d35l6tikrz27kq.cloudfront.net Open in urlscan Pro
2600:9000:20eb:600:19:4928:7680:21  Public Scan

URL: https://d35l6tikrz27kq.cloudfront.net/
Submission: On September 08 via manual from US — Scanned from DE

Summary

This website contacted 31 IPs in 6 countries across 25 domains to perform 108 HTTP transactions. The main IP is 2600:9000:20eb:600:19:4928:7680:21, located in United States and belongs to AMAZON-02, US. The main domain is d35l6tikrz27kq.cloudfront.net.
TLS certificate: Issued by Amazon on February 1st 2022. Valid for: a year.
This is the only time d35l6tikrz27kq.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2600:9000:20e... 16509 (AMAZON-02)
10 92.123.36.220 16625 (AKAMAI-AS)
11 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
14 2600:9000:21f... 16509 (AMAZON-02)
3 81.19.89.17 24638 (RAMBLER-T...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 95.163.52.67 47764 (VK-AS)
1 2 88.212.201.198 39134 (UNITEDNET)
1 4 54.154.150.117 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20d... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a03:2880:f02... 32934 (FACEBOOK)
1 52.210.26.59 16509 (AMAZON-02)
2 15.236.176.210 16509 (AMAZON-02)
1 1 34.248.32.199 16509 (AMAZON-02)
1 3 13.32.121.72 16509 (AMAZON-02)
1 87.240.129.133 47541 (VKONTAKTE...)
1 2a04:4e42:400... 54113 (FASTLY)
3 54.86.116.177 14618 (AMAZON-AES)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f10... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
108 31
Apex Domain
Subdomains
Transfer
32 cloudfront.net
d35l6tikrz27kq.cloudfront.net
d2qii21258vzz5.cloudfront.net
d146ehq26eduy8.cloudfront.net
1 MB
11 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
847 KB
10 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1165
75 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 141
61 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 297
bbg.demdex.net — Cisco Umbrella Rank: 115238
7 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 341
30 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 208
199 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
43 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 111
312 B
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 73
static.doubleclick.net — Cisco Umbrella Rank: 439
1 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1356
601 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 223
776 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1628
mab.chartbeat.com — Cisco Umbrella Rank: 3129
34 KB
3 rferl.org
gdb.rferl.org — Cisco Umbrella Rank: 113561
33 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3423
onesignal.com — Cisco Umbrella Rank: 947
73 KB
3 rambler.ru
counter.rambler.ru — Cisco Umbrella Rank: 56726
kraken.rambler.ru — Cisco Umbrella Rank: 21221
100 KB
2 omtrdc.net
bbg.sc.omtrdc.net — Cisco Umbrella Rank: 93531
839 B
2 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2964
2 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 5584
1 KB
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 6083
3 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
4 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 206
3 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 19
14 KB
1 vk.com
vk.com — Cisco Umbrella Rank: 3050
577 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1651
517 B
108 25
Domain Requested by
17 d35l6tikrz27kq.cloudfront.net d35l6tikrz27kq.cloudfront.net
14 d146ehq26eduy8.cloudfront.net d35l6tikrz27kq.cloudfront.net
11 www.youtube.com d35l6tikrz27kq.cloudfront.net
www.youtube.com
10 tags.tiqcdn.com d35l6tikrz27kq.cloudfront.net
tags.tiqcdn.com
7 www.googletagmanager.com d35l6tikrz27kq.cloudfront.net
4 jnn-pa.googleapis.com www.youtube.com
4 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
d35l6tikrz27kq.cloudfront.net
4 dpm.demdex.net 1 redirects d35l6tikrz27kq.cloudfront.net
tags.tiqcdn.com
3 www.facebook.com d35l6tikrz27kq.cloudfront.net
connect.facebook.net
3 ping.chartbeat.net d35l6tikrz27kq.cloudfront.net
3 sb.scorecardresearch.com 1 redirects d35l6tikrz27kq.cloudfront.net
3 gdb.rferl.org d35l6tikrz27kq.cloudfront.net
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 bbg.sc.omtrdc.net tags.tiqcdn.com
2 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
2 static.chartbeat.com tags.tiqcdn.com
2 fonts.gstatic.com www.youtube.com
2 counter.yadro.ru 1 redirects d35l6tikrz27kq.cloudfront.net
2 top-fwz1.mail.ru 1 redirects d35l6tikrz27kq.cloudfront.net
2 kraken.rambler.ru d35l6tikrz27kq.cloudfront.net
2 cdn.onesignal.com d35l6tikrz27kq.cloudfront.net
cdn.onesignal.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 www.google.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 mab.chartbeat.com static.chartbeat.com
1 vk.com d35l6tikrz27kq.cloudfront.net
1 cm.everesttech.net 1 redirects
1 bbg.demdex.net tags.tiqcdn.com
1 onesignal.com cdn.onesignal.com
1 counter.rambler.ru d35l6tikrz27kq.cloudfront.net
1 d2qii21258vzz5.cloudfront.net d35l6tikrz27kq.cloudfront.net
108 33
Subject Issuer Validity Valid
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2022-02-27 -
2023-02-28
a year crt.sh
*.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020
2022-05-16 -
2023-05-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
www.rferl.org
R3
2022-06-30 -
2022-09-28
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-15 -
2022-11-07
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-06-18 -
2022-09-16
3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.scorecardresearch.com
Amazon
2022-01-29 -
2023-02-27
a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-03-18 -
2023-04-03
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2021-12-01 -
2022-12-30
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh
edgestatic.com
GTS CA 1C3
2022-08-22 -
2022-11-14
3 months crt.sh

This page contains 4 frames:

Primary Page: https://d35l6tikrz27kq.cloudfront.net/
Frame ID: 846A53393CC0AA298AB7FAD375DA77B7
Requests: 84 HTTP requests in this frame

Frame: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Frame ID: 99C6D3C890C1C3A4F2DE0FABEED4D441
Requests: 21 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 91DCEBE7152E75903CA30E64AB1ECF04
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7060A171276A4E34C2750BA9302BCF38
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Радио Свобода

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

108
Requests

94 %
HTTPS

65 %
IPv6

25
Domains

33
Subdomains

31
IPs

6
Countries

2657 kB
Transfer

6033 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://top-fwz1.mail.ru/counter?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681
Request Chain 30
  • https://counter.yadro.ru/hit?t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.23761303231270614 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.23761303231270614
Request Chain 32
  • https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074
Request Chain 66
  • https://cm.everesttech.net/cm/dd?d_uuid=80432791183145890341539836044697542620 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxoT5gAAAIsVzgNe
Request Chain 67
  • https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 78
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

108 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
d35l6tikrz27kq.cloudfront.net/
122 KB
123 KB
Document
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0debc4f461e70884198674099ff2883432c131eb88fe6a59816f646bece992d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, max-age=71
content-language
ru
content-type
text/html; charset=utf-8
date
Thu, 08 Sep 2022 16:10:13 GMT
expires
Thu, 08 Sep 2022 16:11:24 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-amz-cf-id
mcSgmkAqYiMOU_FYhj1XGaxIJ84jQ_PrMCkzUHUek9bYKwmtY1KdMA==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
RFE-ru-RU.css
d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/
302 KB
303 KB
Stylesheet
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6ac9bf5bddd3778c46b318b88b89776b233bd6f9023bf1964a0821df455b2ea0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:13 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA2-C1
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
content-type
text/css
expires
Thu, 06 Oct 2022 04:52:24 GMT
cache-control
public, no-transform, max-age=2378531
x-cache
Miss from cloudfront
x-amz-cf-id
3Jd5sOSp1npT5IqM5tqU6mW740NzX8JmgtBo3xBgZhGrsrQGI7IMcA==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
39f6148a2364e4b6b5257d6c1e23606cfe364384abfc3a93aca6292a6c230003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:13 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 19:36:24 GMT
server
AkamaiNetStorage
etag
"5240d0daa252f504b2212f1e560cf648:1660678584.218531"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1048
expires
Thu, 08 Sep 2022 16:15:13 GMT
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3534aaab814faececaf6861766e1d7ac28b68de15bb4d0db57249fe09b565e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Thu, 08 Sep 2022 16:10:13 GMT
infographics.b
d35l6tikrz27kq.cloudfront.net/Scripts/responsive/
4 KB
4 KB
Script
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=292
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:13 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA2-C1
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=292
content-type
application/javascript; charset=utf-8
cache-control
public, no-transform, max-age=2378706
x-ua-compatible
IE=edge
x-cache
Miss from cloudfront
content-length
3943
x-xss-protection
1; mode=block
x-amz-cf-id
O1Z2--mYrvXWZ6YrmCjvUewlh9dLQcL6otg5BclIgDdgNdt_jQnhMQ==
expires
Thu, 06 Oct 2022 04:55:19 GMT
loader.b
d35l6tikrz27kq.cloudfront.net/Scripts/responsive/
87 KB
88 KB
Script
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c4b6ef09aa79f173c8b4c5b3ef08295d12a905ebdd15dfbbafcc74bead5f6fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA2-C1
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
content-type
application/javascript; charset=utf-8
expires
Thu, 06 Oct 2022 04:52:52 GMT
cache-control
public, no-transform, max-age=2378558
x-cache
Miss from cloudfront
x-amz-cf-id
EnrBPO3evBpX9Qw9qJuYL8CTEoMqt9Q3U2fZZxtOd_g33CeGYvfDAw==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
Skolar-Lt_Cyrl_v2.4.woff
d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/
33 KB
33 KB
Font
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
Origin
https://d35l6tikrz27kq.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
33340
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:07 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:13 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
U_k5b5Ql2FMbYx1ERwaErtvKOGaWdvk_cY5bNSrAqbl1SFC2GvesDg==
expires
Sat, 08 Oct 2022 16:10:13 GMT
sectionversioncss
d35l6tikrz27kq.cloudfront.net/api/customization/
1 KB
2 KB
Stylesheet
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/api/customization/sectionversioncss?sectionversionid=6915&cv=3
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d12b917748670cabc4f27972b671c65babf3a810f4a954bcdb838ec9cebe042f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA2-C1
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/customization/sectionversioncss?sectionversionid=6915&cv=3
content-type
text/css; charset=utf-8
expires
Tue, 04 Oct 2022 18:49:19 GMT
cache-control
max-age=2255945
x-cache
Miss from cloudfront
x-amz-cf-id
vdIDCRxNYMb_x_iqFtQOmf45DhqSMGftI6uC0gDl0bFfoLccZGo6bw==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
logo-compact.svg
d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/
6 KB
6 KB
Image
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-compact.svg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
5730
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-compact.svg
content-type
image/svg+xml
cache-control
public, max-age=1731166
x-amz-cf-id
3vdxMZI2Oc86C7eiYfkU4lgJk50Qt-qbBa4ZCX6FZO1RskrFLmwpVg==
expires
Wed, 28 Sep 2022 17:03:00 GMT
logo.svg
d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/
9 KB
10 KB
Image
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo.svg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
9488
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo.svg
content-type
image/svg+xml
cache-control
public, max-age=1855163
x-amz-cf-id
voZTs_twzpn1fLN-YDuZpLVis2umwtkPLdA6GlIoVPmVjIKsifgzjg==
expires
Fri, 30 Sep 2022 03:29:37 GMT
logo-print.gif
d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/
2 KB
3 KB
Image
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-print.gif
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
2424
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print.gif
content-type
image/gif
cache-control
public, max-age=1966943
accept-ranges
bytes
x-amz-cf-id
tZ0GRWmfh3Wc_uBKYPPnkIfksQEgFQAeY21z0WIk8VywggDPjooAvQ==
expires
Sat, 01 Oct 2022 10:32:37 GMT
logo-print_color.png
d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/
6 KB
6 KB
Image
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-print_color.png
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
5788
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print_color.png
content-type
image/png
cache-control
public, max-age=1966868
accept-ranges
bytes
x-amz-cf-id
XRgt4DRZ42edj7spaF_XTY0iJCsk5zdPZIhvg9MtcfyxBEb2L4Nl6w==
expires
Sat, 01 Oct 2022 10:31:22 GMT
banners-styles.css
d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/
4 KB
1 KB
Stylesheet
General
Full URL
https://d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/banners-styles.css
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:3a00:11:fbd8:f840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/8.5 /
Resource Hash
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
etag
"0ba49726b9ed31:0"
x-amz-cf-pop
FRA2-C1
x-cache
RefreshHit from cloudfront
content-length
849
access-control-allow-origin
*
last-modified
Mon, 05 Feb 2018 10:24:04 GMT
server
Microsoft-IIS/8.5
date
Thu, 08 Sep 2022 16:10:14 GMT
vary
Accept-Encoding
content-type
text/css
via
1.1 0b9e85cfe8fe19b385db56d32b4ce802.cloudfront.net (CloudFront)
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
9ael2AbJfWbXyF8lH2JD1uRe21x1ZKEUVEL8lIGm0M72q9Paw_8CBg==
expires
Sat, 08 Oct 2022 16:10:14 GMT
f1e41247-1727-471d-848b-83cfb61e83fe.png
d146ehq26eduy8.cloudfront.net/
3 KB
4 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/f1e41247-1727-471d-848b-83cfb61e83fe.png
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
70dd0bb01cce76c8ca2f57838fae7f5cf5365e78bb330ecf2cb385793cfe6920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
"3266"
gdb-fall-back
false
x-cache
RefreshHit from cloudfront
content-type
image/png
pangea-nodeid
Myz2bXffLWM1qCn6CvFAuA==
cache-control
public, max-age=585194
date
Thu, 08 Sep 2022 16:10:14 GMT
content-length
3266
x-xss-protection
1; mode=block
x-amz-cf-id
5gruZ79gt-JzUUuDYkoc8-DjxKHc-ofAIJa0UewzzFgZHvXzo3qSVQ==
expires
Thu, 15 Sep 2022 10:43:28 GMT
top100.jcn
counter.rambler.ru/
98 KB
98 KB
Script
General
Full URL
https://counter.rambler.ru/top100.jcn?57787
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
72bf7d435ccb8867c26ea9b1bc05c03c0d9af0d272f93b293470b5c1b0e6e482

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/octet-stream, application/javascript
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7478f4012f219a1d-FRA
date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1515
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 11 Sep 2022 16:10:14 GMT
conf.js
d35l6tikrz27kq.cloudfront.net/
6 KB
6 KB
Script
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/conf.js?x=292
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1fa15340a9311e1f20c2edefca19f68af5749ffb7f8a940749a2c7e3b6f4075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
5752
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/conf.js?x=292
content-language
ru
cache-control
public, max-age=2378596
content-type
application/javascript; charset=utf-8
x-amz-cf-id
ttDI71vFZTM3tiejeBHiPGcvbPGc1OL5vqcXBd5Ba0SPx_XOLxQx1Q==
expires
Thu, 06 Oct 2022 04:53:30 GMT
www-widgetapi.js
www.youtube.com/s/player/f96f6702/www-widgetapi.vflset/
161 KB
52 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
862458934d4a05cc2814c7a796573f38ba888750efbf15e0150379596f0f9b74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:19:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
3048
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53407
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 08 Sep 2023 15:19:26 GMT
gtm.js
www.googletagmanager.com/
199 KB
61 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0b294d81edfb9c011f80d02175961efe10b06f1d24fba48fe582b7ceb535577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62163
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Sep 2022 16:10:14 GMT
utag.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
84 KB
27 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6419195314170005318850b6aad3ed7f4445f7a9fe97a5ecdf530ddb5ca265f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 19:36:23 GMT
server
AkamaiNetStorage
etag
"fc32e062e1018bdec13ac773a20cf270:1660678583.416817"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
27043
expires
Thu, 08 Sep 2022 16:15:14 GMT
SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/
40 KB
41 KB
Font
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Origin
https://d35l6tikrz27kq.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
41216
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:07 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
5JTdJSsP42Fu_9rzG-BIiB5RgL7vyVDpS1em91IJsi0j9GMDHVfmtg==
expires
Sat, 08 Oct 2022 16:10:14 GMT
icons-font-1661417065025.woff
d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/
17 KB
18 KB
Font
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/fonts/icons-font-1661417065025.woff
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Origin
https://d35l6tikrz27kq.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
17808
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 25 Aug 2022 13:57:51 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/icons-font-1661417065025.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
Epio4HZ64mERr6YFYY02AzrCQK9KVIV_xNVZuXyo5oZ9SWCS5hUIYQ==
expires
Sat, 08 Oct 2022 16:10:14 GMT
image-placeholder.svg
d35l6tikrz27kq.cloudfront.net/Content/responsive/img/
709 B
1 KB
Image
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/img/image-placeholder.svg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=292
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
content-length
709
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:08 GMT
server
nginx/1.18.0 (Ubuntu)
date
Thu, 08 Sep 2022 16:10:14 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/img/image-placeholder.svg
content-type
image/svg+xml
cache-control
public, max-age=1854875
x-amz-cf-id
RPtUDNIegU24SUTu6zfkAmurFd7GlLLgIIxBvVa0rCtfWZ0wm5RpLw==
expires
Fri, 30 Sep 2022 03:24:49 GMT
zGpDCHDEXw0
www.youtube.com/embed/ Frame 99C6
64 KB
26 KB
Document
General
Full URL
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8070d03f08cc2e72553bee1910f636237aca8783d7bf0ba632fd25dffb819175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Thu, 08 Sep 2022 16:10:14 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
08700000-0a00-0242-ac8a-08da02a07732_w600.jpg
d146ehq26eduy8.cloudfront.net/
107 KB
107 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/08700000-0a00-0242-ac8a-08da02a07732_w600.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
291a118ac243672f400e69db5ee6be5c9c7e34d9ad453e260f54e661a8d08a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Mon, 01 Aug 2022 20:13:46 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"196769"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=1655867
content-length
109348
x-amz-cf-id
9Tf3rGDCf43_hIiXUIFSBtmte7CBqWqWx4yGei-ugnQpPtPw61qbiA==
expires
Tue, 27 Sep 2022 20:08:01 GMT
08ef0000-0a00-0242-c6be-08d9c3dc074c_w210.png
d146ehq26eduy8.cloudfront.net/
11 KB
11 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/08ef0000-0a00-0242-c6be-08d9c3dc074c_w210.png
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
72c8d97a9a54ced1bf6802ebe8ba237291e56c53ada6ade5d958f5f64804696a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-check-cacheable
YES
x-serial
40
x-amz-cf-pop
FRA2-C2
etag
"10854"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/png
cache-control
private, no-transform, max-age=1001546
last-modified
Tue, 21 Dec 2021 15:43:32 GMT
content-length
10854
x-amz-cf-id
YXupxvwULolOOh8WKhnPV8pUlDdvEIB6Y5cxRzKY3ABm79vYX6RKVQ==
server
Akamai Image Manager
expires
Tue, 20 Sep 2022 06:22:40 GMT
8F30084F-5205-4A32-BC3F-30F7CD76E57A_w800.png
d146ehq26eduy8.cloudfront.net/
51 KB
52 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/8F30084F-5205-4A32-BC3F-30F7CD76E57A_w800.png
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
99fb01f45a2d245b12dad2aa7b8b34c0a35b8b38389c43c4540253da177d2992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Wed, 24 Nov 2021 15:21:39 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"80711"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/png
cache-control
private, no-transform, max-age=863007
content-length
52581
x-amz-cf-id
AVlEFHFWOR8aQ2HjL-YF3fQLZXDgvuW5pNfLA1v3ecQpjrqZSrvCxw==
expires
Sun, 18 Sep 2022 15:53:41 GMT
B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg
gdb.rferl.org/
7 KB
7 KB
Image
General
Full URL
https://gdb.rferl.org/B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:884::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
560f1b7942308b356e77e682d4c552e92126a9f15b3f51458e7c9c45a243a674
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
x-check-cacheable
YES
x-serial
764
etag
"12538"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
private, no-transform, max-age=1186243
last-modified
Mon, 06 Jun 2022 08:24:48 GMT
content-length
6930
server
Akamai Image Manager
expires
Thu, 22 Sep 2022 09:40:57 GMT
/
kraken.rambler.ru/cnt/v2/
595 B
992 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/v2/?event_name=page_view&event_type=base&project_id=57787&request_id=1662653411.003-500048557&event_id=937034110439767&meta=%7B%22browser_size%22%3A%221600x1200%22%2C%22title%22%3A%22%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0%22%2C%22screen_size%22%3A%7B%22Or%22%3A1600%2C%22Sr%22%3A1200%7D%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A0%2C%22referer%22%3A%22%22%2C%22is_first%22%3A1%7D&url=https%3A%2F%2Fd35l6tikrz27kq.cloudfront.net%2F&session_id=1553959917_1662653411044&session_number=1&session_event_number=1&tid=t1.-1.2089489972.1662653411040&adtech_uid=3d2c5d4b-5d2f-45b1-a780-1a6af96b4677&adtech_uid_scope=d35l6tikrz27kq.cloudfront.net&fingerprint=pA8AAENKs1cUOwV3AUmZlgA%3D&fingerprint_ip=undefined&version=3.10.5i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=831804314
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
2kraken-prod0001.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
/
kraken.rambler.ru/cnt/
595 B
992 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/?et=pv&v=3.10.5i&pid=57787&tid=t1.-1.2089489972.1662653411040&rid=1662653411.003-500048557&fid=pA8AAENKs1cUOwV3AUmZlgA%3D&aduid=3d2c5d4b-5d2f-45b1-a780-1a6af96b4677&aduidsc=d35l6tikrz27kq.cloudfront.net&stid=985900607_1662653411040&sn=1&sen=0&en=UTF-8&ce=1&bs=1600x1200&rf&pt=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=0&ct=web&url=https%3A%2F%2Fd35l6tikrz27kq.cloudfront.net%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&meta=%7B%22is_first%22%3A1%7D&rn=669488006&eid=615434110431867
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
2kraken-prod0001.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681
  • https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681
935 B
2 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
e93679da93e20ff48111fc1cbcb5b9f08719442cf55dd3c9d3e2eadbfd9fb3cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
935
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Thu, 08 Sep 2022 16:10:14 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.7912245584439681
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u04...
  • https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u...
177 B
663 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.23761303231270614
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
35b12229634acf68184dffcc1aa7de743e83b7b20ed3d47c8b9893b768081065
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 16:10:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
177
Expires
Tue, 07 Sep 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Sep 2022 16:10:14 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d35l6tikrz27kq.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.23761303231270614
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Tue, 07 Sep 2021 21:00:00 GMT
utag.53.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:26 GMT
server
AkamaiNetStorage
etag
"ac8019f27f0b21231abe8e581d40e753:1574110106.939453"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
835
expires
Fri, 23 Sep 2022 16:10:14 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074
362 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
HTTP/1.1
Server
54.154.150.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-150-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a52e149f45c91ee9f78f26a7479c5d7d0c052fd58022bf35f993e562f1af4438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v039-00a2419cb.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
KZObTWJ/Ttc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://d35l6tikrz27kq.cloudfront.net
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v039-0a34ab23f.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Access-Control-Allow-Origin
https://d35l6tikrz27kq.cloudfront.net
X-TID
F9bvy+GvQAU=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1662653411074
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

cf-ray
7478f4020d2c68fb-FRA
date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
1019
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 11 Sep 2022 16:10:14 GMT
www-player.css
www.youtube.com/s/player/f96f6702/ Frame 99C6
353 KB
48 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/f96f6702/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
135477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49081
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:32:17 GMT
www-embed-player.js
www.youtube.com/s/player/f96f6702/www-embed-player.vflset/ Frame 99C6
309 KB
95 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ff4fd099733ca612119cee9ff76bec251854d45b616958ba85d6593d9a5607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
135473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97690
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:32:21 GMT
base.js
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 99C6
2 MB
575 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5c897555fa3a978e129d504d7c981b54d4e84f1c9bf65890888f1066aafbf24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:32:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
135477
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
588531
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:32:17 GMT
fetch-polyfill.js
www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/ Frame 99C6
9 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:32:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
135473
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:32:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 99C6
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Tue, 06 Sep 2022 17:06:41 GMT
x-content-type-options
nosniff
age
169413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 06 Sep 2023 17:06:41 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ca00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:47:14 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
age
4980
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 7e8e21f463faf38ee9cfcd5ec5e09b6c.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
cjBw0NG1PzsYXbyH54D_pL36uC-f0a0-2eq-8qScRsRw5QiomnTS3A==
expires
Thu, 08 Sep 2022 16:47:14 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.init_consent&eid=-1&tc=123&dl=d35l6tikrz27kq.cloudfront.net%2F&tdp=GTM-WXZBPZ&z=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
td
www.googletagmanager.com/
0
15 B
Image
General
Full URL
https://www.googletagmanager.com/td?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.init_consent&eid=-1&tc=123&dl=d35l6tikrz27kq.cloudfront.net%2F&tdp=GTM-WXZBPZ&z=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:14 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.init&eid=0&tc=123&z=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c891d9ee2621b2e3a952141bb15cb974f68d9ac30d49265d25275f8813b633c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
2729
cf-polished
origSize=5437
status
200 OK
x-envoy-upstream-service-time
35
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
21edc263-169d-4771-aa16-34717ce56f01
x-runtime
0.032691
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"9f9ecf61bd0d2f7f94cbe6d8b3923d79"
x-download-options
noopen
strict-transport-security
max-age=15552000; includeSubDomains
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
7478f402899d9a1d-FRA
access-control-allow-headers
SDK-Version
expires
Thu, 08 Sep 2022 17:10:14 GMT
utag.17.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
79 KB
22 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202208161936
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a608a7eaed908eae054c9edb70e4ae9a2fea33f4dc81d1f89f5c75f82ab04eec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 19:36:23 GMT
server
AkamaiNetStorage
etag
"02944a8aa1b8ca3edfbb420cce773994:1660678583.149797"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
22100
expires
Fri, 23 Sep 2022 16:10:14 GMT
utag.58.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
9 KB
3 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.58.js?utv=ut4.46.201803292122
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
26f1d1c7cdaa1d8e1ef590562c21e0efa3399ffd9ace1d40ff7f12e808d0c02f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:37 GMT
server
AkamaiNetStorage
etag
"d0afef2c983a8d00183b8a739eeaab80:1574110117.100073"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3159
expires
Fri, 23 Sep 2022 16:10:14 GMT
utag.7.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
607 B
830 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Thu, 08 Sep 2022 16:10:14 GMT
last-modified
Mon, 18 Nov 2019 20:48:23 GMT
server
AkamaiNetStorage
etag
"d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
607
expires
Fri, 23 Sep 2022 16:10:14 GMT
utag.4.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
55 KB
17 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:34 GMT
server
AkamaiNetStorage
etag
"4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
17297
expires
Fri, 23 Sep 2022 16:10:14 GMT
utag.31.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.31.js?utv=ut4.46.202208161936
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2dd96f8157c87be4ad34c76e5b591145c56c76aa8f5d1269dc56a0739e1e6c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 18:26:06 GMT
server
AkamaiNetStorage
etag
"650718573dedfe294d6da44e1a401580:1594232766.904052"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1088
expires
Fri, 23 Sep 2022 16:10:14 GMT
utag.59.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.59.js?utv=ut4.46.201803271649
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e42a903a5543ea3db161f5e3e4aa57a3f31f97b0320a45e0ae6885b501976952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62
8096267
date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:34 GMT
server
AkamaiNetStorage
etag
"19ab20d67360ddefcc3c87f84b598075:1574110114.696382"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1551
expires
Fri, 23 Sep 2022 16:10:14 GMT
res
d35l6tikrz27kq.cloudfront.net/
75 KB
76 KB
Script
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,youtube_iframe,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_youtube,sticky_player_history_handler,sticky_player,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dc4ac48237f865cfa7df9f9d20a04e0193df6230103c007ebc090547bccfc3d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
76717
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,youtube_iframe,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_youtube,sticky_player_history_handler,sticky_player,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
content-language
ru
cache-control
public, no-transform, max-age=2378721
content-type
application/javascript; charset=utf-8
x-amz-cf-id
pE_UNRp9xvMKXlgXlMVOw1dK5wUySAKmkUPoUJoleHnvbiyS3b0awQ==
expires
Thu, 06 Oct 2022 04:55:36 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.js&eid=1&tc=123&tr=1cl.1cl.1cl.1cl.1cl.1cl.1cl.5cl.5cl.5cl.5cl.5cl.5cl.5cl&ti=1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl.1cl&z=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:14 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
009f0000-0aff-0242-eac8-08da9197eeca_w650_r1.jpg
d146ehq26eduy8.cloudfront.net/
49 KB
50 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/009f0000-0aff-0242-eac8-08da9197eeca_w650_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
ed6e33ad001d9ea4ea14eb7921b7aadf71044eaef6dccf362431c4b2f224ff46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-check-cacheable
YES
x-serial
1370
x-amz-cf-pop
FRA2-C2
etag
"89572"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2581732
last-modified
Thu, 08 Sep 2022 13:18:56 GMT
content-length
50667
x-amz-cf-id
-I1JjChPccD0LeRGDPnvKYonFvxHPCqu_oGVyRkm567i2dp4V-FNvA==
server
Akamai Image Manager
expires
Sat, 08 Oct 2022 13:19:06 GMT
009d0000-0aff-0242-dfff-08da91865085_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/
19 KB
19 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/009d0000-0aff-0242-dfff-08da91865085_w408_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
3d3a81196a1f458b49edaed61124b5a99169da34b553ef0c5b676e05c468d1a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-check-cacheable
YES
x-serial
564
x-amz-cf-pop
FRA2-C2
etag
"31951"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2575127
last-modified
Thu, 08 Sep 2022 11:28:56 GMT
content-length
19088
x-amz-cf-id
CpIa5oWGWxdvEekQEIgEaPpgQvL9_6ocr82PkPmLf8hAIP2jVBAjIA==
server
Akamai Image Manager
expires
Sat, 08 Oct 2022 11:29:01 GMT
61718942-C84F-4EDD-BF0D-854E9A686D97_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/
30 KB
30 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/61718942-C84F-4EDD-BF0D-854E9A686D97_w408_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
9ecc7b10e4082edd3b4db9db13bcec3226c859a368370242e763558697f559cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 12:24:33 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"52816"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2578382
content-length
30263
x-amz-cf-id
SWSEa1RZN9_FB0esqFGQ2a7xi-iJJZFEA8I4oiEombYBY2LyjaABCA==
expires
Sat, 08 Oct 2022 12:23:16 GMT
c4170000-0aff-0242-e268-08d9f22a7829_w144_r1.jpg
d146ehq26eduy8.cloudfront.net/
6 KB
6 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/c4170000-0aff-0242-e268-08d9f22a7829_w144_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
5c8481ed0ef95880c63d10951b1dbac4a48d5baef216b4df56e799c6e2b6a70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Sun, 14 Aug 2022 09:17:41 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"10116"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2588827
content-length
5949
x-amz-cf-id
lQu5O46pvmDu3LzDSDoHnq-QrE-FFJZP4CY-xin7T7Dc8UCW_9m7hw==
expires
Sat, 08 Oct 2022 15:17:21 GMT
009d0000-0aff-0242-9d0a-08da90a9adc7_w144_r1.jpg
d146ehq26eduy8.cloudfront.net/
6 KB
6 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/009d0000-0aff-0242-9d0a-08da90a9adc7_w144_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
38fbf705651ece3bfb361021edf952d96319d241a15c70c90be59f4fa193af08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-check-cacheable
YES
x-serial
235
x-amz-cf-pop
FRA2-C2
etag
"12558"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2477942
last-modified
Wed, 07 Sep 2022 08:30:40 GMT
content-length
6149
x-amz-cf-id
INouj9_52uvRK4Qd-DB7IGX0dAdL-Pubk-87vPsksJw6x5xSaIUY3w==
server
Akamai Image Manager
expires
Fri, 07 Oct 2022 08:29:16 GMT
01320000-0aff-0242-b59b-08da8ba2d418_w144_r1.jpg
d146ehq26eduy8.cloudfront.net/
6 KB
7 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/01320000-0aff-0242-b59b-08da8ba2d418_w144_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
abca234b316c4d320be90e36e3364047e660025c4d890b91eda00e22f4ee05a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Wed, 07 Sep 2022 10:29:58 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"12974"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2485157
content-length
6391
x-amz-cf-id
6WNMg4yBR97KOOHemJ7IMgHJZ1xCUbfQhT_4vTGqrN9htjFzIN7ZgQ==
expires
Fri, 07 Oct 2022 10:29:31 GMT
ce940319-86dc-4a55-a6b4-2f858946fac5_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/
20 KB
21 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/ce940319-86dc-4a55-a6b4-2f858946fac5_w408_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
053b391be57ec2e5236a2e9e618bdb2eb4295ffd6b148a99e7cc30543a3a5130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Sep 2022 06:12:51 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"37091"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2383396
content-length
20976
x-amz-cf-id
LhmVaRLJAzZkmvxft_ibBpQ0YAPcnw-PSKWFqbpK66ekH5xV4O8tNw==
expires
Thu, 06 Oct 2022 06:13:30 GMT
C68714BC-0609-42E7-8423-FFA88A9F3801_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/
19 KB
20 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/C68714BC-0609-42E7-8423-FFA88A9F3801_w408_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
36ec4d0b5fd514b1eb9b1bb544d20e92f788b6465744b3b53097e8408e4395fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 06:29:39 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"34401"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2557108
content-length
19847
x-amz-cf-id
K-ogA5ryS-tVTar8inIHXX7jASsR5rnZ0z6PNTNZQKIkM91I_UyPkQ==
expires
Sat, 08 Oct 2022 06:28:42 GMT
0b960000-0aff-0242-5337-08da43099cf3_cx0_cy3_cw73_w408_r1.jpeg
d146ehq26eduy8.cloudfront.net/
38 KB
38 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/0b960000-0aff-0242-5337-08da43099cf3_cx0_cy3_cw73_w408_r1.jpeg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
466bf24e58f66e2b95b1fb564512a5041a3dec37da1cd9ec7b789fc4aeff1f8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
x-check-cacheable
YES
x-serial
1096
x-amz-cf-pop
FRA2-C2
etag
"67806"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2491434
last-modified
Wed, 07 Sep 2022 12:14:41 GMT
content-length
38886
x-amz-cf-id
7NhYIziW8_BMDhlyhHGcebxAGE11wCmvOaGdLhi4kJlTq19JowS5eQ==
server
Akamai Image Manager
expires
Fri, 07 Oct 2022 12:14:08 GMT
009f0000-0aff-0242-67c0-08da90b8113b_w408_r1.jpg
d146ehq26eduy8.cloudfront.net/
29 KB
29 KB
Image
General
Full URL
https://d146ehq26eduy8.cloudfront.net/009f0000-0aff-0242-67c0-08da90b8113b_w408_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f800:18:3288:fc00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1fc7693f58891de3f692871ea1f9775383a9c61d8036eb61f27b24b90406dc4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
via
1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified
Wed, 07 Sep 2022 15:20:46 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA2-C2
etag
"52352"
strict-transport-security
max-age=31536000
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2502661
content-length
29758
x-amz-cf-id
bkxfdjy0KYf_iuPgkmK3MvGUp61zwlyzn9llV6wp2gYu17Guy08h2A==
expires
Fri, 07 Oct 2022 15:21:15 GMT
0255.js
script.crazyegg.com/pages/scripts/0026/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e8510e8e158bf0ad33889c5ded452be408f39b15850a84b748e19466a8c8049

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
12766
cf-polished
origSize=5639
cf-ray
7478f4036b499b71-FRA
ce-version
11.4.2
last-modified
Thu, 08 Sep 2022 12:37:28 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-bgj
minify
fbevents.js
connect.facebook.net/en_US/
100 KB
27 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26737
x-xss-protection
0
pragma
public
x-fb-debug
Ii96cEul3+tT1z/9vu+hE7dF3g2pZ7jI8P1N2+7DxKZYyq5K9sEGjiKk+u5rIr8TwZWchC1Vxxf6LH767XqRWg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 16:10:14 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
dest5.html
bbg.demdex.net/ Frame 91DC
7 KB
3 KB
Document
General
Full URL
https://bbg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.26.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-26-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v039-0d94e4dd0.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
YIPrD1RRSR8=
content-encoding
gzip
date
Thu, 8 Sep 2022 16:10:15 GMT
last-modified
Tue, 6 Sep 2022 11:03:24 GMT
vary
accept-encoding
id
bbg.sc.omtrdc.net/
42 B
441 B
XHR
General
Full URL
https://bbg.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=80389542200495446251536278611849470215&ts=1662653411251
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
18e969224e3859ee4a70d1019e1613586d336d972a153fdc21f71a30d58e74e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 08 Sep 2022 16:10:14 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://d35l6tikrz27kq.cloudfront.net
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
42
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YxoT5gAAAIsVzgNe
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=80432791183145890341539836044697542620
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxoT5gAAAIsVzgNe
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxoT5gAAAIsVzgNe
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
HTTP/1.1
Server
54.154.150.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-150-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v039-057567d84.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IchoubQ4RJk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YxoT5gAAAIsVzgNe
Date
Thu, 08 Sep 2022 16:10:15 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035794/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 15:47:27 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1369
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
content-length
0
x-amz-cf-id
J_fZf3A0p83ISIlzuwhBPSIKiFaRMacYBDamPF2e1YXMmnFbFG73XQ==

Redirect headers

location
/internal-c2/default/cs.js
date
Thu, 08 Sep 2022 16:10:15 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
content-length
0
x-amz-cf-id
XJJgz-6ZWArjL9A15oXEGEbRd8KucY1XrZG89wDp8kV5Ji2HYl3p7Q==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/
0
190 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1662653411325&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fd35l6tikrz27kq.cloudfront.net%2F&c9=
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-72.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
Vf4aldmy2BFT-wCGwoc3f9Msd9PD7Z88OKtX7gabW-F8AnrGOvDQDQ==
x-cache
Miss from cloudfront
chartbeat_video.js
static.chartbeat.com/js/
70 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.31.js?utv=ut4.46.202208161936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:ca00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 14:49:09 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 00:51:11 GMT
server
nginx
age
4865
etag
W/"62d7517f-1181e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 7e8e21f463faf38ee9cfcd5ec5e09b6c.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
ZAG50-C1
x-amz-cf-id
QyFY_zItaflJNgMUJLXNJT6goNbb4tZTyRsSYR4RlrHZhdg6tHJiug==
expires
Thu, 08 Sep 2022 16:49:09 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202208161936&cb=1662653411366
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.123.36.220 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-36-220.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Thu, 08 Sep 2022 16:20:15 GMT
rtrg
vk.com/
49 B
577 B
Image
General
Full URL
https://vk.com/rtrg?p=VK-RTRG-227495-44Mps&_rnd=0.012958609274347666
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.112112
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-frontend
front623304
server
kittenx
x-powered-by
KPHP/7.4.112112
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
id
dpm.demdex.net/
362 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&d_mid=80389542200495446251536278611849470215&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&d_cid_ic=AVID%01318D09F325E25BDF-40001A0CE0AA04E5&ts=1662653411399
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.150.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-150-117.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
539f999a8454c421e18bfe3ce17b03e0df7802ee7db4f9e0c76d8f1c2e59b916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v039-057567d84.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
3klHRaFtTHE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://d35l6tikrz27kq.cloudfront.net
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
308
Expires
Thu, 01 Jan 1970 00:00:00 UTC
182398825736708
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/182398825736708?v=2.9.79&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3d279136fcd050ccd168050fa16f89021981954c823ad443326f20d57302f2c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86264
x-xss-protection
0
pragma
public
x-fb-debug
UBdAkib6qeUOgnEUfewwlhhoSdi+v0HYfI82Do1dB/I3A2erpiZdxXpo22TgQVPKEv5J8oqtNsvR3q8cgyBRcg==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 16:10:15 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
d35l6tikrz27kq.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/site/
0
174 B
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d35l6tikrz27kq.cloudfront.net.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
cf-cache-status
HIT
last-modified
Thu, 08 Sep 2022 12:42:57 GMT
server
cloudflare
age
12437
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
7478f4048f38994a-FRA
content-length
0
s94894859972228
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/
43 B
398 B
XHR
General
Full URL
https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s94894859972228
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202208161936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:15 GMT
x-content-type-options
nosniff
last-modified
Fri, 09 Sep 2022 16:10:15 GMT
server
jag
etag
3570521022696751104-4619387625896165023
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://d35l6tikrz27kq.cloudfront.net
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
image/gif;charset=utf-8
content-length
43
x-xss-protection
1; mode=block
expires
Wed, 07 Sep 2022 16:10:15 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
173 B
500 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.russian&domain=d35l6tikrz27kq.cloudfront.net&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ec279160bf78449a05c78a6d1f1c2972f1e42fb0feb710ae1af7e6c4a5ed0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-cache-hits
1
age
1369
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
147
x-served-by
cache-hhn4035-HHN
access-control-allow-origin
*
x-timer
S1662653415.247420,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Tue, 06 Sep 2022 15:47:26 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=rferl.russian&p=%2F&u=CenLd0DB3hfTDiTLf9&d=d35l6tikrz27kq.cloudfront.net&g=62557&g0=d35l6tikrz27kq.cloudfront.net&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3565&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1785&t=BRPJFRwdBhaCbHLDtDn99ASByf3l4&V=136&i=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&tz=0&sn=1&sv=DMAbsvDbHT7gByafbwBQwf65BJfwcr&sd=1&im=061b2ff3&_
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-116-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:15 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
id
googleads.g.doubleclick.net/pagead/ Frame 99C6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
363f26c74b1e395fabb555dc5c35104610e8176843bbcce2ca00d652145fcc48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 08 Sep 2022 16:10:15 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 99C6
29 B
587 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:09:30 GMT
x-content-type-options
nosniff
age
45
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Sep 2022 16:24:30 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 08 Sep 2022 16:10:15 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 99C6
65 KB
30 KB
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c33ee2c33d4e8355bd9e491e0f50af1a4195a35163f2a2ea635760eab76daf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
30508
x-xss-protection
0
remote.js
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 99C6
120 KB
37 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
505217854fe4541cb6f8f1d0fb5009f30fd537d93755df7f5ce283ab42c03b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
135476
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37797
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:32:19 GMT
yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js
www.google.com/js/th/ Frame 99C6
36 KB
14 KB
Script
General
Full URL
https://www.google.com/js/th/yPATJU-uVo-zV-JkA6jSgBQ_ddZVTHGwvkBjTyjUrvU.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f013254fae568fb357e26403a8d280143f75d6554c71b0be40634f28d4aef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 05:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
126412
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14098
x-xss-protection
0
last-modified
Mon, 29 Aug 2022 11:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 07 Sep 2023 05:03:23 GMT
embed.js
www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/ Frame 99C6
28 KB
8 KB
Script
General
Full URL
https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa81202eafd68a146de1bfa18b7a8697bbd11740930986c99aebfdfce7a362a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 02:39:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
135066
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8386
x-xss-protection
0
last-modified
Wed, 07 Sep 2022 00:58:40 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 07 Sep 2023 02:39:09 GMT
truncated
/ Frame 99C6
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu8zEzPM6SJyuQWEBd7vm-VX4akfxvdvP9aPzpuSrg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 99C6
2 KB
3 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AMLnZu8zEzPM6SJyuQWEBd7vm-VX4akfxvdvP9aPzpuSrg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0ea2d583bb57604e6cde0f4d7c3e0751eee2859f11f9c296ddb1d79701461bb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:50:18 GMT
x-content-type-options
nosniff
age
8397
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2280
x-xss-protection
0
server
fife
etag
"v5ba"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 27 Aug 2022 17:47:41 GMT
default_live.jpg
i.ytimg.com/vi/zGpDCHDEXw0/ Frame 99C6
4 KB
4 KB
Image
General
Full URL
https://i.ytimg.com/vi/zGpDCHDEXw0/default_live.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2aad3f924f2dc8fda8980decb7f9ea1fc9f66696fbad5a4d4677c0c26eafc84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:09:04 GMT
x-content-type-options
nosniff
age
71
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3702
x-xss-protection
0
server
sffe
etag
"1662650416"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 08 Sep 2022 16:14:04 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 99C6
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Mon, 05 Sep 2022 21:29:26 GMT
x-content-type-options
nosniff
age
240049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9832
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:49 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 05 Sep 2023 21:29:26 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=182398825736708&ev=PageView&dl=https%3A%2F%2Fd35l6tikrz27kq.cloudfront.net%2F&rl=&if=false&ts=1662653411681&sw=1600&sh=1200&v=2.9.79&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.2.1662653411680.335407732&it=1662653411426&coo=false&rqm=GET
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 08 Sep 2022 16:10:15 GMT
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.dom&eid=2&tc=123&z=0
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:15 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=292&dependencies=prog_install_prompt,facebook_api,youtube_iframe,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,most_popular,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_youtube,sticky_player_history_handler,sticky_player,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e24f7f9f34aa76a24c76b77447d1c1e41f4d27e15c2588d61288e3c6bc68a58d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
V8zYD3sevKZ1q28WVB5MIA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
cGdPBd6vaumOFy0bYntGzucZs98SMwa+ibe98OuazXMt0x/NCYXMCoschVeOu0ASGHGIF9phJX+5ZF9TnnFJjQ==
x-fb-content-md5
7b3257d7e39c888a7051915120909504
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 16:10:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"f8dfa698064fac25f70886af9920444b"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Sep 2022 16:10:59 GMT
hljson
d35l6tikrz27kq.cloudfront.net/
2 KB
3 KB
XHR
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/hljson
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4f119c6abf84ce8e5208ac16f74f9e1ea8f756f376c1714e837846c4e020a9db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
2137
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/hljson
content-language
ru
cache-control
max-age=58
content-type
application/json; charset=utf-8
x-amz-cf-id
-vU--4UQS67_8kyFmVtDuZwAX66ivDfMCBcb_wDkixExPC89HylPCw==
expires
Thu, 08 Sep 2022 16:11:13 GMT
items
d35l6tikrz27kq.cloudfront.net/api/compactheader/
587 B
1 KB
XHR
General
Full URL
https://d35l6tikrz27kq.cloudfront.net/api/compactheader/items
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/Scripts/responsive/loader.b?v=Se65uT5PRkmfDd2rRbG8TvzLgnQujh0NaLjWFQgt-4A1&av=0.1.0.0&cb=292
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:600:19:4928:7680:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
76a6480388ec775a81000b70247e59197f2137f5e9e441946dff9f0b25b3d850
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-length
587
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/compactheader/items
content-type
application/json; charset=utf-8
cache-control
max-age=22
x-amz-cf-id
vqdQBXoY_IiHbi-lPGBQpAcHjtiWA8xyn8wFnKPV_BC2z22VrSI7Ow==
expires
Thu, 08 Sep 2022 16:10:37 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 99C6
4 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 08 Sep 2022 16:10:15 GMT
ping
ping.chartbeat.net/
43 B
200 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=video%40rferl.russian&g=62557&p=zGpDCHDEXw0&i=%D0%A4%D1%80%D0%BE%D0%BD%D1%82.%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%BF%D1%80%D0%B8%D1%83%D0%BD%D1%8B%D0%BB%D0%B0%20%D0%BF%D1%80%D0%BE%D0%BF%D0%B0%D0%B3%D0%B0%D0%BD%D0%B4%D0%B0&g0=d35l6tikrz27kq.cloudfront.net&u=DKhRz6x1-5CBdxMgc&t=CTWOQfF5DDwCMItPiDHygyYBtZuOo&x=0&y=0&V=136&VS=YT&n=1&b=2058&r=&_vd=0&_vi=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&_vp=d35l6tikrz27kq.cloudfront.net%2F&_vh=d35l6tikrz27kq.cloudfront.net&_pu=CenLd0DB3hfTDiTLf9&_pt=BRPJFRwdBhaCbHLDtDn99ASByf3l4&_pr=&_vdd=rferl.russian&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.002&_vpt=0&_vtn=http%3A%2F%2Fimg.youtube.com%2Fvi%2FzGpDCHDEXw0%2Fdefault.jpg&_vaup=unkn&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=0&_
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-116-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:15 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
all.js
connect.facebook.net/en_US/
305 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=13be5f3cab05635638b4a028d3600a34
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3c1b6ac8f5ac3e60cdde8cda481e169d602b50b645df7e10137e297fa2fc75c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://d35l6tikrz27kq.cloudfront.net/
Origin
https://d35l6tikrz27kq.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zR+QWRUrj38AQgwoeTyFIQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87859
x-fb-rlafr
0
x-fb-debug
90KbfnabVZeJoWoKCyQ1FBlow46ppXikNYbV/6a++euVfSeDCX4wGiv1APLxZtPnWbFK23A5B7gshWJy1LE/TA==
x-fb-content-md5
61b4d533d0341beadeed45f42ba1cd90
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Sep 2022 16:10:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"55960cc00b2f8e63c2757f079ac79271"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 08 Sep 2023 13:53:26 GMT
generate_204
www.youtube.com/ Frame 99C6
0
10 B
Image
General
Full URL
https://www.youtube.com/generate_204?p_CG9w
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
6869A535-9DD5-4095-81F3-DF4F4F5B917D_w250_r1.jpg
gdb.rferl.org/
12 KB
13 KB
Image
General
Full URL
https://gdb.rferl.org/6869A535-9DD5-4095-81F3-DF4F4F5B917D_w250_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:884::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d7bae1e2f1987d518a8ac03b60808f2dbbe803e67da6870684df70a56d34d8d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
last-modified
Thu, 08 Sep 2022 16:05:02 GMT
server
Akamai Image Manager
etag
"21331"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
private, no-transform, max-age=2591623
content-length
12632
expires
Sat, 08 Oct 2022 16:03:58 GMT
5F4DBED2-25BC-449D-97CA-371A0D6F4C03_w250_r1.jpg
gdb.rferl.org/
13 KB
13 KB
Image
General
Full URL
https://gdb.rferl.org/5F4DBED2-25BC-449D-97CA-371A0D6F4C03_w250_r1.jpg
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:884::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d7da2ecc94ec3d44c8b42ff6c45a0052882115c477b67f8f9fdef831e7f24dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
last-modified
Thu, 28 Jul 2022 20:08:02 GMT
server
Akamai Image Manager
etag
"22979"
strict-transport-security
max-age=31536000
content-type
image/jpeg
cache-control
private, no-transform, max-age=1153680
content-length
13368
expires
Thu, 22 Sep 2022 00:38:15 GMT
cast_sender.js
www.gstatic.com/eureka/clank/105/ Frame 99C6
52 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/eureka/clank/105/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date
Thu, 08 Sep 2022 13:11:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15116
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 15:05:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Fri, 09 Sep 2022 13:11:08 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=322210431200953&input_token&origin=1&redirect_uri=https%3A%2F%2Fd35l6tikrz27kq.cloudfront.net%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=13be5f3cab05635638b4a028d3600a34
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
RsjAgJIyinu9ZiMEiMxNDf27esjZS5V3wV4Pl5bEy7hn3oqDDcN/KXZa+fdPkFy8CxmwwOOdHNUr/wsLRshHzg==
fb-s
unknown
date
Thu, 08 Sep 2022 16:10:15 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d35l6tikrz27kq.cloudfront.net
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=1
expires
Sat, 01 Jan 2000 00:00:00 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 99C6
98 B
142 B
XHR
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d925fa2729a81208b42c209c99cf4ab453cce2f5b22b3e812002ad02dbacd588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Thu, 08 Sep 2022 16:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame
0
0
Preflight
General
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Thu, 08 Sep 2022 16:10:15 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ Frame 7060
0
15 B
Document
General
Full URL
https://www.facebook.com/tr/
Requested by
Host: d35l6tikrz27kq.cloudfront.net
URL: https://d35l6tikrz27kq.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://d35l6tikrz27kq.cloudfront.net
Referer
https://d35l6tikrz27kq.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://d35l6tikrz27kq.cloudfront.net
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Thu, 08 Sep 2022 16:10:15 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
a
www.googletagmanager.com/
0
17 B
Image
General
Full URL
https://www.googletagmanager.com/a?id=GTM-WXZBPZ&cv=165&v=3&t=t&pid=1674602587&rv=970&es=1&e=gtm.load&eid=3&tc=123&tr=1sdl.1sdl.5sdl.5sdl&ti=1sdl.1sdl.1sdl.1sdl&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:16 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ping
ping.chartbeat.net/
43 B
200 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=rferl.russian&p=%2F&u=CenLd0DB3hfTDiTLf9&d=d35l6tikrz27kq.cloudfront.net&g=62557&g0=d35l6tikrz27kq.cloudfront.net&g1=No%20Author&n=1&f=00001&c=0.02&x=0&m=0&y=3571&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&b=1785&t=BRPJFRwdBhaCbHLDtDn99ASByf3l4&V=136&tz=0&_vi=%D0%A4%D1%80%D0%BE%D0%BD%D1%82.%20%D0%9F%D0%BE%D1%87%D0%B5%D0%BC%D1%83%20%D0%BF%D1%80%D0%B8%D1%83%D0%BD%D1%8B%D0%BB%D0%B0%20%D0%BF%D1%80%D0%BE%D0%BF%D0%B0%D0%B3%D0%B0%D0%BD%D0%B4%D0%B0&_vp=zGpDCHDEXw0&_vdd=video%40rferl.russian&_vs=s1&_vt=ct&_vap=&_vtn=http%3A%2F%2Fimg.youtube.com%2Fvi%2FzGpDCHDEXw0%2Fdefault.jpg&_vd=0&sn=2&sv=DMAbsvDbHT7gByafbwBQwf65BJfwcr&sd=1&im=061b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.86.116.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-86-116-177.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d35l6tikrz27kq.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Sep 2022 16:10:16 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
log_event
www.youtube.com/youtubei/v1/ Frame 99C6
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/f96f6702/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
X-Goog-Request-Time
1662653414212
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/zGpDCHDEXw0?&&&fs=1&enablejsapi=1&rel=0
X-YouTube-Client-Version
1.20220904.00.01
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
Cgtmcl9fQjFRNThZTSjmp-iYBg%3D%3D
X-YouTube-Ad-Signals
dt=1662653411486&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C290%2C163&vis=1&wgl=true&ca_type=image

Response headers

date
Thu, 08 Sep 2022 16:10:17 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Thu, 08 Sep 2022 16:10:17 GMT

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| AMPStrategy object| _cbv_strategies object| _cbv object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| cacheBuster string| appBaseUrl object| imgEnhancerBreakpoints boolean| isLoggingEnabled boolean| isPreviewPage boolean| isLivePreviewPage boolean| pwaEnabled undefined| swCacheDisabled function| initInfographics object| _RFE_module_app_code object| $dom function| webpackJsonp_RFE_module__name_ object| JSON3 function| setImmediate function| clearImmediate object| RFE function| renderExternalContent function| loadScript function| createHTML function| isInsideCms function| ajaxGet function| ajaxPost function| root object| moduleManager function| FireAnalyticsTagEvent function| FireAnalyticsTagEventOnDownload function| FireAnalyticsTagEventOnSearch function| FireAnalyticsTagEventOnSearchResultItemClick function| FireAnalyticsTagEventQuiz function| FireTealiumEvent function| FireTealiumEventOnDownload string| renderGtm object| dataLayer object| utag_data undefined| utag_from undefined| utag_searchKeyword object| nav2In object| nav2Sec object| secStyle object| Infographics number| __infographcisCount function| Kraken function| top100 object| _top100q object| _top100 string| a object| d number| js object| s boolean| isPreview function| OneSignal number| numVisitsTrigger function| promptAndSubscribeUser boolean| utag_condload string| utag_lh object| platform string| url string| parent_domain object| utag function| utag_condloader function| toBytesUTF8 function| fromBytesUTF8 function| trunc100bytes boolean| __tealium_twc_switch function| Visitor object| s_c_il number| s_c_in object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| _sf_startpt object| _sf_async_config number| _sf_endpt object| google_tag_manager object| google_tag_data number| __oneSignalSdkLoadCount function| __jp0 object| pangeaConfiguration object| bar_data object| defaultLoaderContext function| fbq function| _fbq object| s_bbg function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick object| _cb_shared boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| s_i_bbgprod_bbgentityrferl object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbm object| _RFE_module_prog_install_prompt object| _RFE_module_facebook_api object| _RFE_module_youtube_iframe object| _RFE_module_collapsible object| _RFE_module_highlights object| _RFE_module_hljson_loader object| _RFE_module_smooth_scroll object| _RFE_module_google_translate object| _RFE_module_swipe_slide object| _RFE_module_most_popular object| _RFE_module_simple_captcha object| _RFE_module_analyticstag_event object| _RFE_module_slider_fred object| _RFE_module_back_to_top object| _RFE_module_whatsapp_share_button object| _RFE_module_sticky_player_youtube object| _RFE_module_sticky_player_history_handler object| _RFE_module_sticky_player object| _RFE_module_copy_to_clipboard object| _RFE_module_accordeon object| _RFE_module_transition_toggler object| _RFE_module_nav20 object| _RFE_module_live_b_drop function| fbAsyncInit function| onYouTubeIframeAPIReady function| onYouTubeIframeAPIReadyRef function| YoutubeApi boolean| StickyPlayerGlobalEventsAttached boolean| StickyPlayerHistoryHandlerAttached object| FB object| __buffer

21 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: X6YCTQ6DICA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: fr__B1Q58YM
.rambler.ru/ Name: ruid
Value: 1CIAAOYTGmNpv9azAVjFDAB=
.d35l6tikrz27kq.cloudfront.net/ Name: adtech_uid
Value: 3d2c5d4b-5d2f-45b1-a780-1a6af96b4677%3Ad35l6tikrz27kq.cloudfront.net
.yadro.ru/ Name: FTID
Value: 1Z6XFc3L9f8O1Z6XFc0014CC
.demdex.net/ Name: demdex
Value: 80432791183145890341539836044697542620
.yadro.ru/ Name: VID
Value: 3jWd_a3NgAOO1Z6XFc0014Cj
.d35l6tikrz27kq.cloudfront.net/ Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg
Value: 1
.mail.ru/ Name: VID
Value: 0PApqR0ryUIC00000h1ML4IC:::0-0-0-8346ca6:CAASEFKA393G6QhT9AjG71fJ8WcaYKLM3DKDZNLcSIXnLSem-TM2JTYUT_spFlxRAuqAGxTYwNoW6F3dT-rEP5BtfQfj9l14X8-7ihN6sWvyIsCCkwUQYDDdAvzs-o-GoRa4nWIF47gWPqCGAfOziitOrbsQyw
.omtrdc.net/ Name: s_vi
Value: [CS]v1|318D09F325E25BDF-40001A0CE0AA04E5[CE]
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YxoT5gAAAIsVzgNe
.dpm.demdex.net/ Name: dpm
Value: 80432791183145890341539836044697542620
.d35l6tikrz27kq.cloudfront.net/ Name: _cb
Value: CenLd0DB3hfTDiTLf9
.d35l6tikrz27kq.cloudfront.net/ Name: _chartbeat2
Value: .1662653411511.1662653411511.1.DMAbsvDbHT7gByafbwBQwf65BJfwcr.1
.d35l6tikrz27kq.cloudfront.net/ Name: _cb_svref
Value: null
.d35l6tikrz27kq.cloudfront.net/ Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg
Value: 1406116232%7CMCIDTS%7C19244%7CMCMID%7C80389542200495446251536278611849470215%7CMCAAMLH-1663258211%7C6%7CMCAAMB-1663258211%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1662660611s%7CNONE%7CMCAID%7C318D09F325E25BDF-40001A0CE0AA04E5%7CMCSYNCSOP%7C411-19251%7CvVersion%7C2.5.0
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstlid
Value: 9104809536385481986_HU1NSMuZhkZfGrCH10zSOmVuvuJvVxSnFszhXbezeqX
.d35l6tikrz27kq.cloudfront.net/ Name: _fbp
Value: fb.2.1662653411680.335407732
d35l6tikrz27kq.cloudfront.net/ Name: clickCounter
Value: 0
.d35l6tikrz27kq.cloudfront.net/ Name: _v__chartbeat3
Value: DKhRz6x1-5CBdxMgc

1 Console Messages

Source Level URL
Text
network error URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d35l6tikrz27kq.cloudfront.net.json?t=1
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
counter.rambler.ru
counter.yadro.ru
d146ehq26eduy8.cloudfront.net
d2qii21258vzz5.cloudfront.net
d35l6tikrz27kq.cloudfront.net
dpm.demdex.net
fonts.gstatic.com
gdb.rferl.org
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
kraken.rambler.ru
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
static.doubleclick.net
tags.tiqcdn.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
13.32.121.72
15.236.176.210
2600:9000:20d7:ca00:18:1fcd:351:7bc1
2600:9000:20eb:3a00:11:fbd8:f840:21
2600:9000:20eb:600:19:4928:7680:21
2600:9000:21f3:f800:18:3288:fc00:21
2606:4700::6812:e134
2606:4700::6813:9308
2a00:1450:4001:802::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:811::2006
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2016
2a02:26f0:3500:884::1317
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f107:83:face:b00c:0:25de
2a04:4e42:400::714
34.248.32.199
52.210.26.59
54.154.150.117
54.86.116.177
81.19.89.17
87.240.129.133
88.212.201.198
92.123.36.220
95.163.52.67
053b391be57ec2e5236a2e9e618bdb2eb4295ffd6b148a99e7cc30543a3a5130
0ea2d583bb57604e6cde0f4d7c3e0751eee2859f11f9c296ddb1d79701461bb2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c
18e969224e3859ee4a70d1019e1613586d336d972a153fdc21f71a30d58e74e4
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
1fa15340a9311e1f20c2edefca19f68af5749ffb7f8a940749a2c7e3b6f4075f
1fc7693f58891de3f692871ea1f9775383a9c61d8036eb61f27b24b90406dc4e
26f1d1c7cdaa1d8e1ef590562c21e0efa3399ffd9ace1d40ff7f12e808d0c02f
291a118ac243672f400e69db5ee6be5c9c7e34d9ad453e260f54e661a8d08a11
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2dd96f8157c87be4ad34c76e5b591145c56c76aa8f5d1269dc56a0739e1e6c49
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3534aaab814faececaf6861766e1d7ac28b68de15bb4d0db57249fe09b565e17
35b12229634acf68184dffcc1aa7de743e83b7b20ed3d47c8b9893b768081065
363f26c74b1e395fabb555dc5c35104610e8176843bbcce2ca00d652145fcc48
36ec4d0b5fd514b1eb9b1bb544d20e92f788b6465744b3b53097e8408e4395fd
38fbf705651ece3bfb361021edf952d96319d241a15c70c90be59f4fa193af08
39f6148a2364e4b6b5257d6c1e23606cfe364384abfc3a93aca6292a6c230003
39ff4fd099733ca612119cee9ff76bec251854d45b616958ba85d6593d9a5607
3c1b6ac8f5ac3e60cdde8cda481e169d602b50b645df7e10137e297fa2fc75c6
3d3a81196a1f458b49edaed61124b5a99169da34b553ef0c5b676e05c468d1a2
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
466bf24e58f66e2b95b1fb564512a5041a3dec37da1cd9ec7b789fc4aeff1f8b
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b00ed621740620bfd79c6c4d2501d53390214d6bb3fb90a31a1c24637f05bb7
4f119c6abf84ce8e5208ac16f74f9e1ea8f756f376c1714e837846c4e020a9db
505217854fe4541cb6f8f1d0fb5009f30fd537d93755df7f5ce283ab42c03b85
539f999a8454c421e18bfe3ce17b03e0df7802ee7db4f9e0c76d8f1c2e59b916
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
560f1b7942308b356e77e682d4c552e92126a9f15b3f51458e7c9c45a243a674
5ae95e748ad12444cd760e245c02264cea3e8deb41fabd95f1e0784b81f72783
5c8481ed0ef95880c63d10951b1dbac4a48d5baef216b4df56e799c6e2b6a70d
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
6419195314170005318850b6aad3ed7f4445f7a9fe97a5ecdf530ddb5ca265f9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6ac9bf5bddd3778c46b318b88b89776b233bd6f9023bf1964a0821df455b2ea0
6c33ee2c33d4e8355bd9e491e0f50af1a4195a35163f2a2ea635760eab76daf9
70dd0bb01cce76c8ca2f57838fae7f5cf5365e78bb330ecf2cb385793cfe6920
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d
72bf7d435ccb8867c26ea9b1bc05c03c0d9af0d272f93b293470b5c1b0e6e482
72c8d97a9a54ced1bf6802ebe8ba237291e56c53ada6ade5d958f5f64804696a
76a6480388ec775a81000b70247e59197f2137f5e9e441946dff9f0b25b3d850
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e8510e8e158bf0ad33889c5ded452be408f39b15850a84b748e19466a8c8049
8070d03f08cc2e72553bee1910f636237aca8783d7bf0ba632fd25dffb819175
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
862458934d4a05cc2814c7a796573f38ba888750efbf15e0150379596f0f9b74
8c891d9ee2621b2e3a952141bb15cb974f68d9ac30d49265d25275f8813b633c
94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223
9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466
99fb01f45a2d245b12dad2aa7b8b34c0a35b8b38389c43c4540253da177d2992
9ec279160bf78449a05c78a6d1f1c2972f1e42fb0feb710ae1af7e6c4a5ed0fc
9ecc7b10e4082edd3b4db9db13bcec3226c859a368370242e763558697f559cb
9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990
a291b7a4643f0319ee8244ed6076cd1b5f6379584c1dbb67160030fbfa0c472d
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a52e149f45c91ee9f78f26a7479c5d7d0c052fd58022bf35f993e562f1af4438
a5c897555fa3a978e129d504d7c981b54d4e84f1c9bf65890888f1066aafbf24
a608a7eaed908eae054c9edb70e4ae9a2fea33f4dc81d1f89f5c75f82ab04eec
aa81202eafd68a146de1bfa18b7a8697bbd11740930986c99aebfdfce7a362a6
abca234b316c4d320be90e36e3364047e660025c4d890b91eda00e22f4ee05a5
b0debc4f461e70884198674099ff2883432c131eb88fe6a59816f646bece992d
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c4b6ef09aa79f173c8b4c5b3ef08295d12a905ebdd15dfbbafcc74bead5f6fd2
c8f013254fae568fb357e26403a8d280143f75d6554c71b0be40634f28d4aef5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12b917748670cabc4f27972b671c65babf3a810f4a954bcdb838ec9cebe042f
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
d7bae1e2f1987d518a8ac03b60808f2dbbe803e67da6870684df70a56d34d8d0
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7da2ecc94ec3d44c8b42ff6c45a0052882115c477b67f8f9fdef831e7f24dbd
d925fa2729a81208b42c209c99cf4ab453cce2f5b22b3e812002ad02dbacd588
dc4ac48237f865cfa7df9f9d20a04e0193df6230103c007ebc090547bccfc3d7
e0b294d81edfb9c011f80d02175961efe10b06f1d24fba48fe582b7ceb535577
e24f7f9f34aa76a24c76b77447d1c1e41f4d27e15c2588d61288e3c6bc68a58d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d279136fcd050ccd168050fa16f89021981954c823ad443326f20d57302f2c
e42a903a5543ea3db161f5e3e4aa57a3f31f97b0320a45e0ae6885b501976952
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc
e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002
e93679da93e20ff48111fc1cbcb5b9f08719442cf55dd3c9d3e2eadbfd9fb3cd
ed6e33ad001d9ea4ea14eb7921b7aadf71044eaef6dccf362431c4b2f224ff46
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2aad3f924f2dc8fda8980decb7f9ea1fc9f66696fbad5a4d4677c0c26eafc84
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5