d28b88kqurefxz.cloudfront.net Open in urlscan Pro
2600:9000:250a:2a00:14:1e86:cdc0:21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d28b88kqurefxz.cloudfront.net/
Submission: On December 14 via api (December 14th 2023, 1:50:06 pm UTC) from US — Scanned from US

Summary HTTP 50 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 17 IPs in 2 countries across 16 domains to perform 50 HTTP transactions. The main IP is 2600:9000:250a:2a00:14:1e86:cdc0:21, located in United States and belongs to AMAZON-02, US. The main domain is d28b88kqurefxz.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.

This is the only time d28b88kqurefxz.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:9000:250... 2600:9000:250a:2a00:14:1e86:cdc0:21	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:20e... 2600:9000:20e2:4e00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4004:c07::5d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
1	20.38.118.132 20.38.118.132	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
1 3	52.6.38.206 52.6.38.206	14618 (AMAZON-AES) (AMAZON-AES)
1	44.206.185.183 44.206.185.183	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.151 63.140.38.151	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.146.191.139 54.146.191.139	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5f	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:24f... 2600:9000:24f3:2000:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
2 4	18.165.83.3 18.165.83.3	16509 (AMAZON-02) (AMAZON-02)
1	54.92.251.225 54.92.251.225	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.0 63.140.38.0	14618 (AMAZON-AES) (AMAZON-AES)
17	2600:141b:f00... 2600:141b:f000:1088::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4004:c17::5e	15169 (GOOGLE) (GOOGLE)
50	17

4 2600:9000:250a:2a00:14:1e86:cdc0:21 (United States)

ASN16509 (AMAZON-02, US)

d28b88kqurefxz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c07::5d (Washington, United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.38.118.132 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stdatavisualpublic001.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.6.38.206 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-38-206.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.206.185.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-185-183.compute-1.amazonaws.com

bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.151 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-151.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.146.191.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-191-139.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5f (Washington, United States)

ASN15169 (GOOGLE, US)

sheets.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f3:2000:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.165.83.3 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-3.iad55.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.92.251.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-251-225.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.0 (United States)

ASN14618 (AMAZON-AES, US)

ssc.votvot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:141b:f000:1088::1317 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)

gdb.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c17::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	rferl.org gdb.rferl.org — Cisco Umbrella Rank: 159396	22 MB
7	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	75 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	1 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199	56 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 bbg.demdex.net — Cisco Umbrella Rank: 140299	5 KB
4	cloudfront.net d28b88kqurefxz.cloudfront.net	23 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 sheets.googleapis.com — Cisco Umbrella Rank: 61576	7 KB
2	gstatic.com fonts.gstatic.com	38 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
1	votvot.tv ssc.votvot.tv	372 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767	24 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 183159	277 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
1	windows.net stdatavisualpublic001.blob.core.windows.net	251 KB
50	16

	Domain	Requested by
17	gdb.rferl.org	d28b88kqurefxz.cloudfront.net
7	tags.tiqcdn.com	d28b88kqurefxz.cloudfront.net tags.tiqcdn.com
4	sb.scorecardresearch.com	2 redirects d28b88kqurefxz.cloudfront.net
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	d28b88kqurefxz.cloudfront.net	d28b88kqurefxz.cloudfront.net
3	dpm.demdex.net	1 redirects d28b88kqurefxz.cloudfront.net
2	fonts.gstatic.com	fonts.googleapis.com
2	sheets.googleapis.com	stdatavisualpublic001.blob.core.windows.net
2	www.youtube.com	d28b88kqurefxz.cloudfront.net www.youtube.com
1	ssc.votvot.tv	d28b88kqurefxz.cloudfront.net
1	ping.chartbeat.net	d28b88kqurefxz.cloudfront.net
1	static.chartbeat.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.tiqcdn.com
1	bbg.demdex.net	tags.tiqcdn.com
1	www.googletagmanager.com	d28b88kqurefxz.cloudfront.net
1	stdatavisualpublic001.blob.core.windows.net	d28b88kqurefxz.cloudfront.net
1	fonts.googleapis.com	d28b88kqurefxz.cloudfront.net
50	18

This site contains links to these domains. Also see Links.

Domain
apps.apple.com
play.google.com
www.amazon.com
us.lgappstv.com
pressroom.rferl.org
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
www.tiktok.com
t.me

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2023-09-27` - `2024-09-27`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-09` - `2024-03-08`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
ssc.votvot.tv DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-23` - `2024-06-22`	a year	crt.sh
www.rferl.org R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://d28b88kqurefxz.cloudfront.net/
Frame ID: D73399AD54753F37298F2C17EABC3729
Requests: 49 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: CEA9F12204F09079DC03483A929DD551
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Votvot. Видеоконтент без цензуры

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Page Statistics

50
Requests

92 %
HTTPS

56 %
IPv6

16
Domains

18
Subdomains

17
IPs

2
Countries

22711 kB
Transfer

23470 kB
Size

15
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://apps.apple.com/ru/app/votvot/id1667840613

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.twentyfouri.tvbridge.rferl

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B0BZ8589PT

Search URL Search Domain Scan URL

URL: https://us.lgappstv.com/main/tvapp/detail?appId=1207969

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/votvot
Title: О проекте

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Votvot.tv/

Search URL Search Domain Scan URL

URL: https://twitter.com/VotvotTV

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@VotvotTV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/votvottv/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@votvot.tv

Search URL Search Domain Scan URL

URL: https://t.me/VotvotTV

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317

Request Chain 13

https://cm.everesttech.net/cm/dd?d_uuid=25665787411828087882727631662280594659 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXsIBgAAAHBYYAMv

Request Chain 22

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 24

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&c9=

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d28b88kqurefxz.cloudfront.net/ 11 KB
12 KB 187ms
92ms Document
text/html 2600:9000:250a:2a00:14:1e86:cdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2a00:14:1e86:cdc0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

49d7d7dd46e7e7770ebfcc6f380f8724ad970dcca775bd3a9270fd77fe8947a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, max-age=42
content-language: ru
content-type: text/html; charset=utf-8
date: Thu, 14 Dec 2023 13:49:58 GMT
expires: Thu, 14 Dec 2023 13:50:40 GMT
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-amz-cf-id: onyW1azece-kg4tquMKttWn5NIaz7QikReQca3oi9eKpucpTbbiTSw==
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-sticky-incompatible: 1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
1 KB 116ms
31ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:47:39 GMT
x-amz-version-id: MsLd0ENYttoJNN9snQW4N9fSCmBP2oEb
content-encoding: br
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
etag: W/"3f9113fdbc232b35c3b669ac64c6d145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 140
cache-control: max-age=300
x-amz-cf-id: cOnOsrflDoGCIyfhE5DC9ZS8jySQ_QHQc6S_7T_7Q1QDoUqLK_qw0w==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 130ms
58ms Script
text/javascript 2607:f8b0:4004:c07::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8493cdda94c825474c03c4d0c70d4a9d33ad28a203f35179226e1600c4179c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 14 Dec 2023 13:49:58 GMT

GET
H2 200 infographics.b Show response
d28b88kqurefxz.cloudfront.net/Scripts/responsive/ 4 KB
4 KB 139ms
137ms Script
application/javascript 2600:9000:250a:2a00:14:1e86:cdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b88kqurefxz.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2a00:14:1e86:cdc0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: IAD12-P3
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=2390505
x-amz-cf-id: jWAYAAQLr4hrwSnsvlFAEDC2kaJ_4YfUe22agE6bUqAnXgxFIwW8Gw==
content-length: 3943
x-xss-protection: 1; mode=block
expires: Thu, 11 Jan 2024 05:51:43 GMT

GET
H2 200 ifg-blank.css
d28b88kqurefxz.cloudfront.net/Content/ 284 B
793 B 143ms
141ms Stylesheet
text/css 2600:9000:250a:2a00:14:1e86:cdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b88kqurefxz.cloudfront.net/Content/ifg-blank.css?av=0.1.0.0&cb=333

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2a00:14:1e86:cdc0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 05:51:03 GMT
date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: IAD12-P3
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//Content/ifg-blank.css?av=0.1.0.0&cb=333
content-type: text/css
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=2390465
x-amz-cf-id: dWxau_5gwAF3SGNaqtyPMFZeFRrmUYlqm9zXEuEtx3uXU2Bg-fYCew==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1021 B 113ms
43ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2c0133c36b8fa9944a6add01b8f7f84bab5a39315bb2d337b3c0657aedd9646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Dec 2023 13:49:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 13:23:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Dec 2023 13:49:58 GMT

GET
H/1.1 200
OK main.min.js Show response
stdatavisualpublic001.blob.core.windows.net/votvot/static/js/ 250 KB
251 KB 480ms
124ms Script
application/javascript 20.38.118.132
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.38.118.132 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d0f9502bc7aa7b95e4234ebf44f95348dfa767627d8b60b7e767b677251c30d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Dec 2023 13:49:58 GMT
Last-Modified: Wed, 27 Sep 2023 18:29:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: agzqldJao5o0c82RNa/qfQ==
ETag: 0x8DBBF87ABF7F585
Vary: Origin
Content-Type: application/javascript
x-ms-request-id: fe59d803-401e-001d-4694-2ef22b000000
x-ms-version: 2009-09-19
Content-Length: 256458

GET
H2 200 conf.js Show response
d28b88kqurefxz.cloudfront.net/ 5 KB
6 KB 123ms
123ms Script
application/javascript 2600:9000:250a:2a00:14:1e86:cdc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d28b88kqurefxz.cloudfront.net/conf.js?x=333

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250a:2a00:14:1e86:cdc0:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

29239288962cd6a3ca5484159529bdafb7e443cec8f2f0e2f038afa2c107dcc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 3203c4b5504fa019a752072f0419ef6a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-cache: Miss from cloudfront
content-length: 5426
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.votvot23gcn32pr24mkfypuct2vv45n6uu7i64grwgzvt3wcfefwo3ad.onion//conf.js?x=333
content-language: ru
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=2390532
x-amz-cf-id: wN88uzhD2XccD4NhZqf7VyWG_TihR9zRiP6nyAnlHo7OJy3s-OWKpg==
expires: Thu, 11 Jan 2024 05:52:10 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/0d02ada0/www-widgetapi.vflset/ 216 KB
67 KB 34ms
34ms Script
text/javascript 2607:f8b0:4004:c07::5d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0d02ada0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca767e8a29ac41afbf8ed2c0702af321b3e819427479c8e63aa12982023aa0ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:41:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68461
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 02:45:37 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Dec 2024 13:41:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
90 KB 114ms
45ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f3c5cf66512061cd26abf4cd419a9eb263bee7aa2dc4ae98ca8b1df85b7d798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91298
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Dec 2023 13:49:58 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 103 KB
31 KB 37ms
36ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:47:11 GMT
x-amz-version-id: ktuod7oUGQ1iM5mrE4cEesdd9KazSkhI
content-encoding: br
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
x-amz-server-side-encryption: AES256
etag: W/"3b5d35e0a59e2ad66782cf5411d15344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 168
cache-control: max-age=300
x-amz-cf-id: qlKkTxiyd0KmEFtS3Ns3Fd2G4tTbJiCQNB7O2KM-0q-PiT5RMl0cyA==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317

362 B
920 B

46ms
46ms

XHR
application/json

52.6.38.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Server

52.6.38.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-38-206.compute-1.amazonaws.com

Software

Resource Hash

2156045ffdeeb3fadcd2eb395f80f51d3be81351ca34bc2a87eb1218e549f377

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0f69d4637.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: vBnJ6EbXTpc=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://d28b88kqurefxz.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 306
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0d1ba4552.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dKrvfBeqQ5g=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702561798317
access-control-allow-origin: https://d28b88kqurefxz.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 dest5.html Show response
bbg.demdex.net/ Frame CEA9 7 KB
3 KB 137ms
44ms Document
text/html 44.206.185.183
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

44.206.185.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-206-185-183.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d28b88kqurefxz.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 14 Dec 2023 13:49:58 GMT
dcs: dcs-prod-va6-1-v053-0b8af7933.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Sun, 12 Nov 2023 19:56:38 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: WxaCLiVdSgk=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
277 B 148ms
48ms XHR
application/x-javascript 63.140.38.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=25628959048287017112726106525420268088&ts=1702561798525

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.151 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-151.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d28b88kqurefxz.cloudfront.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Dec 2023 13:49:58 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://d28b88kqurefxz.cloudfront.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZXsIBgAAAHBYYAMv
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=25665787411828087882727631662280594659
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXsIBgAAAHBYYAMv

42 B
716 B

46ms
46ms

Image
image/gif

52.6.38.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXsIBgAAAHBYYAMv

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Server

52.6.38.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-38-206.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-07861c496.edge-va6.demdex.com 3 ms
pragma: no-cache
date: Thu, 14 Dec 2023 13:49:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: VbBQWVw7SKs=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXsIBgAAAHBYYAMv
Date: Thu, 14 Dec 2023 13:49:58 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 Articles Show response
sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/ 13 KB
5 KB 255ms
179ms Fetch
application/json 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/Articles?alt=json&key=AIzaSyDliBdIaszCPY0qUrpbRZZyNpBIlzpAous

Requested by

Host: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

317868e0504fcf326bf96aa91ab7b2b1993514cbf254b5c44f71e37953f52183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-l2-request-path: l2-managed-6
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://d28b88kqurefxz.cloudfront.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4890
x-xss-protection: 0

GET
H2 200 Strings Show response
sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/ 2 KB
1 KB 296ms
221ms Fetch
application/json 2607:f8b0:4004:c1b::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sheets.googleapis.com/v4/spreadsheets/1OsTP9EIwpIa6K2liDnUi2MFpvomEyPKXHDmckKM0WOs/values/Strings?alt=json&key=AIzaSyDliBdIaszCPY0qUrpbRZZyNpBIlzpAous

Requested by

Host: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/votvot/static/js/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

863d2238231ce5fe83a7d205e3b77347f992a202862a6a8e0ad9e554dcdf914e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-l2-request-path: l2-managed-6
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://d28b88kqurefxz.cloudfront.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
x-xss-protection: 0

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 85 KB
23 KB 38ms
37ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202312122139
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9gH2UWQSXg.fEs3vi8QBv0Yy3Zc2Xm.j
content-encoding: br
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 13:45:09 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 291
x-amz-server-side-encryption: AES256
etag: W/"4b302efc5b38e5b3f50431325b1802a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 3VUEn0wE4wGoh3Y64u2jNo8oaYmsz8qNu3rZpenvHxfljedYSXNKpw==

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
1 KB 48ms
47ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MFRvDMha7pw77iq_14RzZbP.bsM2IlF8
date: Thu, 14 Dec 2023 13:48:54 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
etag: "b04c2a096a5d839a6fb21261392ba882"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: 733yk_FmNaM_zGB0fwv2kvT4_uHWAFBayQy5WGRDw19DP06WR2vrHQ==

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 46ms
46ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: nMiMcodGGXZuDEOr_LkuOTdEG1s4..Nc
content-encoding: br
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 13:47:23 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 157
x-amz-server-side-encryption: AES256
etag: W/"6a5e55f6c53de2c5fad8f6eaefc225c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: ZKg3NEhoRwg7SNQ5qaBRdrLSIQ8lfzRO0C-jD3Q1F1xXs3wR8rReWg==

GET
H2 200 utag.73.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 4 KB
2 KB 47ms
47ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: j5H5BcarJL3JyoJ9vTyZM7tpL83fYq5U
content-encoding: br
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
date: Thu, 14 Dec 2023 13:48:19 GMT
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 101
x-amz-server-side-encryption: AES256
etag: W/"bd506405154704ba3ad1b776f24dd192"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: PMv8PrlLsFHyfr2TaFunSQ7klJJTYtrhwt3S3-cx7F5C-e6PTENgkg==

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 6 KB
3 KB 119ms
40ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5409
cf-polished: origSize=6157
ce-version: 11.5.160
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 11:48:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8356e9cd1db34bd3-BUF

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 103ms
36ms Script
application/x-javascript 2600:9000:24f3:2000:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f3:2000:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 11:53:17 GMT
content-encoding: gzip
via: 1.1 c378d79f6d61c9af35c366d426990acc.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 01:53:13 GMT
server: nginx
x-amz-cf-pop: IAD55-P2
age: 7002
etag: W/"657a6009-11b4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: jmTUhq6Tid6BpZuTkK2ByFiUallCVXLAP8o5UAX90GLZDnlmrrt0Lg==
expires: Thu, 14 Dec 2023 13:53:17 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
382 B

36ms
35ms

Script
application/javascript

18.165.83.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: H2
Server: 18.165.83.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-3.iad55.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 17:45:15 GMT
via: 1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: IAD55-P3
age: 72284
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: AU3JE6d-hieyNzT7T84hQiwJ0GKVfQSclyywTi5KVA2F7102rsaXyw==

Redirect headers

date: Thu, 14 Dec 2023 13:49:59 GMT
via: 1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: 3lKs28WTaU5anb6vmjjQSZqEuOnUki7SH2TvL2Iz8bAL6DqZVnDzMA==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 32ms
31ms Script
application/javascript 2600:9000:20e2:4e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202312141307&cb=1702561799129
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 14 Dec 2023 13:47:47 GMT
via: 1.1 0570243541aa4edb51d3f1e60aee5a32.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 133
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Ir-hcj7sJ55_LMUm3P4P8d92OiZklyR1mOW5zkcxx-ebRPszbOjIHA==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%8...

0
224 B

37ms
36ms

Image
text/plain

18.165.83.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&c9=
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: H2
Server: 18.165.83.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-165-83-3.iad55.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
via: 1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-amz-cf-id: qn2UU5c4GGNQ1y4dSD7Y7_ZJ6VL8CE13-HemK0yi1LdctutzQfWr7Q==
x-cache: Miss from cloudfront

Redirect headers

date: Thu, 14 Dec 2023 13:49:59 GMT
via: 1.1 b64454e3c1123ac098282f1036154740.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: IAD55-P3
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035794&ns__t=1702561799128&ns_c=UTF-8&c8=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&c7=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&c9=
content-length: 0
x-amz-cf-id: 7bgdHER8jJPRBI_wJnM0JhRT-31OvmkO9jEGZPfZ7m26UmSrgeJyZw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 133ms
43ms Image
image/gif 54.92.251.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.votvot&p=%2Fa%2F32207601.html&u=BCB1UaxqF45Bhi35W&d=d28b88kqurefxz.cloudfront.net&g=62557&g0=special%20projects&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1200&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&b=1344&t=CbienXDMIKUqnibyfCM5m7bBXduyM&V=142&i=Votvot.%20%D0%92%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&tz=600&sn=1&sv=Orc9PBmvdMQDpywTQlAclDtqvhc&sr=external&sd=1&im=061b2cf3&_
Requested by: Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.92.251.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-251-225.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 14 Dec 2023 13:49:59 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 d28b88kqurefxz.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 106 KB
6 KB 264ms
198ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d28b88kqurefxz.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a50e7bdaf333d842ac90e0bc1fc97ae26e99edcf5d887745ab76b307f79c154d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 14 Dec 2023 13:49:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8356e9cdc9564bc9-BUF
content-length: 5808

GET
H2 200 s48741065779727
ssc.votvot.tv/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
372 B 142ms
39ms Image
image/gif 63.140.38.0
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.votvot.tv/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s48741065779727?AQB=1&ndh=1&pf=1&t=14%2F11%2F2023%203%3A49%3A59%204%20600&sdid=5239B86977CCC6B7-64D9F7F867C708DD&mid=25628959048287017112726106525420268088&aamlh=7&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Avot%3Ar%3Aspecial%20projects%3Avotvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&g=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&cc=USD&ch=%2F&server=d28b88kqurefxz.cloudfront.net&events=event1%2Cevent52%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&v4=article&v5=special%20projects&v6=votvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v7=votvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v10=01%2F04%2F2023&v11=14&v14=32207601&v15=russian&v16=votvot&v17=responsive&v20=yes&v21=special%20projects&v23=25628959048287017112726106525420268088&v24=018c68975897004d573c00b4c36403074002606c00b08&v25=rfe&v27=RFERL%20VotVot%20&v29=d28b88kqurefxz.cloudfront.net&v30=102&v31=https%3A%2F%2Fd28b88kqurefxz.cloudfront.net%2F&v32=rfe%3Avot%3Ar%3Aspecial%20projects%3Avotvot.%20%D0%B2%D0%B8%D0%B4%D0%B5%D0%BE%D0%BA%D0%BE%D0%BD%D1%82%D0%B5%D0%BD%D1%82%20%D0%B1%D0%B5%D0%B7%20%D1%86%D0%B5%D0%BD%D0%B7%D1%83%D1%80%D1%8B&v36=8.28.0.0.333&v38=special%20projects&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v82=view&v100=2023-12-14%3A03.49%3A-10.00&v101=Pacific%2FHonolulu&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.0 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Fri, 15 Dec 2023 13:49:59 GMT
server: jag
etag: 3656223623531397120-4617733846705832501
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 13 Dec 2023 13:49:59 GMT

GET
H2 200 01000000-0a00-0242-848d-08dbacb225ed.jpg
gdb.rferl.org/ 218 KB
219 KB 474ms
331ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-848d-08dbacb225ed.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f8a5164230824acc03cf03f834d523b88fc6ff3800ad6f5a6b094a3ac496ed01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "223455"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/jpeg
cache-control: public, max-age=2591943
gdb-fall-back: false
content-length: 223455
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:02 GMT

GET
H2 200 01000000-c0a8-0242-f461-08dbeb5fcb62.jpg
gdb.rferl.org/ 371 KB
372 KB 597ms
454ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-f461-08dbeb5fcb62.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

91ff1611a43a65f4916d3fcfd4c675393e9bca27088faac5da9d9ba7b8af44a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "379962"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2591991
gdb-fall-back: false
content-length: 379962
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:50 GMT

GET
H2 200 01000000-c0a8-0242-7d1b-08dbea69d4c3.png
gdb.rferl.org/ 1 MB
1 MB 379ms
236ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-7d1b-08dbea69d4c3.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

0cf848262743e79a769460b2d3ecf5a601e9ecc0bb9347ed0b937345a02c7cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "1520750"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/png
cache-control: public, max-age=2591981
gdb-fall-back: false
content-length: 1520750
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:40 GMT

GET
H2 200 01000000-0a00-0242-90de-08dbde5e6fa8.jpg
gdb.rferl.org/ 898 KB
899 KB 571ms
428ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-90de-08dbde5e6fa8.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4a10301e9a3a419180540b4e5047c35ece773914b766e87863da4e8957241a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "919590"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/jpeg
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 919590
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:59 GMT

GET
H2 200 01000000-0aff-0242-2fe2-08dbca6b61f9.jpg
gdb.rferl.org/ 699 KB
699 KB 304ms
161ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-2fe2-08dbca6b61f9.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f163fb2a0fe12499bad23c3e41f23b67c1232c6732206d9cf9908f7445bb7bfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "715406"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2591991
gdb-fall-back: false
content-length: 715406
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:50 GMT

GET
H2 200 01000000-0aff-0242-7e0f-08dbc575794e.jpg
gdb.rferl.org/ 335 KB
336 KB 572ms
430ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-7e0f-08dbc575794e.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

df83f246643d3cbb2c8e8330464c52a7df2c4c0c681a0c3111eb28fb0a2717a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "343157"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/jpeg
cache-control: public, max-age=2591982
gdb-fall-back: false
content-length: 343157
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:41 GMT

GET
H2 200 01000000-0aff-0242-2932-08dbafbfacc2.png
gdb.rferl.org/ 3 MB
3 MB 496ms
494ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-2932-08dbafbfacc2.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

79460f770d3b567264613e9366752b3206a5ce0f77d39f6acac418cab306d8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "3628568"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/png
cache-control: public, max-age=2591948
gdb-fall-back: false
content-length: 3628568
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:07 GMT

GET
H2 200 01000000-c0a8-0242-53d0-08dbe90b83a4.png
gdb.rferl.org/ 2 MB
2 MB 367ms
365ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-53d0-08dbe90b83a4.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f3ab04f1fde99a55df30af317ad145f4d782d90045eebc66658c7e93ef96f557

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "2054169"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/png
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 2054169
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:59 GMT

GET
H2 200 01000000-0aff-0242-a25b-08dbab017602.jpg
gdb.rferl.org/ 925 KB
926 KB 576ms
574ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-a25b-08dbab017602.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

219a6c77dcfa6ca9a7d5158c4ec907cc366b165f013411b23f159f1ac5ee57fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:50:00 GMT
strict-transport-security: max-age=31536000
etag: "946930"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2591973
gdb-fall-back: false
content-length: 946930
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:33 GMT

GET
H2 200 01000000-0aff-0242-69ed-08dbaa1a59ab.jpg
gdb.rferl.org/ 398 KB
399 KB 547ms
545ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-69ed-08dbaa1a59ab.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

93b8290c695c0ca619f4628ef5cf3e0580e2fb69e75fb75cba67b90ff7cf6ba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:50:00 GMT
strict-transport-security: max-age=31536000
etag: "408011"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/jpeg
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 408011
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:00 GMT

GET
H2 200 01000000-0a00-0242-e0ea-08dbaa58bf3d.jpg
gdb.rferl.org/ 715 KB
716 KB 391ms
389ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0a00-0242-e0ea-08dbaa58bf3d.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

02dc551949bf9685293f6ce5869b56b3d74f6fdc7df5d59a307e064ba4a8e558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "731934"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/jpeg
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 731934
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:59 GMT

GET
H2 200 01000000-0aff-0242-56e5-08dbab2a5517.png
gdb.rferl.org/ 3 MB
3 MB 399ms
397ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-56e5-08dbab2a5517.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3593c11c06c647669e14ee1811edf2460579262ff0297304528342b2928d315b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "3287363"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/png
cache-control: public, max-age=2591960
gdb-fall-back: false
content-length: 3287363
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:19 GMT

GET
H2 200 01000000-0aff-0242-9aca-08dbcf275861.png
gdb.rferl.org/ 852 KB
853 KB 586ms
584ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-9aca-08dbcf275861.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bf6f409b76703c6a5a5acf38bb818472a8b8459fad76984a1f9d569debbc44dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:50:00 GMT
strict-transport-security: max-age=31536000
etag: "872487"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/png
cache-control: public, max-age=2591984
gdb-fall-back: false
content-length: 872487
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:44 GMT

GET
H2 200 01000000-0aff-0242-8645-08db66921b85.jpg
gdb.rferl.org/ 2 MB
2 MB 612ms
610ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-8645-08db66921b85.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

85606cefee91516e7f9dc02c27e77871fcf3b37118caa32a87ab879111893e79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:50:00 GMT
strict-transport-security: max-age=31536000
etag: "1983137"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/jpeg
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 1983137
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:00 GMT

GET
H2 200 01000000-0aff-0242-ce3c-08db5d2d46b0.jpg
gdb.rferl.org/ 1 MB
1 MB 332ms
331ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-ce3c-08db5d2d46b0.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1eee718e26fdefe4a08a3a3fba82d45c065aa1063286ba00f81095d9da20a916

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "1202466"
pangea-nodeid: YbkXDwaawxE3YKRIzzalYg==
content-type: image/jpeg
cache-control: public, max-age=2591998
gdb-fall-back: false
content-length: 1202466
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:57 GMT

GET
H2 200 01000000-c0a8-0242-1140-08dbd0b495c3.jpg
gdb.rferl.org/ 556 KB
556 KB 444ms
443ms Image
image/jpeg 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-1140-08dbd0b495c3.jpg

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a5d26ba41760137394aa7e1437b75bc45434c8a11c9e66749601dde44732d143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
strict-transport-security: max-age=31536000
etag: "569150"
pangea-nodeid: 2SJxGn78ZHN+5/sf4s9JiA==
content-type: image/jpeg
cache-control: public, max-age=2591970
gdb-fall-back: false
content-length: 569150
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:49:29 GMT

GET
H2 200 01000000-0aff-0242-fa98-08dbd6d1ac30.png
gdb.rferl.org/ 3 MB
3 MB 509ms
508ms Image
image/png 2600:141b:f000:1088::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-fa98-08dbd6d1ac30.png

Requested by

Host: d28b88kqurefxz.cloudfront.net
URL: https://d28b88kqurefxz.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:f000:1088::1317 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

07d6d023d268e23b96a4488e03bfe3ebe4d99531c8d5f48f68c4f540770fc86e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:50:00 GMT
strict-transport-security: max-age=31536000
etag: "2794989"
pangea-nodeid: ot5V64bS79gRek7I3ZQ6RQ==
content-type: image/png
cache-control: public, max-age=2592000
gdb-fall-back: false
content-length: 2794989
x-xss-protection: 1; mode=block
expires: Sat, 13 Jan 2024 13:50:00 GMT

GET
H2 200 xn7gYHE41ni1AdIRggOxSuXd.woff2
fonts.gstatic.com/s/manrope/v15/ 14 KB
14 KB 136ms
67ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggOxSuXd.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26287892a20de80394d7a7d8e223125973b82fcb0a183204f6c492c999127983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d28b88kqurefxz.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 18:06:20 GMT
x-content-type-options: nosniff
age: 589419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14204
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:46:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 18:06:20 GMT

GET
H2 200 xn7gYHE41ni1AdIRggexSg.woff2
fonts.gstatic.com/s/manrope/v15/ 24 KB
24 KB 103ms
35ms Font
font/woff2 2607:f8b0:4004:c17::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/manrope/v15/xn7gYHE41ni1AdIRggexSg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Manrope:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://d28b88kqurefxz.cloudfront.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 03:00:21 GMT
x-content-type-options: nosniff
age: 38978
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24376
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Dec 2024 03:00:21 GMT

GET
H2 200 aa11c6ba4e87d897b23473b84559fbe8.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 138 KB
46 KB 41ms
40ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 19:16:01 GMT
server: cloudflare
age: 166341
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8356e9cf0e954bd3-BUF
content-length: 46770

GET
H2 200 d28b88kqurefxz.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 8 KB
2 KB 94ms
94ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d28b88kqurefxz.cloudfront.net.json?t=472933
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5f6991668daac297ecd622940cf0d91f59ff733ac513f25dfe2fea8198a436e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d28b88kqurefxz.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 13:49:59 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 14 Dec 2023 13:49:59 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8356e9cf69c24bc9-BUF
content-length: 1499

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: wCIC8qKlgt8
.youtube.com/	1970-01-20 21:15:13	Name: VISITOR_INFO1_LIVE Value: 2_k4eF4U4Qs
.demdex.net/	1970-01-20 21:15:13	Name: demdex Value: 25665787411828087882727631662280594659
.d28b88kqurefxz.cloudfront.net/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.everesttech.net/	1970-01-21 01:41:37	Name: everest_g_v2 Value: g_surferid~ZXsIBgAAAHBYYAMv
.dpm.demdex.net/	1970-01-20 21:15:13	Name: dpm Value: 25665787411828087882727631662280594659
.d28b88kqurefxz.cloudfront.net/	1970-01-21 02:32:01	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19706%7CMCMID%7C25628959048287017112726106525420268088%7CMCAAMLH-1703166598%7C7%7CMCAAMB-1703166598%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1702568998s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19713%7CvVersion%7C5.4.0
.scorecardresearch.com/	1970-01-21 02:32:01	Name: UID Value: 14F7b4d1eb8739bb2943b601702561799
.d28b88kqurefxz.cloudfront.net/	1970-01-21 02:24:49	Name: _cb Value: BCB1UaxqF45Bhi35W
.d28b88kqurefxz.cloudfront.net/	1970-01-21 02:24:49	Name: _chartbeat2 Value: .1702561799241.1702561799241.1.Orc9PBmvdMQDpywTQlAclDtqvhc.1
.d28b88kqurefxz.cloudfront.net/	1970-01-20 16:56:03	Name: _cb_svref Value: external
.d28b88kqurefxz.cloudfront.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.d28b88kqurefxz.cloudfront.net/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.d28b88kqurefxz.cloudfront.net/	1969-12-31 23:59:59	Name: cebs Value: 1
.d28b88kqurefxz.cloudfront.net/	1970-01-21 01:41:37	Name: _ce.s Value: v~c8e0717d3ccfc6e44b4bd7bb3f61876e498c0ca7~lcw~1702561799691~lva~1702561799690~vpv~0~lcw~1702561799691

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cm.everesttech.net
d28b88kqurefxz.cloudfront.net
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
gdb.rferl.org
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
sheets.googleapis.com
ssc.votvot.tv
static.chartbeat.com
stdatavisualpublic001.blob.core.windows.net
tags.tiqcdn.com
www.googletagmanager.com
www.youtube.com
18.165.83.3
20.38.118.132
2600:141b:f000:1088::1317
2600:9000:20e2:4e00:7:2bfb:7c00:93a1
2600:9000:24f3:2000:18:1fcd:353:c61
2600:9000:250a:2a00:14:1e86:cdc0:21
2606:4700::6813:9308
2607:f8b0:4004:c07::5d
2607:f8b0:4004:c07::61
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c17::5e
2607:f8b0:4004:c1b::5f
44.206.185.183
52.6.38.206
54.146.191.139
54.92.251.225
63.140.38.0
63.140.38.151
02dc551949bf9685293f6ce5869b56b3d74f6fdc7df5d59a307e064ba4a8e558
07d6d023d268e23b96a4488e03bfe3ebe4d99531c8d5f48f68c4f540770fc86e
0cf848262743e79a769460b2d3ecf5a601e9ecc0bb9347ed0b937345a02c7cb7
14be4114dcfde74652f19f9ffae8c9bb50707e9e88bd2b1fcd86fb50224109e7
1eee718e26fdefe4a08a3a3fba82d45c065aa1063286ba00f81095d9da20a916
1f3c5cf66512061cd26abf4cd419a9eb263bee7aa2dc4ae98ca8b1df85b7d798
2156045ffdeeb3fadcd2eb395f80f51d3be81351ca34bc2a87eb1218e549f377
219a6c77dcfa6ca9a7d5158c4ec907cc366b165f013411b23f159f1ac5ee57fd
26287892a20de80394d7a7d8e223125973b82fcb0a183204f6c492c999127983
29239288962cd6a3ca5484159529bdafb7e443cec8f2f0e2f038afa2c107dcc5
317868e0504fcf326bf96aa91ab7b2b1993514cbf254b5c44f71e37953f52183
3593c11c06c647669e14ee1811edf2460579262ff0297304528342b2928d315b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49d7d7dd46e7e7770ebfcc6f380f8724ad970dcca775bd3a9270fd77fe8947a5
4a10301e9a3a419180540b4e5047c35ece773914b766e87863da4e8957241a95
54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3
723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3
79460f770d3b567264613e9366752b3206a5ce0f77d39f6acac418cab306d8ae
7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1
8493cdda94c825474c03c4d0c70d4a9d33ad28a203f35179226e1600c4179c12
85606cefee91516e7f9dc02c27e77871fcf3b37118caa32a87ab879111893e79
863d2238231ce5fe83a7d205e3b77347f992a202862a6a8e0ad9e554dcdf914e
9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c
91ff1611a43a65f4916d3fcfd4c675393e9bca27088faac5da9d9ba7b8af44a2
93b8290c695c0ca619f4628ef5cf3e0580e2fb69e75fb75cba67b90ff7cf6ba4
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a50e7bdaf333d842ac90e0bc1fc97ae26e99edcf5d887745ab76b307f79c154d
a5d26ba41760137394aa7e1437b75bc45434c8a11c9e66749601dde44732d143
afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d
bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f
bf6f409b76703c6a5a5acf38bb818472a8b8459fad76984a1f9d569debbc44dd
ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a
ca767e8a29ac41afbf8ed2c0702af321b3e819427479c8e63aa12982023aa0ed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0f9502bc7aa7b95e4234ebf44f95348dfa767627d8b60b7e767b677251c30d1
d2c0133c36b8fa9944a6add01b8f7f84bab5a39315bb2d337b3c0657aedd9646
df83f246643d3cbb2c8e8330464c52a7df2c4c0c681a0c3111eb28fb0a2717a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f163fb2a0fe12499bad23c3e41f23b67c1232c6732206d9cf9908f7445bb7bfe
f3ab04f1fde99a55df30af317ad145f4d782d90045eebc66658c7e93ef96f557
f5f6991668daac297ecd622940cf0d91f59ff733ac513f25dfe2fea8198a436e
f8a5164230824acc03cf03f834d523b88fc6ff3800ad6f5a6b094a3ac496ed01
fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

d28b88kqurefxz.cloudfront.net Open in urlscan Pro 2600:9000:250a:2a00:14:1e86:cdc0:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

56 %IPv6

16 Domains

18 Subdomains

17 IPs

2 Countries

22711 kBTransfer

23470 kBSize

15 Cookies

11 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

d28b88kqurefxz.cloudfront.net Open in urlscan Pro
2600:9000:250a:2a00:14:1e86:cdc0:21 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

56 %
IPv6

16
Domains

18
Subdomains

17
IPs

2
Countries

22711 kB
Transfer

23470 kB
Size

15
Cookies

50 HTTP transactions
0 data transactions