/Scripts/responsive/	4 KB 2 KB	216ms 215ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Fri, 05 May 2023 17:55:25 GMT date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=319 content-type application/javascript; charset=utf-8 cache-control public, no-transform, max-age=487090 content-length 1471 x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	loader.b Show response www.rferl.org/Scripts/responsive/	86 KB 25 KB	186ms 185ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2b78de8e29d52b09e21fa493962c11223d887314b062da59429fddf2e114d326 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Fri, 05 May 2023 17:55:33 GMT date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 content-type application/javascript; charset=utf-8 cache-control public, no-transform, max-age=487098 content-length 25025 x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	Merriweather-Light_v2.woff www.rferl.org/Content/responsive/fonts/	60 KB 61 KB	173ms 172ms	Font application/font-woff	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Origin https://www.rferl.org accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:07 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/Merriweather-Light_v2.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes content-length 61544 x-xss-protection 1; mode=block expires Tue, 30 May 2023 02:37:15 GMT
GET H2	200	player-spinner.png www.rferl.org/Content/responsive/img/	978 B 1 KB	61ms 58ms	Image image/png	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/img/player-spinner.png Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:08 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/img/player-spinner.png content-type image/png cache-control public, max-age=1835527 accept-ranges bytes content-length 978 x-xss-protection 1; mode=block expires Sun, 21 May 2023 08:29:22 GMT
GET H2	200	logo-compact.svg www.rferl.org/Content/responsive/RFE/en-US/img/	10 KB 4 KB	44ms 41ms	Image image/svg+xml	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-compact.svg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f741f1f1d5d51b19ebdb2a93212e766850bf6bfcf3a606c75821317f17121ea6 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Mon, 08 Aug 2022 13:53:00 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-compact.svg content-type image/svg+xml cache-control public, max-age=721553 accept-ranges bytes content-length 3464 x-xss-protection 1; mode=block expires Mon, 08 May 2023 11:03:08 GMT
GET H2	200	logo.svg www.rferl.org/Content/responsive/RFE/en-US/img/	13 KB 4 KB	44ms 41ms	Image image/svg+xml	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/RFE/en-US/img/logo.svg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash c981a854c0a757f362b7c398a239fc51c8b42102ab6c3af7ef016cd3766ab1c3 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Mon, 08 Aug 2022 13:53:00 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo.svg content-type image/svg+xml cache-control public, max-age=562559 accept-ranges bytes content-length 4000 x-xss-protection 1; mode=block expires Sat, 06 May 2023 14:53:14 GMT
GET H2	200	logo-print.gif www.rferl.org/Content/responsive/RFE/en-US/img/	4 KB 4 KB	42ms 39ms	Image image/gif	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print.gif Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:00 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-print.gif content-type image/gif cache-control public, max-age=1405116 accept-ranges bytes content-length 3762 x-xss-protection 1; mode=block expires Tue, 16 May 2023 08:55:51 GMT
GET H2	200	logo-print_color.png www.rferl.org/Content/responsive/RFE/en-US/img/	7 KB 8 KB	43ms 40ms	Image image/png	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print_color.png Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:00 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/img/logo-print_color.png content-type image/png cache-control public, max-age=315812 accept-ranges bytes content-length 7663 x-xss-protection 1; mode=block expires Wed, 03 May 2023 18:20:47 GMT
GET H2	200	267b9f5c-3eb7-4b00-838f-754ecc7c2182_cx0_cy7_cw0_w250_r1_s.jpg gdb.rferl.org/	13 KB 14 KB	500ms 478ms	Image image/jpeg	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/267b9f5c-3eb7-4b00-838f-754ecc7c2182_cx0_cy7_cw0_w250_r1_s.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Server / Resource Hash 6bc92286134c835d40d159eb4a6a24e7257bc86e1492227916db207413b7401c Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Jan 1970 00:00:01 GMT server Akamai Image Server etag "26690" content-type image/jpeg cache-control public, private, max-age=300 content-length 13714 expires Sun, 30 Apr 2023 02:42:16 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	64ms 32ms	Script application/javascript	2606:4700::6812:d73b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 696 etag W/"06f50014011c1fcd9e21b6b0481979de" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7bfc66dd38907148-YUL access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 03 May 2023 02:37:15 GMT
GET H2	200	conf.js Show response www.rferl.org/	5 KB 1 KB	34ms 33ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/conf.js?x=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 614f1be7936b1cf0e60d7906ffec2f9551d0a03e102f0dfcedd4020eab9a28c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/conf.js?x=319 content-type application/javascript; charset=utf-8 content-language en cache-control public, max-age=486944 content-length 1136 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:52:59 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/	184 KB 62 KB	14ms 11ms	Script text/javascript	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c95c0994d62d97c528e8e239fd9b65b87e9a85719437051a37e2946f20455587 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 21:44:21 GMT content-encoding br x-content-type-options nosniff age 276774 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62942 x-xss-protection 0 last-modified Wed, 26 Apr 2023 02:29:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 25 Apr 2024 21:44:21 GMT
GET H/1.1	200 OK	aksb.min.js Show response ds-aksb-a.akamaihd.net/	13 KB 5 KB	155ms 19ms	Script application/x-javascript	2600:1400:9000::687e:75c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://ds-aksb-a.akamaihd.net/aksb.min.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2600:1400:9000::687e:75c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Apache / Resource Hash 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Unused62 8096267 Date Sun, 30 Apr 2023 02:37:15 GMT Content-Encoding gzip Last-Modified Thu, 30 Aug 2018 18:25:26 GMT Server Apache ETag "15de19f42b35806faf815298644157e0:1535653526" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=43200 Connection keep-alive Accept-Ranges bytes Timing-Allow-Origin * Content-Length 4826
GET H2	200	gtm.js Show response www.googletagmanager.com/	218 KB 67 KB	80ms 35ms	Script application/javascript	2607:f8b0:4020:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash eb6577cd800597a29e6af451c6e70967d70780cd2401e194c76b22453af95572 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68147 x-xss-protection 0 last-modified Sun, 30 Apr 2023 00:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 30 Apr 2023 02:37:15 GMT
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	104 KB 31 KB	24ms 22ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 028e01ec6534dcb3f8c2ace12b0a791a2545599056e68616cf9a77c546c68473 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id YyH45m7Vd2yibE434WVbugil5bswZ.zN content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:24 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 172 x-amz-server-side-encryption AES256 etag W/"aec277aa7f555f19737f6fa65bfdfd8b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id hg-FXG2iwUvc_SbeRi9nXVz2B-ZAyusnjNbIn2NK2PlA4BCu1Ef7IA==
GET H2	200	SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff www.rferl.org/Content/responsive/fonts/	40 KB 41 KB	52ms 51ms	Font application/font-woff	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff Requested by Host: www.rferl.org URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Origin https://www.rferl.org accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:07 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes content-length 41216 x-xss-protection 1; mode=block expires Tue, 30 May 2023 02:37:15 GMT
GET H2	200	icons-font-1661417065025.woff www.rferl.org/Content/responsive/fonts/	17 KB 18 KB	57ms 56ms	Font application/font-woff	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/fonts/icons-font-1661417065025.woff Requested by Host: www.rferl.org URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Origin https://www.rferl.org accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Thu, 25 Aug 2022 13:57:51 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/icons-font-1661417065025.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes content-length 17808 x-xss-protection 1; mode=block expires Tue, 30 May 2023 02:37:15 GMT
GET H2	200	image-placeholder.svg www.rferl.org/Content/responsive/img/	709 B 817 B	44ms 43ms	Image image/svg+xml	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.rferl.org/Content/responsive/img/image-placeholder.svg Requested by Host: www.rferl.org URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=319 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Mon, 08 Aug 2022 13:53:08 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/img/image-placeholder.svg content-type image/svg+xml cache-control public, max-age=388374 accept-ranges bytes content-length 461 x-xss-protection 1; mode=block expires Thu, 04 May 2023 14:30:09 GMT
GET H2	200	res Show response www.rferl.org/	87 KB 21 KB	47ms 46ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Requested by Host: www.rferl.org URL: https://www.rferl.org/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 8f852dfd87b38fb0d7196674ad983f69343938b5636bfe026ff6c72c5c9faf8a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 content-type application/javascript; charset=utf-8 content-language en cache-control public, no-transform, max-age=487032 content-length 20400 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:54:27 GMT
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	28ms 27ms	Script application/javascript	2606:4700::6812:d73b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 3314 etag W/"2cf94922e2d551e8dc7c38c022a9a3ca" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7bfc66dde9ae7148-YUL access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Wed, 03 May 2023 02:37:15 GMT
GET H2	200	267b9f5c-3eb7-4b00-838f-754ecc7c2182_cx0_cy7_cw0_w1023_r1_s.jpg gdb.rferl.org/	169 KB 170 KB	1675ms 1674ms	Image image/jpeg	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/267b9f5c-3eb7-4b00-838f-754ecc7c2182_cx0_cy7_cw0_w1023_r1_s.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Server / Resource Hash 7c0b6c5273f7b9727fe01346f19c6104f290048bdb276df269ef3bda53bffe9d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:17 GMT strict-transport-security max-age=31536000 last-modified Thu, 01 Jan 1970 00:00:01 GMT server Akamai Image Server etag "348157" content-type image/jpeg cache-control public, private, max-age=300 content-length 173006 expires Sun, 30 Apr 2023 02:42:17 GMT
GET H2	200	C77D2506-A3F8-405F-B8A0-D4B24D889D37_w144_r1.jpg gdb.rferl.org/	3 KB 3 KB	43ms 41ms	Image image/avif	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/C77D2506-A3F8-405F-B8A0-D4B24D889D37_w144_r1.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Manager / Resource Hash 2fc4c2e14802cf40c9b3953c53b9bb080230654c030f0e5e7d523c346e8e2bf7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 last-modified Fri, 21 Apr 2023 12:22:49 GMT server Akamai Image Manager etag "7924" content-type image/avif cache-control private, no-transform, max-age=1849590 content-length 2702 expires Sun, 21 May 2023 12:23:45 GMT
GET H2	200	01000000-c0a8-0242-c43c-08db47c37ba8_cx0_cy7_cw0_w144_r1.jpg gdb.rferl.org/	4 KB 4 KB	44ms 42ms	Image image/avif	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/01000000-c0a8-0242-c43c-08db47c37ba8_cx0_cy7_cw0_w144_r1.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Manager / Resource Hash 3427c7a0ea0e966f0b435efccf4eec6d2e965b8cf265b0039707e6bf420fd280 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 last-modified Fri, 28 Apr 2023 09:32:09 GMT x-serial 277 server Akamai Image Manager x-check-cacheable YES etag "13719" content-type image/avif cache-control private, no-transform, max-age=2443971 content-length 4006 expires Sun, 28 May 2023 09:30:06 GMT
GET H2	200	01000000-c0a8-0242-d549-08db230c3c53_w144_r1.jpg gdb.rferl.org/	5 KB 6 KB	41ms 40ms	Image image/avif	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/01000000-c0a8-0242-d549-08db230c3c53_w144_r1.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Manager / Resource Hash bb2da5a30ec1233db68a7be3ccc2c9b74429713c690e158150e4e2674b4f0ab5 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 last-modified Thu, 13 Apr 2023 20:05:45 GMT x-serial 451 server Akamai Image Manager x-check-cacheable YES etag "15776" content-type image/avif cache-control private, no-transform, max-age=1186161 content-length 5411 expires Sat, 13 May 2023 20:06:36 GMT
GET H2	200	F8BBD50A-A99F-4564-937F-E63AE931BDC7_w144_r5.jpg gdb.rferl.org/	5 KB 6 KB	44ms 43ms	Image image/webp	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/F8BBD50A-A99F-4564-937F-E63AE931BDC7_w144_r5.jpg Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Manager / Resource Hash 4d446297564ad4422656572f71ad1a80d013743b998f422466f456d5f3d2f150 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT strict-transport-security max-age=31536000 last-modified Wed, 08 Jun 2022 14:17:57 GMT x-serial 1398 server Akamai Image Manager x-check-cacheable YES etag "11914" content-type image/webp cache-control private, max-age=1854052 content-length 5560 expires Sun, 21 May 2023 13:38:07 GMT
GET H/1.1	200 OK	rd Show response dpm.demdex.net/id/ Redirect Chain https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845 https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845	362 B 1 KB	26ms 26ms	XHR application/json	3.226.147.238 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol HTTP/1.1 Server 3.226.147.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-147-238.compute-1.amazonaws.com Software / Resource Hash 005b56c0827216d69104b0ca9c601aa06f68cebccef6492709537e1970540d5b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers DCS dcs-prod-va6-2-v047-0daa4c343.edge-va6.demdex.com 1 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-TID v1nMFNECT9Y= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.rferl.org Content-Type application/json;charset=utf-8 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 309 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers DCS dcs-prod-va6-2-v047-0726a4336.edge-va6.demdex.com 0 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID v4GzYPYFQx8= Vary Origin P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Access-Control-Allow-Origin https://www.rferl.org Location https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1682822235845 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Access-Control-Allow-Credentials true Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	utag.72.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	87 KB 23 KB	24ms 22ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202304242254 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a7f288ac01cb0f44af225fc0aa5d3b65f80862fcb299bc139384f83672dcb1e Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id avMVyT7kYr_5SuYW1yv5uFqLRhAVOIgh content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:32:44 GMT last-modified Mon, 24 Apr 2023 22:55:35 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 272 x-amz-server-side-encryption AES256 etag W/"09865d2f5e502160382935e604e63a4f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id baGa6sPNen6ypXcIudKz-uneOO3GNbYcQ-vrxC8j2tBWWqZk3Y4kqQ==
GET H2	200	utag.24.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	10 KB 4 KB	26ms 25ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cf63730c4b38aa30dc5b5efd10ad173f14f881f8e4b57ed94fb4382c939648a Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id QCPruGala9aHaqWhYWliffWsq18tsny2 content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:54 GMT last-modified Mon, 24 Apr 2023 22:55:34 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 142 x-amz-server-side-encryption AES256 etag W/"5499ce95e0ba9fb3edef29d47b5ce671" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id k2JcqAjIXaQdNm3QmkRspkobrdBly_R66553oPat-4qga2lPMTjaQw==
GET H2	200	utag.7.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	607 B 1 KB	27ms 25ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dd8ae1f6ffea5f8ed54a991f5d85dc5c075ce354fdef4585803c6434903a92f7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id EH6UDgMtZ76yVCADTIoS9tTpORlGFVVu date Sun, 30 Apr 2023 02:36:25 GMT via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 age 51 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 607 last-modified Mon, 24 Apr 2023 22:55:32 GMT server AmazonS3 etag "81e4bd65060ad071123c4444011a94a1" vary Accept-Encoding content-type application/javascript cache-control max-age=1296000 accept-ranges bytes x-amz-cf-id 79jbFrC0s2GUE1wrmaDeasoOEpg3dFUMvRsp0iF35uHhyPaSPFYMzw==
GET H2	200	utag.4.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	55 KB 17 KB	28ms 27ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7a5f85841e8d23051f70c58c44d8236e8667d8d70a8b7cbbfc85b59343675449 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id OLoQL324Gd7Wje94t30u8APHW0AfJAuX content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:06 GMT last-modified Mon, 24 Apr 2023 22:55:36 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 190 x-amz-server-side-encryption AES256 etag W/"09779b8b6a6757b58252e0bb9dca28d4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id MaaHSITJ9sFipS-VavUpBDKtKlTq1LIBd6KcNgwH9Qhi2CJdAhsAOw==
GET H2	200	utag.36.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	2 KB 1 KB	41ms 40ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.202303291338 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bd1bf027b971c8e0ef50613990248121fb66116681238823e4c3c09483561cb9 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id 81oaFak31tAYejc4M23mCHrgf_swEdg8 content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:37:16 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 x-amz-server-side-encryption AES256 etag W/"5ccdcbb427474e203e5ad29c52c6c8d6" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id PIE7ONHm2jT807-WwF10UgRICGZuChl6psd9aVSXRhmXLrjTe6dNEg==
GET H2	200	analytics.js Show response www.google-analytics.com/	51 KB 20 KB	12ms 11ms	Script text/javascript	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 30 Apr 2023 01:54:31 GMT last-modified Mon, 17 Apr 2023 22:36:01 GMT server Golfe2 age 2564 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20737 expires Sun, 30 Apr 2023 03:54:31 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	221 KB 77 KB	43ms 42ms	Script application/javascript	2607:f8b0:4020:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:806::2008 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e8b9935050889810230bf2e5b37d9229204bcb0509b2768e2aa163106195f528 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 79082 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 30 Apr 2023 02:37:15 GMT
GET H2	200	web Show response onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/	5 KB 2 KB	25ms 24ms	Script text/javascript	2606:4700::6812:d73b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b7adc49b8600e946e8d155ac014c22bab3ed1ab564563dc6c208f4cd74fb7217 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:15 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains age 1795 cf-polished origSize=5101 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id 7f24ff13-60ef-483b-890c-4376ae96fd54 x-runtime 0.025398 referrer-policy strict-origin-when-cross-origin cf-bgj minify server cloudflare etag W/"97b5ce6fefd55fa7b64117bd4ad11742" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 7bfc66de6a707148-YUL access-control-allow-headers SDK-Version expires Sun, 30 Apr 2023 03:37:15 GMT
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	60ms 19ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6bd1bc4728f6f94dbc2731a113d44721a6eae2d899b4a543e4f26434f5011a26 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 30 Apr 2023 02:37:15 GMT content-md5 fGv0bdjvN+K8idFhC2Cl1g== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1689 x-fb-rlafr 0 x-fb-debug +68LBQE3FnPVlStUAdGvgLiNz1eFme4CqfshunguTmLhkWfT/I8cyB2RLRK9xWftMZ2cO5kzU05uW0NgIK++bQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1512268381 x-fb-content-md5 dde31fd16c9797f30c2f4ae4352f7bfc cross-origin-opener-policy same-origin-allow-popups etag "c2c20e8399fc2713ecaab5dcff26fd09" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Sun, 30 Apr 2023 02:41:39 GMT
GET H/1.1	200 OK	share_count Show response connect.mail.ru/	160 B 782 B	1068ms 142ms	Script text/javascript	94.100.180.55 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.mail.ru/share_count?url_list=https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html&callback=1&func=RFE.Shares.MM.count Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS connect.mail.ru Software nginx / Resource Hash d24473ea6716bac531e285f0088c294c7010fde46a6443f1b9807b5e6ec369d7 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff Server nginx x-webkit-csp-report-only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: x-frame-options DENY Content-Type text/javascript; charset=UTF-8 p3p policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" cache-control no-cache, no-store, must-revalidate, private x-envoy-upstream-service-time 3 Connection keep-alive Content-Length 160 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	count.json Show response api.pinterest.com/v1/urls/	146 B 223 B	109ms 41ms	Script application/javascript	151.101.192.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.pinterest.com/v1/urls/count.json?url=https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html&callback=RFE.Shares.Pinterest.count Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 16f4fa357a2a4abbdb909a6d112b9803c9e57e8666d3ff8df114f45a75cec16d Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff x-cdn fastly age 0 content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 5 alt-svc h3=":443";ma=600 x-pinterest-rid 1656413851217151 content-length 146 expires Sun, 30 Apr 2023 02:52:16 GMT
GET H2	200	dk Show response connect.ok.ru/	25 B 2 KB	1135ms 135ms	Script application/javascript	217.20.147.3 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.ok.ru/dk?st.cmd=extLike&uid=/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html&ref=https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.20.147.3 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS ip3.147.odnoklassniki.ru Software apache / Resource Hash 48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a Security Headers Name Value Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; Strict-Transport-Security max-age=63072000;includeSubdomains;preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT content-security-policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; x-content-type-options nosniff strict-transport-security max-age=63072000;includeSubdomains;preload content-encoding br content-security-policy-report-only default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always; rendered-blocks WidgetExtLike x-xss-protection 1; mode=block pragma no-cache server apache vary Accept-Encoding content-type application/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true expires Mon, 26 Jul 1997 05:00:00 GMT
GET H/1.1	200 OK	share_count Show response connect.mail.ru/	84 B 705 B	1067ms 143ms	Script text/javascript	94.100.180.55 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.mail.ru/share_count?url_list=https://www.rferl.orgnull&callback=1&func=RFE.Shares.MM.count Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS connect.mail.ru Software nginx / Resource Hash 2c79a0d38895bc9f3321a34507d6b94d2b19fad84ee7a0706a0a91a51e0a880f Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff Server nginx x-webkit-csp-report-only default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript: x-frame-options DENY Content-Type text/javascript; charset=UTF-8 p3p policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" cache-control no-cache, no-store, must-revalidate, private x-envoy-upstream-service-time 4 Connection keep-alive Content-Length 84 x-xss-protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
GET H2	200	count.json Show response api.pinterest.com/v1/urls/	73 B 340 B	106ms 39ms	Script application/javascript	151.101.192.84 FASTLY
General Check archive.org Show headers Download Go to Full URL https://api.pinterest.com/v1/urls/count.json?url=https://www.rferl.orgnull&callback=RFE.Shares.Pinterest.count Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.192.84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 90201b31b5f5348819cf3e546ff62071f8d3d18cad7659be062e5e2a328707ac Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff x-cdn fastly age 0 content-type application/javascript access-control-allow-origin * cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 2 alt-svc h3=":443";ma=600 x-pinterest-rid 5927188424835194 content-length 73 expires Sun, 30 Apr 2023 02:52:15 GMT
GET H2	200	dk Show response connect.ok.ru/	25 B 2 KB	1168ms 169ms	Script application/javascript	217.20.147.3 VK-AS
General Check archive.org Show headers Download Go to Full URL https://connect.ok.ru/dk?st.cmd=extLike&uid=null&ref=https://www.rferl.orgnull Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 217.20.147.3 , Russian Federation, ASN47764 (VK-AS, RU), Reverse DNS ip3.147.odnoklassniki.ru Software apache / Resource Hash 48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a Security Headers Name Value Content-Security-Policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; Strict-Transport-Security max-age=63072000;includeSubdomains;preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:17 GMT content-security-policy default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report; x-content-type-options nosniff strict-transport-security max-age=63072000;includeSubdomains;preload content-encoding br content-security-policy-report-only default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always; rendered-blocks WidgetExtLike x-xss-protection 1; mode=block pragma no-cache server apache vary Accept-Encoding content-type application/javascript;charset=UTF-8 access-control-allow-origin * cache-control no-cache, no-store access-control-allow-credentials true expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	share.php Show response vk.com/	21 B 569 B	734ms 145ms	Script text/html	87.240.132.67 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/share.php?act=count&url=https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv67-132-240-87.vk.com Software kittenx / KPHP/7.4.113739 Resource Hash 09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-frontend front220006 strict-transport-security max-age=15768000 server kittenx x-powered-by KPHP/7.4.113739 content-type text/html; charset=windows-1251 access-control-expose-headers X-Frontend cache-control no-store content-length 41
GET H2	200	hljson Show response www.rferl.org/	87 B 395 B	39ms 38ms	XHR application/json	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/hljson Requested by Host: www.rferl.org URL: https://www.rferl.org/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html X-Requested-With XMLHttpRequest accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge pragma no-cache date Sun, 30 Apr 2023 02:37:15 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/hljson content-type application/json; charset=utf-8 content-language en cache-control max-age=147 content-length 77 x-xss-protection 1; mode=block expires Sun, 30 Apr 2023 02:39:42 GMT
GET H2	200	31157751.html Show response www.rferl.org/a/ Frame D484 Redirect Chain https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31157751.html?layout=1 https://www.rferl.org/a/31157751.html?layout=1	14 KB 6 KB	66ms 66ms	Document text/html	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/a/31157751.html?layout=1 Requested by Host: www.rferl.org URL: https://www.rferl.org/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 43b34bf7c29d7088431aee9ef8a9d84bdd6e3dc595a97314b836217508d46578 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control public, max-age=183 content-encoding gzip content-language en content-length 5314 content-type text/html; charset=utf-8 date Sun, 30 Apr 2023 02:37:16 GMT expires Sun, 30 Apr 2023 02:40:19 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/a/31157751.html?layout=1 strict-transport-security max-age=31536000 vary Accept-Encoding x-content-type-options nosniff x-sticky-incompatible 1 x-ua-compatible IE=edge x-xss-protection 1; mode=block Redirect headers cache-control max-age=300 content-language en content-length 142 content-type text/html; charset=utf-8 date Sun, 30 Apr 2023 02:37:16 GMT expires Sun, 30 Apr 2023 02:42:16 GMT location /a/31157751.html?layout=1 onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31157751.html?layout=1 pragma no-cache strict-transport-security max-age=31536000 x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	107 KB 28 KB	19ms 18ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 30 Apr 2023 02:37:15 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27967 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug unYYM3qDDAQBGgEiD5dqBAjKFLZq4HtSIhldufAWvZB4n04iXJyko3fn7giE1bB8jbkwNydMB19iFYzP4ET6Eg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1512268381 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	0255.js Show response script.crazyegg.com/pages/scripts/0026/	6 KB 2 KB	82ms 29ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0026/0255.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e3948d64b04bc89ffa4c0cb8b4a9b3b6c012e757e01f6544633becb45c4d32f Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip cf-cache-status HIT age 6952 cf-polished origSize=6063 ce-version 11.5.73 cf-bgj minify last-modified Sun, 30 Apr 2023 00:41:21 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 7bfc66df1ab733ef-YUL
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	33ms 32ms	XHR text/plain	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j100&a=286589915&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&ul=en-us&de=UTF-8&dt=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=183779739&gjid=1577824139&cid=619913674.1682822236&tid=UA-75913661-40&_gid=1486430485.1682822236&_r=1&_slc=1&gtm=45He34q0n71WXZBPZ&z=762967415 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.rferl.org/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.rferl.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	cs.js Show response sb.scorecardresearch.com/internal-c2/default/ Redirect Chain https://sb.scorecardresearch.com/c2/6035794/cs.js https://sb.scorecardresearch.com/internal-c2/default/cs.js	0 358 B	18ms 17ms	Script application/javascript	13.33.60.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-c2/default/cs.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Server 13.33.60.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-120.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:12:01 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) last-modified Mon, 01 Mar 2021 20:42:20 GMT server AmazonS3 x-amz-cf-pop EWR52-C1 age 1516 x-amz-server-side-encryption AES256 etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 0 x-amz-cf-id s6xjr3K3wpDOgetAFrHU3dcJlIethFMh5iiwgmfLwRL_3vfG6Rmzyw== Redirect headers date Sun, 30 Apr 2023 02:37:16 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop EWR52-C1 x-cache Miss from cloudfront location /internal-c2/default/cs.js content-length 0 x-amz-cf-id YtPD7OrouEELkX14n1VpOGPEt2ZvrTsC5gEfCWGhS0w8i92THFkc3Q==
GET H2	204	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.rf... https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.r...	0 225 B	25ms 25ms	Image text/plain	13.33.60.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&c9= Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Server 13.33.60.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-120.ewr52.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop EWR52-C1 x-amz-cf-id iynNmzeptPWULY1HYN0WhT9fbZ-zKjovoOXOvdl9-z_yKcpPk2MZlA== x-cache Miss from cloudfront Redirect headers date Sun, 30 Apr 2023 02:37:16 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop EWR52-C1 x-cache Miss from cloudfront location /b2?c1=2&c2=6035794&ns__t=1682822235978&ns_c=UTF-8&c8=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&c9= content-length 0 x-amz-cf-id zuDl_6Ro69LEE12w-rc6IcY3CXHMoMxjoOI2QwrjNs-NKU5av3WahA==
GET H2	200	chartbeat_video.js Show response static.chartbeat.com/js/	70 KB 24 KB	493ms 23ms	Script application/x-javascript	2600:9000:24f1:fa00:18:1fcd:351:7bc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_video.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.202303291338 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:fa00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 08:20:30 GMT content-encoding gzip via 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront) last-modified Thu, 08 Dec 2022 17:02:37 GMT server nginx x-amz-cf-pop JFK50-P4 age 65806 etag W/"639218ad-11856" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id DxgYkNt1f1CMI3jWteUzzzDwyQ6FGabNwnpKNQjbziGSApK_XGYFng== expires Sun, 30 Apr 2023 08:20:30 GMT
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 433 B	19ms 19ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202304242254&cb=1682822235988 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Sun, 30 Apr 2023 02:33:13 GMT via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 age 243 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id WVppKcJa7GTpRvrLbpbZrL49z8BSLDoeQRWfBY4DpQ2RpKJbXEjdSA==
POST H3	204	collect www.google-analytics.com/g/	0 17 B	32ms 31ms	Ping text/plain	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-M4LGVTBXXT&gtm=45je34q0&_p=286589915&cid=619913674.1682822236&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682822236&sct=1&seg=0&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&dt=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&en=page_view&_fv=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:16 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.rferl.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 348 B	88ms 34ms	XHR text/plain	2607:f8b0:4004:c17::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-75913661-40&cid=619913674.1682822236&jid=183779739&gjid=1577824139&_gid=1486430485.1682822236&_u=YEBAAAAAAAAAAC~&z=1906521674 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::9c Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.rferl.org/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.rferl.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	dest5.html Show response bbg.demdex.net/ Frame 1B7C	7 KB 3 KB	506ms 25ms	Document text/html	54.86.208.12 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bbg.demdex.net/dest5.html?d_nsid=0 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.86.208.12 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-86-208-12.compute-1.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.rferl.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Type text/html;charset=UTF-8 DCS dcs-prod-va6-1-v047-01b0e656f.edge-va6.demdex.com 0 ms Expires Thu, 01 Jan 1970 00:00:00 UTC P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID AIbebprCRhs= content-encoding gzip date Sun, 30 Apr 2023 02:37:16 GMT last-modified Thu, 27 Apr 2023 14:05:00 GMT transfer-encoding chunked vary accept-encoding
GET H2	200	id Show response bbg.sc.omtrdc.net/	2 B 266 B	483ms 28ms	XHR application/x-javascript	63.140.38.128 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=32814846771312227013360092405208825064&ts=1682822236036 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.38.128 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ip-63-140-38-128.data.adobedc.net Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://www.rferl.org p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H/1.1	200 OK	ibs:dpid=411&dpuuid=ZE3UXAAAAB60HgN- dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=32800994703064597663363660907479482931 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3UXAAAAB60HgN-	42 B 941 B	42ms 41ms	Image image/gif	3.226.147.238 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3UXAAAAB60HgN- Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol HTTP/1.1 Server 3.226.147.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-226-147-238.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers DCS dcs-prod-va6-2-v047-0dae96add.edge-va6.demdex.com 17 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains content-encoding gzip X-Content-Type-Options nosniff X-TID lf3Gs6obRe0= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Content-Type image/gif Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 59 Expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZE3UXAAAAB60HgN- Date Sun, 30 Apr 2023 02:37:16 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H3	200	all.js Show response connect.facebook.net/en_US/	303 KB 85 KB	44ms 22ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=49db9d535ccb5cb8b94c258296e2bc9d Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f11008f5f699c9c6a8c618e28dca7235d270d1c87c20db35d9b5081ad1a188e1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.rferl.org/ Origin https://www.rferl.org accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 30 Apr 2023 02:37:16 GMT content-md5 LJ4cfiRn7bUJkuHKsNZxtw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87014 x-fb-rlafr 0 x-fb-debug UIkx8bMRBsNh48W5a/TCRkgX2jac2QgPW4IQNko7UOeLJul/nedRv+zYSWiky9yI7D8DATkZOX0IAdqYlDGM9w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 1f60c42643abd550fe457dc2523a0560 cross-origin-opener-policy same-origin-allow-popups etag "2ea4d5cb8f1288c1521245d50f308531" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-frame-options DENY timing-allow-origin * priority u=3,i expires Mon, 29 Apr 2024 00:32:19 GMT
GET H2	200	1949494258686877 Show response connect.facebook.net/signals/config/	377 KB 108 KB	23ms 21ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1949494258686877?v=2.9.102&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4ac19a9823c0dd9332c619e0a4600d2de5a487cb4487865f6f91cb9bbb6f58e6 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 30 Apr 2023 02:37:16 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110228 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug RhKEESzIX+oIqXKDZSQS5NBXlAXcrsu/Fsgfid8YAB2aL+rdM3xzXUo/3iNxyWN6kJZGZzz6M0+ucqCxIIU3XA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 1512268381 cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	www.rferl.org.json Show response script.crazyegg.com/pages/data-scripts/0026/0255/site/	960 B 710 B	48ms 20ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0026/0255/site/www.rferl.org.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0026/0255.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 28efcf99c9d7c0d504760279446f1d51c20138a33578dc6bc61dc157ae03173a Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip cf-cache-status HIT age 6952 ce-version 11.5.73 content-length 440 last-modified Sun, 30 Apr 2023 00:41:24 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 7bfc66dfc9b8ecf2-YUL
GET H2	200	ga-audiences www.google.com/ads/	42 B 408 B	413ms 38ms	Image image/gif	2607:f8b0:4020:807::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-75913661-40&cid=619913674.1682822236&jid=183779739&_u=YEBAAAAAAAAAAC~&z=1656854682 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:807::2004 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.ca/ads/	42 B 408 B	416ms 37ms	Image image/gif	2607:f8b0:4020:805::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-75913661-40&cid=619913674.1682822236&jid=183779739&_u=YEBAAAAAAAAAAC~&z=1656854682 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4020:805::2003 Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	19ms 18ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&rl=&if=false&ts=1682822236171&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.1.1682822236170.1365372202&it=1682822236082&coo=false&rqm=GET Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 30 Apr 2023 02:37:16 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	status www.facebook.com/x/oauth/	0 0	344ms 43ms	Fetch text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=953446944667626&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=49db9d535ccb5cb8b94c258296e2bc9d Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload date Sun, 30 Apr 2023 02:37:16 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 x-fb-rlafr 0 pragma no-cache x-fb-debug TVE9XMghji3VEVIT4PTM/uL3E2p0kXCQQYcBTEQybRNdAyimPiA5+rIzuinaeBC8h7Hz/9PTgDKoZs2omqXWvg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.rferl.org origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	78ms 24ms	Image image/gif	54.84.230.51 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=rferl.english&p=%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&u=BP4wTDLUU0SD9LUDf&d=rferl.org&g=62557&g0=rferl.org&g1=RFE%2FRL&n=1&f=00001&c=0&x=0&m=0&y=3854&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&b=1726&t=Y7oN2BB24SED8ltunBSPVMqBKSpYj&V=139&i=U.S.%20Confirms%20Cyberattack%20Hit%20Government%20Networks%2C%20Says%20It%27s%20Ongoing&tz=0&sn=1&sv=DzQAMwDuiGgJ366A9C0thAwnj20S&sd=1&im=061b2ff3&_ Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.84.230.51 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-84-230-51.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-type image/gif pragma no-cache date Sun, 30 Apr 2023 02:37:16 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H2	200	s64945912164850 ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/	43 B 373 B	374ms 28ms	Image image/gif	63.140.38.180 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s64945912164850?AQB=1&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A16%200%200&sdid=6456AFB69FCF4CC9-4E08DCCDE061D371&mid=32814846771312227013360092405208825064&aamlh=7&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3Aarticle%3Au.s.%20confirms%20cyberattack%20hit%20government%20networks%2C%20says%20it%27s%20ongoing&g=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&cc=USD&ch=%2Fa&server=www.rferl.org&events=event1%2Cevent52&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&v4=article&v5=russia&v6=u.s.%20confirms%20cyberattack%20hit%20government%20networks%2C%20says%20it%27s%20ongoing&v7=u.s.%20confirms%20cyberattack%20hit%20government%20networks%2C%20says%20it%27s%20ongoing&v8=rfe%2Frl&v10=12%2F17%2F2020&v11=04&v13=us-confims-cyberattack-solarwinds-gvernment-networks-ongoing&v14=31005048&v15=english&v16=rferl%20english&v17=responsive&v20=yes&v21=article&v23=32814846771312227013360092405208825064&v24=0187d00586b3009ebf9a669b474803074006206c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&v32=rfe%3Aeng%3Ar%3Aarticle%3Au.s.%20confirms%20cyberattack%20hit%20government%20networks%2C%20says%20it%27s%20ongoing&v38=article&v39=news%2Crussia&v50=article%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v85=russia&v100=2023-04-30%3A02.37%3A%2B00.00&v101=Etc%2FUnknown&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.38.180 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ip-63-140-38-180.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:16 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 01 May 2023 02:37:16 GMT server jag etag 3613833234708692992-4619590524741743669 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Sat, 29 Apr 2023 02:37:16 GMT
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	3 KB 1 KB	20ms 18ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6732f81d44cfb9e5756f4945168f1c79a2ef9a3d53d755d808abe9273f0681b8 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id OmArxMZ_GLyvwAVRvu2L5.mmz4Xhi8iy content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:35:32 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 125 x-amz-server-side-encryption AES256 etag W/"043cf323f1711597ec795215416e0b5c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id PBaClnprsGE6ydjtzR4D4l5VI_Xch_vjxNVdgYTVRgKdDgvDFnklRQ==
GET H3	200	iframe_api Show response www.youtube.com/ Frame D484	1 KB 557 B	46ms 45ms	Script text/javascript	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fa0508572bc08a5cde3bd8041250e70364fec655c6513e73cb8dfb6a040f8c8b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} content-type text/javascript; charset=utf-8 vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cache-control private, max-age=0 origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Sun, 30 Apr 2023 02:37:16 GMT
GET H2	200	infographics.b Show response www.rferl.org/Scripts/responsive/ Frame D484	4 KB 2 KB	182ms 180ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/31157751.html?layout=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers expires Fri, 05 May 2023 17:55:25 GMT date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=319 content-type application/javascript; charset=utf-8 cache-control public, no-transform, max-age=487089 content-length 1471 x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	Merriweather-Light_v2.woff www.rferl.org/Content/responsive/fonts/ Frame D484	60 KB 61 KB	183ms 182ms	Font application/font-woff	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.rferl.org/a/31157751.html?layout=1 Origin https://www.rferl.org accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:16 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff last-modified Mon, 08 Aug 2022 13:53:07 GMT onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/fonts/Merriweather-Light_v2.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes content-length 61544 x-xss-protection 1; mode=block expires Tue, 30 May 2023 02:37:16 GMT
GET H2	200	ifg-blank.css www.rferl.org/Content/ Frame D484	284 B 578 B	185ms 184ms	Stylesheet text/css	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/ifg-blank.css?av=0.1.0.0&cb=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/31157751.html?layout=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Mon, 08 Aug 2022 13:53:49 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/ifg-blank.css?av=0.1.0.0&cb=319 content-type text/css cache-control public, no-transform, max-age=487085 accept-ranges bytes content-length 220 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:55:21 GMT
GET H2	200	RFE-en-US.css www.rferl.org/Content/responsive/RFE/en-US/ Frame D484	289 KB 48 KB	189ms 188ms	Stylesheet text/css	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash f3d9740af8ac281d45977f7d686c7918e7ab101856eb9b25dd791e15c1a75f72 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/31157751.html?layout=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 last-modified Tue, 28 Mar 2023 14:11:37 GMT vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/RFE-en-US.css content-type text/css cache-control public, no-transform, max-age=461649 accept-ranges bytes content-length 49010 x-xss-protection 1; mode=block expires Fri, 05 May 2023 10:51:25 GMT
GET H2	200	fdf2c905-d3a8-4afe-83f2-9753658dc776_w256.png gdb.rferl.org/ Frame D484	13 KB 14 KB	114ms 111ms	Image image/avif	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://gdb.rferl.org/fdf2c905-d3a8-4afe-83f2-9753658dc776_w256.png Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Image Manager / Resource Hash 01a7ea5db52949a44fefa3363bc156b4e31f5c940814271ecc419b3a085f34f9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT strict-transport-security max-age=31536000 last-modified Mon, 08 Mar 2021 06:40:46 GMT server Akamai Image Manager etag "75828" content-type image/avif cache-control private, no-transform, max-age=1666034 content-length 13607 expires Fri, 19 May 2023 09:24:30 GMT
GET H/1.1	200 OK	mc-validate.js Show response s3.amazonaws.com/downloads.mailchimp.com/js/ Frame D484	140 KB 140 KB	106ms 41ms	Script application/javascript	54.231.202.32 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.202.32 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Date Sun, 30 Apr 2023 02:37:17 GMT Last-Modified Mon, 20 Aug 2018 17:42:38 GMT Server AmazonS3 x-amz-request-id 81KZ0FXAJZHPTNVB ETag "6465dd4a8331265e6629cd069e03504c" Content-Type application/javascript Cache-Control public,max-age=2592000 Accept-Ranges bytes Content-Length 143249 x-amz-id-2 OJzKvu8NJscuYq52NBJFLPKwMQbL5ao5QtR/ueiEFS6//tMtikdmG/MU+opbaZdAFX0jhgpE9Gw=
GET H2	200	conf.js Show response www.rferl.org/ Frame D484	5 KB 1 KB	113ms 110ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/conf.js?x=319 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 614f1be7936b1cf0e60d7906ffec2f9551d0a03e102f0dfcedd4020eab9a28c9 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/31157751.html?layout=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/conf.js?x=319 content-type application/javascript; charset=utf-8 content-language en cache-control public, max-age=486943 content-length 1136 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:52:59 GMT
GET H3	200	www-widgetapi.js Show response www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/ Frame D484	184 KB 61 KB	15ms 12ms	Script text/javascript	2607:f8b0:4020:805::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4020:805::200e Montreal, Canada, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c95c0994d62d97c528e8e239fd9b65b87e9a85719437051a37e2946f20455587 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Wed, 26 Apr 2023 21:44:21 GMT content-encoding br x-content-type-options nosniff age 276775 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62942 x-xss-protection 0 last-modified Wed, 26 Apr 2023 02:29:39 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Thu, 25 Apr 2024 21:44:21 GMT
GET H2	200	share.php Show response vk.com/	21 B 354 B	141ms 140ms	Script text/html	87.240.132.67 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/share.php?act=count&url=https://www.rferl.orgnull Requested by Host: www.rferl.org URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=319&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,image_expander,accordeon,share_link,sharing_open,podcast_wg,podcast_sub,transition_toggler,nav20,sticky_sharing20 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.132.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU), Reverse DNS srv67-132-240-87.vk.com Software kittenx / KPHP/7.4.113739 Resource Hash 09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85 Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:16 GMT content-encoding gzip x-frontend front220006 strict-transport-security max-age=15768000 server kittenx x-powered-by KPHP/7.4.113739 content-type text/html; charset=windows-1251 access-control-expose-headers X-Frontend cache-control no-store content-length 41
POST H2	200	/ Show response www.facebook.com/tr/ Frame 8D37	0 31 B	19ms 18ms	Document text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/tr/ Requested by Host: www.rferl.org URL: https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Content-Type application/x-www-form-urlencoded Origin https://www.rferl.org Referer https://www.rferl.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin https://www.rferl.org alt-svc h3=":443"; ma=86400 content-length 0 content-type text/plain cross-origin-resource-policy cross-origin date Sun, 30 Apr 2023 02:37:16 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	104 KB 31 KB	20ms 19ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 028e01ec6534dcb3f8c2ace12b0a791a2545599056e68616cf9a77c546c68473 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id YyH45m7Vd2yibE434WVbugil5bswZ.zN content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:24 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 173 x-amz-server-side-encryption AES256 etag W/"aec277aa7f555f19737f6fa65bfdfd8b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id c5lV8UnhN6CrBKgXROdePzCvfCxeLAbSkZJy7Xut2wLC2-h_DRathg==
GET H2	200	utag.72.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	87 KB 23 KB	21ms 19ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202304242254 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1a7f288ac01cb0f44af225fc0aa5d3b65f80862fcb299bc139384f83672dcb1e Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id avMVyT7kYr_5SuYW1yv5uFqLRhAVOIgh content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:32:44 GMT last-modified Mon, 24 Apr 2023 22:55:35 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 273 x-amz-server-side-encryption AES256 etag W/"09865d2f5e502160382935e604e63a4f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id ACsaCTGLAmShDadoqxdNVE_kiBMCyhhRZQ3XVDaNbzwLiNJkhh0JhA==
GET H2	200	utag.24.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	10 KB 4 KB	22ms 20ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6cf63730c4b38aa30dc5b5efd10ad173f14f881f8e4b57ed94fb4382c939648a Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id QCPruGala9aHaqWhYWliffWsq18tsny2 content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:54 GMT last-modified Mon, 24 Apr 2023 22:55:34 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 143 x-amz-server-side-encryption AES256 etag W/"5499ce95e0ba9fb3edef29d47b5ce671" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id YQPOYwL4nEiIfSMGXd2sq6N40-Zd5ujR9Rd3UuVk-0sUg7zoMaAf-A==
GET H2	200	utag.7.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	607 B 1 KB	23ms 22ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dd8ae1f6ffea5f8ed54a991f5d85dc5c075ce354fdef4585803c6434903a92f7 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id EH6UDgMtZ76yVCADTIoS9tTpORlGFVVu date Sun, 30 Apr 2023 02:36:25 GMT via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) x-amz-cf-pop JFK50-P6 age 52 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 607 last-modified Mon, 24 Apr 2023 22:55:32 GMT server AmazonS3 etag "81e4bd65060ad071123c4444011a94a1" vary Accept-Encoding content-type application/javascript cache-control max-age=1296000 accept-ranges bytes x-amz-cf-id 6cjnqLsUI8kWhzy2CLzr21J6gKRBkGq7ikGdsXnGAoJoYk5Bci64vQ==
GET H2	200	utag.4.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	55 KB 17 KB	24ms 23ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7a5f85841e8d23051f70c58c44d8236e8667d8d70a8b7cbbfc85b59343675449 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id OLoQL324Gd7Wje94t30u8APHW0AfJAuX content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:34:06 GMT last-modified Mon, 24 Apr 2023 22:55:36 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 191 x-amz-server-side-encryption AES256 etag W/"09779b8b6a6757b58252e0bb9dca28d4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id VZyQST9pR_7jNe-eftHHrWO-Q_Iv5vflyqL0OyhzBYgbMGmbtKSA5A==
GET H2	200	utag.36.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame D484	2 KB 1 KB	25ms 24ms	Script application/javascript	2600:9000:2511:0:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.202303291338 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2511:0:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bd1bf027b971c8e0ef50613990248121fb66116681238823e4c3c09483561cb9 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-amz-version-id 81oaFak31tAYejc4M23mCHrgf_swEdg8 content-encoding br via 1.1 b260b0d4d2162fe305bab4403f7e668c.cloudfront.net (CloudFront) date Sun, 30 Apr 2023 02:37:16 GMT last-modified Mon, 24 Apr 2023 22:55:38 GMT server AmazonS3 x-amz-cf-pop JFK50-P6 age 1 x-amz-server-side-encryption AES256 etag W/"5ccdcbb427474e203e5ad29c52c6c8d6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id NGZJjVtFzPU19ZpBsYRZ8ppbUJdtg0O7zcAIZt3hV9PTJFrg7WNNZA==
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/ Frame D484	107 KB 27 KB	20ms 19ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 091ba5711e7f397eca67fb1da60968a88be608d2f4fb80955ef74f645b6e898b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 30 Apr 2023 02:37:16 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 27967 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug unYYM3qDDAQBGgEiD5dqBAjKFLZq4HtSIhldufAWvZB4n04iXJyko3fn7giE1bB8jbkwNydMB19iFYzP4ET6Eg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	cs.js Show response sb.scorecardresearch.com/internal-c2/default/ Frame D484 Redirect Chain https://sb.scorecardresearch.com/c2/6035794/cs.js https://sb.scorecardresearch.com/internal-c2/default/cs.js	0 359 B	17ms 17ms	Script application/javascript	13.33.60.120 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-c2/default/cs.js Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Server 13.33.60.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-120.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:12:01 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) last-modified Mon, 01 Mar 2021 20:42:20 GMT server AmazonS3 x-amz-cf-pop EWR52-C1 age 1517 x-amz-server-side-encryption AES256 etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 0 x-amz-cf-id CvvL5CxLC9tnitt7x7tnm-fJKDCsB5w6xCXCNB9NwF7u8VQnNWsAhQ== Redirect headers date Sun, 30 Apr 2023 02:37:17 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop EWR52-C1 x-cache Miss from cloudfront location /internal-c2/default/cs.js content-length 0 x-amz-cf-id O9ussA9xTjc8-f3DiqBx_BvWdtqgnGL-SKyMBtzJeKs9EjBIu3iNPA==
GET H2	200	chartbeat_video.js Show response static.chartbeat.com/js/ Frame D484	70 KB 24 KB	21ms 20ms	Script application/x-javascript	2600:9000:24f1:fa00:18:1fcd:351:7bc1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_video.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.202303291338 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f1:fa00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sat, 29 Apr 2023 08:20:30 GMT content-encoding gzip via 1.1 e23983892b1c8fb4d47f943c0ee29028.cloudfront.net (CloudFront) last-modified Thu, 08 Dec 2022 17:02:37 GMT server nginx x-amz-cf-pop JFK50-P4 age 65806 etag W/"639218ad-11856" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id z_GhiIagZ7HwsbbuGY5D5pvF3pZYozaZNl-Q0MHlRk5uPMs-p9qg5g== expires Sun, 30 Apr 2023 08:20:30 GMT
GET H2	204	b sb.scorecardresearch.com/ Frame D484	0 318 B	25ms 25ms	Image text/plain	13.33.60.120 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns_type=hidden&ns__t=1682822236986&ns_c=UTF-8&c8=Week%20in%20Russia%20Region%20Widget-GR-1878&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c9=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.60.120 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-60-120.ewr52.r.cloudfront.net Software / Resource Hash Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers date Sun, 30 Apr 2023 02:37:17 GMT via 1.1 3b1807627d3f1dc0cdeb157fc313627a.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop EWR52-C1 x-amz-cf-id eqcl-0Fq0-VJBm37iN_csFeBpdUFOCL_KN5Uf8z6WBy_6baJGE2uYA== x-cache Miss from cloudfront
GET H2	200	s65232187804345 ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ Frame D484 Redirect Chain https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D7070107A-06AD83599929E014&ce=UTF-8&ns=bbg&cdp=2&page... https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&pccr=true&vidn=3226EA2ECF868353-600004FA492C8B7B&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D707...	43 B 229 B	29ms 29ms	Image image/gif	63.140.38.180 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&pccr=true&vidn=3226EA2ECF868353-600004FA492C8B7B&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D7070107A-06AD83599929E014&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v4=snippet&v5=snippet&v6=week%20in%20russia%20region%20widget-gr-1878&v14=31157751&v15=english&v16=rferl%20english&v17=responsive&v21=iframe&v24=0187d00586b3009ebf9a669b474803074006206c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v38=snippet&v50=iframe&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v65=week%20in%20russia%20region%20widget-gr-1878&v72=prod&v100=2023-04-30%3A02.37%3A%2B00.00&v101=Etc%2FUnknown&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=150&AQE=1 Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H2 Server 63.140.38.180 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ip-63-140-38-180.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers pragma no-cache date Sun, 30 Apr 2023 02:37:17 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 01 May 2023 02:37:17 GMT server jag etag 3613833236667301888-4619337264903364497 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Sat, 29 Apr 2023 02:37:17 GMT Redirect headers pragma no-cache date Sun, 30 Apr 2023 02:37:17 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Mon, 01 May 2023 02:37:17 GMT server jag vary Origin p3p CP="This is not a P3P policy" access-control-allow-origin * location https://ssc.rferl.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65232187804345?AQB=1&pccr=true&vidn=3226EA2ECF868353-600004FA492C8B7B&ndh=1&pf=1&t=30%2F3%2F2023%202%3A37%3A17%200%200&fid=4444323D7070107A-06AD83599929E014&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v4=snippet&v5=snippet&v6=week%20in%20russia%20region%20widget-gr-1878&v14=31157751&v15=english&v16=rferl%20english&v17=responsive&v21=iframe&v24=0187d00586b3009ebf9a669b474803074006206c00b08&v25=rfe&v27=RFERL%20English%20Responsive&v29=www.rferl.org&v30=420&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v38=snippet&v50=iframe&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v65=week%20in%20russia%20region%20widget-gr-1878&v72=prod&v100=2023-04-30%3A02.37%3A%2B00.00&v101=Etc%2FUnknown&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=150&AQE=1 content-type text/plain;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 0 x-xss-protection 1; mode=block expires Sat, 29 Apr 2023 02:37:17 GMT
GET H3	200	1949494258686877 Show response connect.facebook.net/signals/config/ Frame D484	377 KB 108 KB	20ms 20ms	Script application/x-javascript	2a03:2880:f012:10c:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1949494258686877?v=2.9.102&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4ac19a9823c0dd9332c619e0a4600d2de5a487cb4487865f6f91cb9bbb6f58e6 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 30 Apr 2023 02:37:17 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 110228 x-fb-rlafr 0 x-xss-protection 0 pragma public x-fb-debug RhKEESzIX+oIqXKDZSQS5NBXlAXcrsu/Fsgfid8YAB2aL+rdM3xzXUo/3iNxyWN6kJZGZzz6M0+ucqCxIIU3XA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/ Frame D484	0 18 B	19ms 18ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&rl=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&if=true&ts=1682822237931&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.1.1682822236170.1365372202&it=1682822237866&coo=false&rqm=GET Requested by Host: www.rferl.org URL: https://www.rferl.org/a/31157751.html?layout=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 30 Apr 2023 02:37:17 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i
GET H2	200	res Show response www.rferl.org/	4 KB 2 KB	60ms 59ms	Script application/javascript	2600:1400:d:588::1317 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.rferl.org/res?callback=_resourceLoaderReceiver_1&x=319&dependencies=custom_print Requested by Host: www.rferl.org URL: https://www.rferl.org/Scripts/responsive/loader.b?v=NRQr8YKXpIaocuMSpKreIlCwLsQu-x0ID2rGT10f0Lo1&av=0.1.0.0&cb=319 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1400:d:588::1317 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 83e35545ca6e62e91d6f392b6a0ae45cd695d12e44dc891c87ebe0df87b03c06 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers x-ua-compatible IE=edge date Sun, 30 Apr 2023 02:37:17 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000 vary Accept-Encoding onion-location https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/res?callback=_resourceLoaderReceiver_1&x=319&dependencies=custom_print content-type application/javascript; charset=utf-8 content-language en cache-control public, no-transform, max-age=486918 content-length 1555 x-xss-protection 1; mode=block expires Fri, 05 May 2023 17:52:35 GMT
GET H/1.1	204 No Content	b ds-aksb-a.akamaihd.net/2/52394/	0 269 B	19ms 19ms	Image text/html	2600:1400:9000::687e:75c1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://ds-aksb-a.akamaihd.net/2/52394/b?dE=53&cS=53&cE=112&rqS=112&rsS=497&rsE=501&sS=72&dl=629&di=1001&fp=897&dlS=1001&dlE=1006&dc=3142&leS=3142&leE=3148&to=&ol=0&cr=18&mt=&mb=&b=655633&u=https%3A//www.rferl.org/a/us-confims-cyberattack-solarwinds-gvernment-networks-ongoing/31005048.html&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/112.0.5615.121%20Safari/537.36&pl=Win32&us=&gh=23.33.238.87&t=&rid=1e55d930&r=31689&akM=dscb&akN=ae&vc=14:17&bpcip=9g7zko0z30&akTX=1&akTI=1e55d930&ai=211610&pmgn=&pmgi=&pmp= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2600:1400:9000::687e:75c1 New York, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers Pragma no-cache Date Sun, 30 Apr 2023 02:37:18 GMT Content-Type text/html Cache-Control max-age=0, no-cache, no-store, private Connection keep-alive Timing-Allow-Origin * Content-Length 0 Expires Sun, 30 Apr 2023 02:37:18 GMT
GET H3	200	/ www.facebook.com/tr/ Frame D484	0 15 B	19ms 19ms	Image text/plain	2a03:2880:f112:182:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1949494258686877&ev=Microdata&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&rl=https%3A%2F%2Fwww.rferl.org%2Fa%2Fus-confims-cyberattack-solarwinds-gvernment-networks-ongoing%2F31005048.html&if=true&ts=1682822238435&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Week%20in%20Russia%20Region%20Widget-GR-1878%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22RFERL%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Week%20in%20Russia%20Region%20Widget-GR-1878%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%22%2C%22og%3Asite_name%22%3A%22RadioFreeEurope%2FRadioLiberty%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Frferl%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rferl.org%2FContent%2Fresponsive%2FRFE%2Fen-US%2Fimg%2Ftop_logo_news.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22675%22%2C%22og%3Aimage%3Aalt%22%3A%22site%20logo%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite%22%3A%22%40RFERL%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.102&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1682822236170.1365372202&it=1682822237866&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://www.rferl.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sun, 30 Apr 2023 02:37:18 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 priority u=3,i