www.occrp.org Open in urlscan Pro
34.149.123.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://nwrte.com/
Effective URL:
https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared...
Submission: On October 10 via api (October 10th 2024, 9:27:10 pm UTC) from BY — Scanned from DE

Summary HTTP 52 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 5 domains to perform 52 HTTP transactions. The main IP is 34.149.123.221, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.occrp.org. The Cisco Umbrella rank of the primary domain is 617226.
TLS certificate: Issued by WR3 on August 18th 2024. Valid for: 3 months.

This is the only time www.occrp.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:201a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 46	34.149.123.221 34.149.123.221	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:82c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	4

1 2606:4700:3037::6815:201a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

nwrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 34.149.123.221 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 221.123.149.34.bc.googleusercontent.com

www.occrp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:82c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	occrp.org 1 redirects www.occrp.org — Cisco Umbrella Rank: 617226	1 MB
5	google.com www.google.com — Cisco Umbrella Rank: 3	984 B
1	ipapi.co ipapi.co — Cisco Umbrella Rank: 16407	923 B
1	gstatic.com www.gstatic.com	215 KB
1	nwrte.com 1 redirects nwrte.com	602 B
52	5

	Domain	Requested by
46	www.occrp.org	1 redirects www.occrp.org
5	www.google.com	www.occrp.org www.gstatic.com
1	ipapi.co	www.occrp.org
1	www.gstatic.com	www.google.com
1	nwrte.com	1 redirects
52	5

This site contains links to these domains. Also see Links.

Domain
gacc.occrp.org
id.occrp.org
aleph.occrp.org
checkout.fundjournalism.org
mailchi.mp
medium.com
twitter.com
www.youtube.com
www.facebook.com
www.linkedin.com
api.whatsapp.com
t.me
ldpr.ru
www.kommersant.ru
youtu.be
www.ntv.ru
duma.gov.ru
eur-lex.europa.eu
www.interfax-religion.ru
ria.ru
www.instagram.com
www.interfax.ru
tass.ru
www.fontanka.ru
www.vedomosti.ru
www.bbc.com
occrp.fundjournalism.org

Subject Issuer	Validity	Valid
occrp.org WR3	`2024-08-18` - `2024-11-17`	3 months	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
ipapi.co WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Frame ID: 9C0C5658C266B11DFBEFE6E49ED95C5B
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV&co=aHR0cHM6Ly93d3cub2NjcnAub3JnOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y83x2k25wg8g
Frame ID: 50304C3DE777EFBBFB2F087D1A855A56
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV&co=aHR0cHM6Ly93d3cub2NjcnAub3JnOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=lxj8dc23br9d
Frame ID: D2D89AB18AE6D462A99203C02588D826
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV
Frame ID: 63F6E1F66AF04F90D329564B3766827D
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV
Frame ID: C55AD01227DA0943EE28FCA8CF441BBD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Family of Eccentric Russian “Loyal Opposition” Leader Owns Millions in Undeclared Property | OCCRP

Page URL History Show full URLs

http://nwrte.com/ HTTP 307
https://nwrte.com/ HTTP 301
https://www.occrp.org/en/investigations/family-of-eccentric-russian-loyal-opposition-leader-owns-m... HTTP 301
https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-mi... Page URL

Detected technologies

Cart Functionality (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

<a[^>]*href=[^>]*/Cart
<a[^>]*href=[^>]*/Checkout

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha
/recaptcha/api\.js

Page Statistics

52
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

1457 kB
Transfer

3011 kB
Size

1
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: https://gacc.occrp.org/
Title: Global Anti-Corruption Consortium

Search URL Search Domain Scan URL

URL: https://id.occrp.org/
Title: OCCRP ID – Research Desk

Search URL Search Domain Scan URL

URL: https://aleph.occrp.org/
Title: OCCRP Aleph – Data Platform

Search URL Search Domain Scan URL

URL: https://checkout.fundjournalism.org/memberform?org_id=occrp&campaign=7011U000000EcJRQA0
Title: Donate

Search URL Search Domain Scan URL

URL: https://mailchi.mp/occrp/subscribe-newsletter
Title: Subscribe to our Newsletter

Search URL Search Domain Scan URL

URL: https://medium.com/occrp-unreported

Search URL Search Domain Scan URL

URL: https://twitter.com/occrp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAdFen-6WQOxmDHK3saMD8A

Search URL Search Domain Scan URL

URL: https://www.facebook.com/OCCRP.org

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/the-organized-crime-and-corruption-reporting-project/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property&title=Family%20of%20Eccentric%20Russian%20%E2%80%9CLoyal%20Opposition%E2%80%9D%20Leader%20Owns%20Millions%20in%20Undeclared%20Property&description=The%20family%20of%20Vladimir%20Zhirinovsky,%20a%20controversial%20elder%20statesman%20of%20Russian%20politics%20and%20leader%20of%20the%20Liberal%20Democratic%20Party%20of%20Russia,%20owns%20undeclared%20property%20worth%20an%20estimated%20$135%20million.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Family%20of%20Eccentric%20Russian%20%E2%80%9CLoyal%20Opposition%E2%80%9D%20Leader%20Owns%20Millions%20in%20Undeclared%20Property&url=https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property&via=OCCRP

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=Family%20of%20Eccentric%20Russian%20%E2%80%9CLoyal%20Opposition%E2%80%9D%20Leader%20Owns%20Millions%20in%20Undeclared%20Property%0D%0Ahttps://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property%0D%0AThe%20family%20of%20Vladimir%20Zhirinovsky,%20a%20controversial%20elder%20statesman%20of%20Russian%20politics%20and%20leader%20of%20the%20Liberal%20Democratic%20Party%20of%20Russia,%20owns%20undeclared%20property%20worth%20an%20estimated%20$135%20million.

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property&text=Family%20of%20Eccentric%20Russian%20%E2%80%9CLoyal%20Opposition%E2%80%9D%20Leader%20Owns%20Millions%20in%20Undeclared%20Property%0D%0AThe%20family%20of%20Vladimir%20Zhirinovsky,%20a%20controversial%20elder%20statesman%20of%20Russian%20politics%20and%20leader%20of%20the%20Liberal%20Democratic%20Party%20of%20Russia,%20owns%20undeclared%20property%20worth%20an%20estimated%20$135%20million.

Search URL Search Domain Scan URL

URL: https://ldpr.ru/party/History_of_the_Liberal_Democratic_Party/
Title: entered the political arena

Search URL Search Domain Scan URL

URL: https://www.kommersant.ru/doc/2309642
Title: LDPR took first place

Search URL Search Domain Scan URL

URL: https://ldpr.ru/power/The_Executive_power/
Title: three acting governorships

Search URL Search Domain Scan URL

URL: https://youtu.be/JzwykBxbkzM?t=788
Title: provocative and eccentric behavior

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=onFFyCsLGng
Title: poured juice

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=2806mEQWiRE
Title: cursed at presidential candidate Ksenia Sobchak in a live broadcast

Search URL Search Domain Scan URL

URL: https://www.ntv.ru/novosti/917597/
Title: ordered a security guard to rape

Search URL Search Domain Scan URL

URL: http://duma.gov.ru/duma/persons/99100750/
Title: led the LDPR’s fraction

Search URL Search Domain Scan URL

URL: https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=OJ:JOL_2014_271_R_0003&from=EN
Title: Zhirinovsky and Lebedev were sanctioned

Search URL Search Domain Scan URL

URL: http://duma.gov.ru/duma/persons/99100142/property/
Title: he owns two plots of land

Search URL Search Domain Scan URL

URL: http://duma.gov.ru/duma/persons/99100750/property/
Title: Igor Lebedev declared ownership

Search URL Search Domain Scan URL

URL: http://www.interfax-religion.ru/?act=archive&div=5783
Title: They were married

Search URL Search Domain Scan URL

URL: https://ria.ru/20130416/932837771.html
Title: he said his

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/BautnVuATrZ/
Title: woman who calls herself Nadezhda Grishaeva’s mother

Search URL Search Domain Scan URL

URL: https://twitter.com/Russian1972/status/742943703568900096
Title: registered to Igor Lebedev and a friend

Search URL Search Domain Scan URL

URL: https://www.interfax.ru/russia/617534
Title: receive federal money

Search URL Search Domain Scan URL

URL: https://www.kommersant.ru/doc/235388
Title: widely considered a leader

Search URL Search Domain Scan URL

URL: https://tass.ru/proisshestviya/2217475
Title: was sentenced to 13 years in prison

Search URL Search Domain Scan URL

URL: https://www.kommersant.ru/doc/352102
Title: was wanted for extortion

Search URL Search Domain Scan URL

URL: https://www.fontanka.ru/2004/03/25/72348/
Title: was killed in Cyprus

Search URL Search Domain Scan URL

URL: https://www.kommersant.ru/doc/3645147
Title: was sentenced in absentia

Search URL Search Domain Scan URL

URL: https://www.vedomosti.ru/politics/news/2018/05/31/771505-sud
Title: now hiding in the United States

Search URL Search Domain Scan URL

URL: https://www.bbc.com/news/uk-35104623
Title: was accused of murdering

Search URL Search Domain Scan URL

URL: http://duma.gov.ru/duma/persons/99109998/
Title: head of the Duma commission

Search URL Search Domain Scan URL

URL: https://occrp.fundjournalism.org/donate/?campaign=7011U000000ylyDQAQ
Title: Donate

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://nwrte.com/ HTTP 307
https://nwrte.com/ HTTP 301
https://www.occrp.org/en/investigations/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property HTTP 301
https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property Show response
www.occrp.org/en/investigation/
Redirect Chain

http://nwrte.com/
https://nwrte.com/
https://www.occrp.org/en/investigations/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

745 KB
188 KB

567ms
566ms

Document
text/html

34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

3a0d4a2a80193951244b010cd80875fdbab4cbfc2b703d04a89308c05bc5e0e3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://*.europeanpressprize.com https://europeanpressprize.com
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: max-age=60, public, stale-while-revalidate=600
cache-status: miss
content-encoding: br
content-security-policy: frame-ancestors 'self' https://*.europeanpressprize.com https://europeanpressprize.com
content-type: text/html; charset=UTF-8
date: Thu, 10 Oct 2024 21:27:05 GMT
permissions-policy: interest-cohort=()
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache
cache-status: miss
content-length: 169
content-type: text/html
date: Thu, 10 Oct 2024 21:27:04 GMT
location: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 google

GET
H3 200 app-4f6483ab.css
www.occrp.org/build/assets/ 99 KB
17 KB 8ms
8ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/app-4f6483ab.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

4f6483ab44eea3a35a651c88e81462fbc052b4e600e3a6967a64c3822ae911c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17726
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 site-5ee811a4.js Show response
www.occrp.org/build/assets/ 323 KB
103 KB 12ms
10ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/site-5ee811a4.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

1f769aa4bbddc8e2f23d7a5fe96674654dd9b606d426a25061082867c0cd323b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1266
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105498
date: Thu, 10 Oct 2024 21:05:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H3 200 _commonjsHelpers-725317a4.js Show response
www.occrp.org/build/assets/ 236 B
256 B 47ms
44ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/_commonjsHelpers-725317a4.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-ec"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript

GET
H3 200 search-box-d6da5aca.js Show response
www.occrp.org/build/assets/ 218 KB
50 KB 25ms
21ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/search-box-d6da5aca.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

6035065de3d6f959c9a062173d4d57377f0d1a3ea24c672d2f119aa6e5f99183

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1266
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51661
date: Thu, 10 Oct 2024 21:05:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H3 200 glideSlider-ca3602e4.js Show response
www.occrp.org/build/assets/ 28 KB
8 KB 37ms
34ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/glideSlider-ca3602e4.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

c6d1b77c5b83fc5bd6784d0ac401db94f3dbdc90057f5ee4455bcbbb748201c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8158
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H3 200 recaptcha-cfd262ab.js Show response
www.occrp.org/build/assets/ 624 B
644 B 38ms
35ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/recaptcha-cfd262ab.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

b1382f29e2b771e4dab2fca727020840b5ed253710692c81b21cb81dd9ff6c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-270"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 624
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript

GET
H3 200 article-intro-6a663053.css
www.occrp.org/build/assets/ 5 KB
1 KB 23ms
20ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/article-intro-6a663053.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

6a663053dd76517466e29e76b2b217872a9b0e8c7eb685df9b854fb7dcc1c5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1216
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 cropped-image-a9609e90.css
www.occrp.org/build/assets/ 258 B
278 B 22ms
19ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/cropped-image-a9609e90.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

a9609e907ea884e5bd269401a79a3bcb8d69d743bd8d6832950376e3369364b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-102"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 258
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css

GET
H3 200 related-articles-aside-6381a4e8.css
www.occrp.org/build/assets/ 7 KB
2 KB 21ms
18ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/related-articles-aside-6381a4e8.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

6381a4e89e33aab2f6d81b459e9ad6f8d9c287e365095e769310996f264c625a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1648
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 reported-by-aside-ca176433.css
www.occrp.org/build/assets/ 5 KB
1 KB 27ms
24ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/reported-by-aside-ca176433.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

ca176433f08dde3bdcc51e12736556afa02cf293856744cc958e9dbd80179344

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1180
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 byline-e56b8d94.css
www.occrp.org/build/assets/ 5 KB
1 KB 35ms
32ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/byline-e56b8d94.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

e56b8d9486e750f2171f738dbaef4e5fc7a3a45dceb2a88b5af523ed339bbcc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1148
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 article-details-eb6ad5f2.css
www.occrp.org/build/assets/ 6 KB
1 KB 27ms
25ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/article-details-eb6ad5f2.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

eb6ad5f2c96409e846a7622dd85cb0aec8bb5e24aac6fc52e506fe63bb446363

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1433
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 article-social-list-878dc74d.css
www.occrp.org/build/assets/ 5 KB
1 KB 34ms
31ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/article-social-list-878dc74d.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

878dc74dac18381834c1c88d6e4304fce9f25223bbb3e17660af76c864a60d37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1270
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 aside-image-5ce72107.css
www.occrp.org/build/assets/ 5 KB
1 KB 27ms
24ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/aside-image-5ce72107.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

5ce7210789f7654a3930cc35fa8ceedaa37c2b02515e8df0a08123db2ea56ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1218
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 research-and-social-8eb97a0c.css
www.occrp.org/build/assets/ 5 KB
1 KB 21ms
18ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/research-and-social-8eb97a0c.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

8eb97a0c5518ad19b287be1a7e02ccadfd892e5b391a3df5464782a487adbe4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1297
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 article-outro-d23a8553.css
www.occrp.org/build/assets/ 530 B
550 B 35ms
33ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/article-outro-d23a8553.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

d23a8553fc90bf4396bda655bec16c9064d834b19db69d72cf7bbda0835547d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-212"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css

GET
H3 200 donate-box-ad2550e1.css
www.occrp.org/build/assets/ 6 KB
1 KB 29ms
27ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/donate-box-ad2550e1.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

ad2550e15057900b0962bd4f904fe1b10e61dcd112b57329074f635f8c33772a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1391
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 social-list-1c8c0bf0.css
www.occrp.org/build/assets/ 5 KB
1 KB 31ms
28ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/social-list-1c8c0bf0.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

1c8c0bf0c58b816e97b2808b7495122081c39bb56c3b02009e83cd5cbb39d83f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1280
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 cookie-warning-722f11c8.css
www.occrp.org/build/assets/ 7 KB
2 KB 32ms
30ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/cookie-warning-722f11c8.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

722f11c8a969430e04ba1fa7ccec787193078b8ce94417e142abdcb35edec187

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 3872
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1671
date: Thu, 10 Oct 2024 20:22:33 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
984 B 46ms
19ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=explicit&onload=recaptchaInit

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c56847bb3a18a3d80997a31654a4f52ae16ec357bd1f1654deb866471a5c9932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Thu, 10 Oct 2024 21:27:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Thu, 10 Oct 2024 21:27:05 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H3 200 subscribe-form-b5d0fe62.css
www.occrp.org/build/assets/ 5 KB
1 KB 38ms
37ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/subscribe-form-b5d0fe62.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

b5d0fe6268bb7eced7537c4225ce8e86de0589f21046699c896b78a16ef18357

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1327
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1115
date: Thu, 10 Oct 2024 21:04:58 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css
vary: Accept-Encoding

GET
H3 200 newsletterSubscription-970059b5.js Show response
www.occrp.org/build/assets/ 635 B
655 B 37ms
36ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/newsletterSubscription-970059b5.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

1846431a0eed5cd8659373109e430f0925e702d42182d8acfbd6543cf9b2648d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-27b"
age: 3639
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 635
date: Thu, 10 Oct 2024 20:26:26 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript

GET
H3 200 article-layout-cf4f5a4f.css
www.occrp.org/build/assets/ 203 B
223 B 31ms
29ms Stylesheet
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/article-layout-cf4f5a4f.css

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

cf4f5a4fd20e68c500f059545fca666113a4eb2faf1b6b2703115b67d7a5ded5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-cb"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 203
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: text/css

GET
H3 200 Vladimir-Zhirinovsky.jpg
www.occrp.org/processed/containers/assets/investigations/Vladimir-Zhirinovsky.jpg/a78481f3fd0d66fcbf035e68ffc9cc02/ 78 KB
78 KB 140ms
138ms Image
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/Vladimir-Zhirinovsky.jpg/a78481f3fd0d66fcbf035e68ffc9cc02/Vladimir-Zhirinovsky.jpg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

71b96af6b787548aa7fb5a14319bf2e9279ed1827efe5b66ec77dc4a4f72399c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66b30ce3-137da"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79834
date: Thu, 10 Oct 2024 21:27:05 GMT
cache-status: miss
content-type: image/jpeg
last-modified: Wed, 07 Aug 2024 05:57:55 GMT

GET
H3 200 steward-investigation-banner.jpg
www.occrp.org/processed/containers/assets/investigations/steward-investigation-banner.jpg/b98d16b46e27958b7cfe2b8ca913434b/ 10 KB
10 KB 47ms
46ms Image
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/steward-investigation-banner.jpg/b98d16b46e27958b7cfe2b8ca913434b/steward-investigation-banner.jpg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

8280a4c04f70ca37b6c50006c3d917e39fa01c30fdd8ec6721133b7ec8524be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "67060898-27ee"
age: 9305
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10222
date: Thu, 10 Oct 2024 18:52:00 GMT
cache-status: stale
last-modified: Wed, 09 Oct 2024 04:37:44 GMT
content-type: image/jpeg

GET
H3 200 iraq-banner.jpg
www.occrp.org/processed/containers/assets/investigations/iraq-banner.jpg/682502ecbabd5d5c2308ec0516d3608d/ 9 KB
9 KB 30ms
29ms Image
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/iraq-banner.jpg/682502ecbabd5d5c2308ec0516d3608d/iraq-banner.jpg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

3cc2be196dbbfc204abd4ae79af05bd3e01a6256d5fdf0a1fdbb048717587b61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66ffabca-25b0"
age: 9305
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9648
date: Thu, 10 Oct 2024 18:52:00 GMT
cache-status: stale
last-modified: Fri, 04 Oct 2024 08:48:10 GMT
content-type: image/jpeg

GET
H3 200 telegram-privet-bot-final.jpg
www.occrp.org/processed/containers/assets/investigations/telegram-privet-bot-final.jpg/09da2a26493afcb8f9cb7b68b7636041/ 8 KB
8 KB 33ms
32ms Image
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/telegram-privet-bot-final.jpg/09da2a26493afcb8f9cb7b68b7636041/telegram-privet-bot-final.jpg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

9e873af33f6116f57ef70a87ab03ec5add9c95ab51c97f3b002bbe0cd5ca7b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66f44498-1ec5"
age: 6909
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7877
date: Thu, 10 Oct 2024 19:31:56 GMT
cache-status: stale
last-modified: Wed, 25 Sep 2024 17:12:56 GMT
content-type: image/jpeg

GET
H3 200 galina-lebedeva.png
www.occrp.org/processed/containers/assets/investigations/galina-lebedeva.png/54f7a824e2e4e34683b7d7b3aeca8947/ 177 KB
178 KB 117ms
116ms Image
image/png 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/galina-lebedeva.png/54f7a824e2e4e34683b7d7b3aeca8947/galina-lebedeva.png

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

5eb7f485734ebef07282e96c6d6f22a3ad8c5749398047834ff35900c703a117

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66b30e80-2c5fb"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181755
date: Thu, 10 Oct 2024 21:27:05 GMT
cache-status: miss
content-type: image/png
last-modified: Wed, 07 Aug 2024 06:04:48 GMT

GET
H3 200 Nadezhda-Grishaeva.png
www.occrp.org/processed/containers/assets/investigations/Nadezhda-Grishaeva.png/09be4d91724d384c24a02963c66a063d/ 354 KB
354 KB 188ms
187ms Image
image/png 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/processed/containers/assets/investigations/Nadezhda-Grishaeva.png/09be4d91724d384c24a02963c66a063d/Nadezhda-Grishaeva.png

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

ecc5533018468a83a70bf2075a8e435a5987f77e1a1e079fb1442da519702244

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66b309c7-58830"
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 362544
date: Thu, 10 Oct 2024 21:27:05 GMT
cache-status: miss
content-type: image/png
last-modified: Wed, 07 Aug 2024 05:44:39 GMT

GET
H3 200 conditionalRelatedArticlesAside-42ef84fc.js Show response
www.occrp.org/build/assets/ 746 B
766 B 25ms
22ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/conditionalRelatedArticlesAside-42ef84fc.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

11353581a047f5b13afbb18343dc24fb3e4753d14bed8f71c970dbebe287cb90

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-2ea"
age: 1704
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 746
date: Thu, 10 Oct 2024 20:58:41 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript

GET
H3 200 cookie-454b493e.js Show response
www.occrp.org/build/assets/ 1 KB
674 B 26ms
22ms Script
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/cookie-454b493e.js

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

66b1e8563776069f9dc65b66ee2d1f43982d429be42aed4beb30277719ae9d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1327
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
date: Thu, 10 Oct 2024 21:04:58 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H3 200 app-4f6483ab.css
www.occrp.org/build/assets/ 99 KB
12 B 23ms
12ms Other
text/css 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.occrp.org/build/assets/app-4f6483ab.css
Requested by: Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.123.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 7bcb208c19c4431a053390534f734e68c89fd4c52ea75c77a999894e6e9c02c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 0
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17726
date: Thu, 10 Oct 2024 21:27:05 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
vary: Accept-Encoding
content-type: text/css

GET
H3 200 newsletterSubscription-970059b5.js
www.occrp.org/build/assets/ 635 B
11 B 10ms
10ms Other
application/javascript 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.occrp.org/build/assets/newsletterSubscription-970059b5.js
Requested by: Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.123.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 1846431a0eed5cd8659373109e430f0925e702d42182d8acfbd6543cf9b2648d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-27b"
age: 3639
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 635
date: Thu, 10 Oct 2024 20:26:26 GMT
cache-status: stale
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/javascript

GET
H3 200 sun-12871050.svg
www.occrp.org/build/assets/ 5 KB
2 KB 11ms
11ms Image
image/svg+xml 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/build/assets/sun-12871050.svg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

128710502efe009472856be97582e8579a9d83d02a086f70b377f2756ff9c2ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1326
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1907
date: Thu, 10 Oct 2024 21:04:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding

GET
H3 200 moon-c1692d2c.svg
www.occrp.org/build/assets/ 4 KB
1 KB 9ms
9ms Image
image/svg+xml 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.occrp.org/build/assets/moon-c1692d2c.svg

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

c1692d2cb9ec04d28bd08709a8588ba0c475de644b1de05d5020502b5eade366

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
content-encoding: br
age: 1326
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1329
date: Thu, 10 Oct 2024 21:04:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: image/svg+xml
vary: Accept-Encoding

GET
H3 200 Inter-Tight-Ext-8f1438b2.woff2
www.occrp.org/build/assets/ 79 KB
79 KB 9ms
9ms Font
font/woff2 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/Inter-Tight-Ext-8f1438b2.woff2

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

8f1438b2687c893b8da14f74649a0f428e84f96165c5247ae713461d588fa044

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-13cbc"
age: 1639
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81084
date: Thu, 10 Oct 2024 20:59:46 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: font/woff2

GET
H3 200 icomoon-1fb8ac56.ttf
www.occrp.org/build/assets/ 4 KB
4 KB 15ms
15ms Font
application/octet-stream 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/icomoon-1fb8ac56.ttf?o9rlqt

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/related-articles-aside-6381a4e8.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

1fb8ac561ca7bb43a3d330997d75bdf907b4a9d91132556893ad1ba6e0369dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/related-articles-aside-6381a4e8.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-1140"
age: 1639
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4416
date: Thu, 10 Oct 2024 20:59:46 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/octet-stream

GET
H3 200 Lora-Ext-dac40935.woff2
www.occrp.org/build/assets/ 19 KB
20 KB 18ms
17ms Font
font/woff2 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/Lora-Ext-dac40935.woff2

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

dac40935c6c2eae15288f77ac1b1e9c2927598f0dd45bf65426dbbac45f4dfdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-4df0"
age: 1326
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19952
date: Thu, 10 Oct 2024 21:04:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: font/woff2

GET
H3 200 icomoon-free-c4df3109.ttf
www.occrp.org/build/assets/ 14 KB
14 KB 16ms
16ms Font
application/octet-stream 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/icomoon-free-c4df3109.ttf

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/related-articles-aside-6381a4e8.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

c4df3109efdba8d57fcd747e3ad5c83b9061d59b3bdff03320ee3d8381fca9f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/related-articles-aside-6381a4e8.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-3840"
age: 1326
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14400
date: Thu, 10 Oct 2024 21:04:59 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: application/octet-stream

GET
H3 200 steward-investigation-banner.jpg
www.occrp.org/processed/containers/assets/investigations/steward-investigation-banner.jpg/b98d16b46e27958b7cfe2b8ca913434b/ 10 KB
11 B 33ms
33ms Other
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.occrp.org/processed/containers/assets/investigations/steward-investigation-banner.jpg/b98d16b46e27958b7cfe2b8ca913434b/steward-investigation-banner.jpg
Requested by: Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.123.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8280a4c04f70ca37b6c50006c3d917e39fa01c30fdd8ec6721133b7ec8524be0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "67060898-27ee"
age: 9305
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10222
date: Thu, 10 Oct 2024 18:52:00 GMT
cache-status: stale
last-modified: Wed, 09 Oct 2024 04:37:44 GMT
content-type: image/jpeg

GET
H3 200 iraq-banner.jpg
www.occrp.org/processed/containers/assets/investigations/iraq-banner.jpg/682502ecbabd5d5c2308ec0516d3608d/ 9 KB
11 B 34ms
33ms Other
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.occrp.org/processed/containers/assets/investigations/iraq-banner.jpg/682502ecbabd5d5c2308ec0516d3608d/iraq-banner.jpg
Requested by: Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.123.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3cc2be196dbbfc204abd4ae79af05bd3e01a6256d5fdf0a1fdbb048717587b61

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66ffabca-25b0"
age: 9305
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9648
date: Thu, 10 Oct 2024 18:52:00 GMT
cache-status: stale
last-modified: Fri, 04 Oct 2024 08:48:10 GMT
content-type: image/jpeg

GET
H3 200 telegram-privet-bot-final.jpg
www.occrp.org/processed/containers/assets/investigations/telegram-privet-bot-final.jpg/09da2a26493afcb8f9cb7b68b7636041/ 8 KB
11 B 35ms
34ms Other
image/jpeg 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.occrp.org/processed/containers/assets/investigations/telegram-privet-bot-final.jpg/09da2a26493afcb8f9cb7b68b7636041/telegram-privet-bot-final.jpg
Requested by: Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 221.123.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9e873af33f6116f57ef70a87ab03ec5add9c95ab51c97f3b002bbe0cd5ca7b70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

cache-control: public, max-age=3600, stale-while-revalidate=86400
etag: "66f44498-1ec5"
age: 6909
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7877
date: Thu, 10 Oct 2024 19:31:56 GMT
cache-status: stale
last-modified: Wed, 25 Sep 2024 17:12:56 GMT
content-type: image/jpeg

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/ 541 KB
215 KB 42ms
12ms Script
text/javascript 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&onload=recaptchaInit

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/

Response headers

content-encoding: gzip
age: 35574
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Fri, 10 Oct 2025 11:34:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 10 Oct 2024 11:34:11 GMT
last-modified: Mon, 23 Sep 2024 04:00:50 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 219745
x-xss-protection: 0
server: sffe

GET
H2 200 / Show response
ipapi.co/json/ 767 B
923 B 251ms
227ms Fetch
application/json 2606:4700:20::681a:82c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json/

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:82c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a05720741a81fcf2a2e4e70a84c2c2a7cf406e50e9abf037921229d1edf00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cf-cache-status: DYNAMIC
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4ipEsMe5AzxgpT1FjYzIInSbf%2FpEJlD0ZMhyYUg8c4k1sTwdfnslrFK%2FUNxGEtjhecmbcGa9BtNWEkLqCgcupVxs9ynuBLHyPk7qL3xaOnGqyjtWysmeNerKQFhg47peraBuLLw"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
allow: GET, HEAD, OPTIONS, OPTIONS, POST
cf-ray: 8d09b144abf23734-FRA
referrer-policy: same-origin
access-control-allow-origin: https://www.occrp.org
date: Thu, 10 Oct 2024 21:27:05 GMT
content-type: application/json
vary: Host, origin
server: cloudflare
x-frame-options: DENY

GET
H3 200 Inter-Tight-ca34455f.woff2
www.occrp.org/build/assets/ 44 KB
44 KB 15ms
14ms Font
font/woff2 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/Inter-Tight-ca34455f.woff2

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-b010"
age: 1324
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45072
date: Thu, 10 Oct 2024 21:05:01 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: font/woff2

GET
H3 200 Lora-16a2619b.woff2
www.occrp.org/build/assets/ 37 KB
37 KB 13ms
12ms Font
font/woff2 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/Lora-16a2619b.woff2

Requested by

Host: www.occrp.org
URL: https://www.occrp.org/build/assets/app-4f6483ab.css

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.occrp.org
Referer: https://www.occrp.org/build/assets/app-4f6483ab.css

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-9384"
age: 1324
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37764
date: Thu, 10 Oct 2024 21:05:01 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: font/woff2

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 5030 0
0 76ms
31ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV&co=aHR0cHM6Ly93d3cub2NjcnAub3JnOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=y83x2k25wg8g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QIxCsxDqCnWIPd_SM4ZR_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.occrp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-QIxCsxDqCnWIPd_SM4ZR_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:27:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame D2D8 0
0 88ms
45ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV&co=aHR0cHM6Ly93d3cub2NjcnAub3JnOjQ0Mw..&hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&size=invisible&cb=lxj8dc23br9d

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PCaqWHB4pddKjgks2pCrXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.occrp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-PCaqWHB4pddKjgks2pCrXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:27:05 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon-1bb04160.png
www.occrp.org/build/assets/ 15 KB
15 KB 8ms
8ms Other
image/png 34.149.123.221
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.occrp.org/build/assets/favicon-1bb04160.png

Protocol

Security

QUIC, , AES_128_GCM

Server

34.149.123.221 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

221.123.149.34.bc.googleusercontent.com

Software

Resource Hash

1bb04160e563fc7857e61572b9c0bf364d5c3585e3c3648da4066d37e045efe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.occrp.org/en/investigation/family-of-eccentric-russian-loyal-opposition-leader-owns-millions-in-undeclared-property

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
cache-control: public, max-age=3600,stale-while-revalidate=86400
etag: "6704e23d-3d96"
age: 1082
via: 1.1 google
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15766
date: Thu, 10 Oct 2024 21:09:03 GMT
cache-status: hit
last-modified: Tue, 08 Oct 2024 07:41:49 GMT
content-type: image/png

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 63F6 0
0 23ms
23ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dseJGaF7cwjKVx0gMpd6vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.occrp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dseJGaF7cwjKVx0gMpd6vg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:27:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame C55A 0
0 44ms
19ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=xds0rzGrktR88uEZ2JUvdgOY&k=6LcJaCcqAAAAABi7JEIOq8a87gxQe2w1MHjnjgJV

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/xds0rzGrktR88uEZ2JUvdgOY/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_RkEMoOnNk4fGKlmMfGC-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.occrp.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_RkEMoOnNk4fGKlmMfGC-w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Oct 2024 21:27:06 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-21 04:29:07	Name: _GRECAPTCHA Value: 09AGteOyryeE5VX8V__ZeIByCloMTWLp6gD2rhqbDoGzudp-INZg3kV0oRqdwA1HzeryzBzQCOhQfRyCCMX1n3Myo

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://*.europeanpressprize.com https://europeanpressprize.com
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ipapi.co
nwrte.com
www.google.com
www.gstatic.com
www.occrp.org
2606:4700:20::681a:82c
2606:4700:3037::6815:201a
2a00:1450:4001:81d::2003
2a00:1450:4001:82a::2004
34.149.123.221
11353581a047f5b13afbb18343dc24fb3e4753d14bed8f71c970dbebe287cb90
128710502efe009472856be97582e8579a9d83d02a086f70b377f2756ff9c2ee
16a2619b4d831694734838f42d825eb871ee5160d241900b780ad523404b1c50
1846431a0eed5cd8659373109e430f0925e702d42182d8acfbd6543cf9b2648d
1bb04160e563fc7857e61572b9c0bf364d5c3585e3c3648da4066d37e045efe6
1c8c0bf0c58b816e97b2808b7495122081c39bb56c3b02009e83cd5cbb39d83f
1f769aa4bbddc8e2f23d7a5fe96674654dd9b606d426a25061082867c0cd323b
1fb8ac561ca7bb43a3d330997d75bdf907b4a9d91132556893ad1ba6e0369dc9
3a0d4a2a80193951244b010cd80875fdbab4cbfc2b703d04a89308c05bc5e0e3
3cc2be196dbbfc204abd4ae79af05bd3e01a6256d5fdf0a1fdbb048717587b61
4f6483ab44eea3a35a651c88e81462fbc052b4e600e3a6967a64c3822ae911c8
5ce7210789f7654a3930cc35fa8ceedaa37c2b02515e8df0a08123db2ea56ac0
5eb7f485734ebef07282e96c6d6f22a3ad8c5749398047834ff35900c703a117
6035065de3d6f959c9a062173d4d57377f0d1a3ea24c672d2f119aa6e5f99183
6381a4e89e33aab2f6d81b459e9ad6f8d9c287e365095e769310996f264c625a
66b1e8563776069f9dc65b66ee2d1f43982d429be42aed4beb30277719ae9d7e
6a663053dd76517466e29e76b2b217872a9b0e8c7eb685df9b854fb7dcc1c5a9
71b96af6b787548aa7fb5a14319bf2e9279ed1827efe5b66ec77dc4a4f72399c
722f11c8a969430e04ba1fa7ccec787193078b8ce94417e142abdcb35edec187
7bcb208c19c4431a053390534f734e68c89fd4c52ea75c77a999894e6e9c02c4
8280a4c04f70ca37b6c50006c3d917e39fa01c30fdd8ec6721133b7ec8524be0
8635cb1f53e720094ad3494627fd904246c714272f0aaa563117f2688deaee24
878dc74dac18381834c1c88d6e4304fce9f25223bbb3e17660af76c864a60d37
8eb97a0c5518ad19b287be1a7e02ccadfd892e5b391a3df5464782a487adbe4e
8f1438b2687c893b8da14f74649a0f428e84f96165c5247ae713461d588fa044
94a05720741a81fcf2a2e4e70a84c2c2a7cf406e50e9abf037921229d1edf00b
9625379badd4849610dfe6c15453cdf0c0071264c90eef177307fac094d2aa6c
9e873af33f6116f57ef70a87ab03ec5add9c95ab51c97f3b002bbe0cd5ca7b70
a9609e907ea884e5bd269401a79a3bcb8d69d743bd8d6832950376e3369364b9
ad2550e15057900b0962bd4f904fe1b10e61dcd112b57329074f635f8c33772a
b1382f29e2b771e4dab2fca727020840b5ed253710692c81b21cb81dd9ff6c0e
b5d0fe6268bb7eced7537c4225ce8e86de0589f21046699c896b78a16ef18357
c1692d2cb9ec04d28bd08709a8588ba0c475de644b1de05d5020502b5eade366
c4df3109efdba8d57fcd747e3ad5c83b9061d59b3bdff03320ee3d8381fca9f4
c56847bb3a18a3d80997a31654a4f52ae16ec357bd1f1654deb866471a5c9932
c6d1b77c5b83fc5bd6784d0ac401db94f3dbdc90057f5ee4455bcbbb748201c5
ca176433f08dde3bdcc51e12736556afa02cf293856744cc958e9dbd80179344
ca34455f82a5c81d8111c6a641771c011e95767e64efc8a52f82299896028c57
cf4f5a4fd20e68c500f059545fca666113a4eb2faf1b6b2703115b67d7a5ded5
d23a8553fc90bf4396bda655bec16c9064d834b19db69d72cf7bbda0835547d3
dac40935c6c2eae15288f77ac1b1e9c2927598f0dd45bf65426dbbac45f4dfdb
e56b8d9486e750f2171f738dbaef4e5fc7a3a45dceb2a88b5af523ed339bbcc2
eb6ad5f2c96409e846a7622dd85cb0aec8bb5e24aac6fc52e506fe63bb446363
ecc5533018468a83a70bf2075a8e435a5987f77e1a1e079fb1442da519702244

www.occrp.org Open in urlscan Pro 34.149.123.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

100 %HTTPS

80 %IPv6

5 Domains

5 Subdomains

4 IPs

2 Countries

1457 kBTransfer

3011 kBSize

1 Cookies

40 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.occrp.org Open in urlscan Pro
34.149.123.221 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

100 %
HTTPS

80 %
IPv6

5
Domains

5
Subdomains

4
IPs

2
Countries

1457 kB
Transfer

3011 kB
Size

1
Cookies

52 HTTP transactions
0 data transactions