d3saiyj1nme3gs.cloudfront.net Open in urlscan Pro
2600:9000:25c8:6400:0:4a9a:c300:21  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

• https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922 HTTP 302
• https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922

Request Chain 42

• https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
• https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 43

• https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&c7=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&c7=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&c9=

Request Chain 51

• https://cm.everesttech.net/cm/dd?d_uuid=88315668976888254981855881261701875620 HTTP 302
• https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYGIlQAAAMS-PQN_

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response d3saiyj1nme3gs.cloudfront.net/	130 KB 131 KB	452ms 302ms	Document text/html	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash bcfb93d47b4e67d40ed303baac76920063b4f9c8500bda72c4bf6b5375ad1f2c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control must-revalidate, max-age=9 content-language be content-type text/html; charset=utf-8 date Tue, 19 Dec 2023 12:12:04 GMT expires Tue, 19 Dec 2023 12:12:13 GMT onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/ pragma no-cache server nginx/1.18.0 (Ubuntu) strict-transport-security max-age=31536000 via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-id pvHbO13-LFIrIC2dxrmcpYyGX9MCfiHMk5SW_hbRF41WJqyKbuLwLw== x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 1; mode=block
GET H2	200	RFE-be-BY.css d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/	290 KB 291 KB	307ms 305ms	Stylesheet text/css	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 88146d833397b12fc993c7dd18f0135b77d33d4dd8491900a744313d31a46b56 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Thu, 11 Jan 2024 05:39:31 GMT date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) server nginx/1.18.0 (Ubuntu) x-amz-cf-pop PHL51-P1 onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 content-type text/css x-cache Miss from cloudfront cache-control public, no-transform, max-age=1963647 x-amz-cf-id Otuwn16ysrzlpNkjyNbgXMrAx5NEql2zEuena1gpf5POODY5O6v4mQ== x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	utag.sync.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	3 KB 1 KB	195ms 55ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id MsLd0ENYttoJNN9snQW4N9fSCmBP2oEb content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:11:55 GMT last-modified Thu, 14 Dec 2023 13:08:46 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 10 x-amz-server-side-encryption AES256 etag W/"3f9113fdbc232b35c3b669ac64c6d145" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id FQAhIiwX8cjDmuwdIrsJukcpYHgxDUSYQGbyi0sKK9-J-Izjbh1CQw==
GET H2	200	iframe_api Show response www.youtube.com/	993 B 2 KB	180ms 73ms	Script text/javascript	2607:f8b0:4004:c17::88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::88 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff content-encoding br p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version server ESF x-frame-options SAMEORIGIN vary Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version content-type text/javascript; charset=utf-8 report-to {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]} cache-control private, max-age=0 origin-trial AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* cross-origin-opener-policy-report-only same-origin; report-to="youtube_main" expires Tue, 19 Dec 2023 12:12:04 GMT
GET H2	200	infographics.b Show response d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/	4 KB 4 KB	169ms 167ms	Script application/javascript	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-ua-compatible IE=edge date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) server nginx/1.18.0 (Ubuntu) x-amz-cf-pop PHL51-P1 onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333 content-type application/javascript; charset=utf-8 x-cache Miss from cloudfront cache-control public, no-transform, max-age=1963719 x-amz-cf-id v9pQlkdsb6MulKZh-BDnA9yl0bHs9ej_chXc_Q0yIS5O79Wmk2Zr6Q== content-length 3943 x-xss-protection 1; mode=block expires Thu, 11 Jan 2024 05:40:43 GMT
GET H2	200	loader.b Show response d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/	86 KB 87 KB	200ms 199ms	Script application/javascript	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash bd5d0b1889b5ee3a04a81f46a34adb21e897ad828f6f211901339e0ccc9a45d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Thu, 11 Jan 2024 05:39:56 GMT date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) server nginx/1.18.0 (Ubuntu) x-amz-cf-pop PHL51-P1 onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333 content-type application/javascript; charset=utf-8 x-cache Miss from cloudfront cache-control public, no-transform, max-age=1963672 x-amz-cf-id 9YZ-LnzGrekDyod21WGMfYa4uNNCz1wsuw_EFPktrulQ0XVVY-HUDw== x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	Skolar-Lt_LatnCyrl_v2.4.woff d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/	47 KB 48 KB	166ms 165ms	Font application/font-woff	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e5a124d380589c76f7342e2618e10d6891b42de6355863a048e4e95178a17a7a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/ Origin https://d3saiyj1nme3gs.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 48384 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:23 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id Edmhs75gy0gCkdJ15WLMPp8uuKSLhu-1KL7Yj99PBiGgh3qLgSesew== expires Thu, 18 Jan 2024 12:12:04 GMT
GET H2	200	sectionversioncss d3saiyj1nme3gs.cloudfront.net/api/customization/	100 B 616 B	215ms 214ms	Stylesheet text/css	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/api/customization/sectionversioncss?sectionversionid=8994&cv=5 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash ca40f5d0b456ca8e98c88a741354894f17b2ec2688f4ab174ebf4aea2b87088e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Fri, 29 Dec 2023 05:22:17 GMT date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) server nginx/1.18.0 (Ubuntu) x-amz-cf-pop PHL51-P1 onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/api/customization/sectionversioncss?sectionversionid=8994&cv=5 content-type text/css; charset=utf-8 x-cache Miss from cloudfront cache-control max-age=839413 x-amz-cf-id Gpjkz317DU7OMJ0sSEgAGFt_OB4ftYQfZ13kMaUpEvzpGibg1Qn0iA== x-xss-protection 1; mode=block x-ua-compatible IE=edge
GET H2	200	logo-compact.svg d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/	7 KB 7 KB	186ms 185ms	Image image/svg+xml	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/logo-compact.svg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash c1e922a7fb24f38ec264dd9601cfc6f0a25d8b2dd825b7455c42d4d5273012a5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 6853 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:21 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/RFE/be-BY/img/logo-compact.svg content-type image/svg+xml cache-control public, max-age=127 x-amz-cf-id FqIvJFqqsgFDrlTL2RK5S-gh997j8rYoi3q5jQGvniwOls47I5tHdg== expires Tue, 19 Dec 2023 12:14:11 GMT
GET H2	200	logo.svg d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/	10 KB 10 KB	230ms 230ms	Image image/svg+xml	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/logo.svg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 0d2e85618bd3e13118cdf4a00e9e30b7ac8264516af0bfd5e2a144ae2f017e1d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 10117 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:21 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/RFE/be-BY/img/logo.svg content-type image/svg+xml cache-control public, max-age=783 x-amz-cf-id A-mpkplIII4AwkMmfiCt4f5zpkgM0_py1reUsfLadvmQ68CUaXl3ZA== expires Tue, 19 Dec 2023 12:25:07 GMT
GET H2	200	logo-print.gif d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/	2 KB 3 KB	122ms 122ms	Image image/gif	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/logo-print.gif Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 3277f9329abaf198100e274010c452f0503c03a97a33e3cc2d020e5d69467da7 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 2438 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:21 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/RFE/be-BY/img/logo-print.gif content-type image/gif cache-control public, max-age=1393952 accept-ranges bytes x-amz-cf-id NloOsvS50xAvuC4qZIyAJmC5XDZ9aGQD3TFi9-uWwTeyvfAQQP-avw== expires Thu, 04 Jan 2024 15:24:36 GMT
GET H2	200	logo-print_color.png d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/	6 KB 6 KB	119ms 119ms	Image image/png	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/img/logo-print_color.png Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 564d109b90bf1ae98cf1a40069984105813c752edb8be3ff819e0aef11731e96 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 5757 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:21 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/RFE/be-BY/img/logo-print_color.png content-type image/png cache-control public, max-age=129 accept-ranges bytes x-amz-cf-id cNimSztiwwTR0h7J7iU_w8CsL_-F-E3BQfiRzG_Es7f47TZ6FZvfJg== expires Tue, 19 Dec 2023 12:14:13 GMT
GET H2	200	OneSignalSDK.js Show response cdn.onesignal.com/sdks/	9 KB 3 KB	107ms 43ms	Script application/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalSDK.js Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 419 etag W/"a87c48d211877c49b878679b2e3cdab8" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 837f8d425850dad5-MIA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Fri, 22 Dec 2023 12:12:04 GMT
GET H2	200	conf.js Show response d3saiyj1nme3gs.cloudfront.net/	5 KB 6 KB	146ms 145ms	Script application/javascript	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/conf.js?x=333 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 5e125ff2718236f47df674b8001d75ae53f9e15c3fc5b060ccb84487c935a2f5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 5551 x-xss-protection 1; mode=block x-ua-compatible IE=edge server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/conf.js?x=333 content-language be content-type application/javascript cache-control public, max-age=1963583 x-amz-cf-id Eodi75LkC3n9Vha-m2j7PWdYNHPrany-wTdBHH0OVW5qo8ZWCb5aww== expires Thu, 11 Jan 2024 05:38:27 GMT
GET H2	200	www-widgetapi.js Show response www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/	216 KB 67 KB	54ms 52ms	Script text/javascript	2607:f8b0:4004:c17::88 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: https://www.youtube.com/iframe_api Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c17::88 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 11:41:52 GMT content-encoding br x-content-type-options nosniff age 1812 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68553 x-xss-protection 0 last-modified Wed, 13 Dec 2023 02:47:51 GMT server sffe vary Accept-Encoding, Origin report-to {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="youtube" expires Wed, 18 Dec 2024 11:41:52 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	286 KB 89 KB	168ms 61ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1a7e1280d5e12b7f6db07254712730f8329cb6af69e06f4f0a2e11da57a2d683 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 91219 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Tue, 19 Dec 2023 12:12:04 GMT
GET H2	200	utag.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	103 KB 31 KB	64ms 63ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id ktuod7oUGQ1iM5mrE4cEesdd9KazSkhI content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:10:44 GMT last-modified Thu, 14 Dec 2023 13:08:46 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 128 x-amz-server-side-encryption AES256 etag W/"3b5d35e0a59e2ad66782cf5411d15344" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=300 x-amz-cf-id CVS3gXfFiX68-030MEB6eczf7Dm_uSjdSup2HT3ssU9WgLH9ASaiHA==
GET H2	200	SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/	40 KB 41 KB	124ms 123ms	Font application/font-woff	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Origin https://d3saiyj1nme3gs.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 41216 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Wed, 04 Oct 2023 11:09:23 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id 2dsnKoGioGbH6akHBvSPMJyDmd9p68HEJY9CS3PlOFxDc0raZJ4HWQ== expires Thu, 18 Jan 2024 12:12:04 GMT
GET H2	200	icons-font-1698069833780.woff d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/	18 KB 19 KB	119ms 119ms	Font application/font-woff	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/fonts/icons-font-1698069833780.woff Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Origin https://d3saiyj1nme3gs.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 18624 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Fri, 10 Nov 2023 12:29:28 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/fonts/icons-font-1698069833780.woff content-type application/font-woff cache-control public, max-age=2592000 accept-ranges bytes x-amz-cf-id WElFovWGdXYtWMNTTHxHF3_OGTKm7Esmf5rECJ1oUHLmD3yeiIsBWQ== expires Thu, 18 Jan 2024 12:12:04 GMT
GET H2	200	image-placeholder.svg d3saiyj1nme3gs.cloudfront.net/Content/responsive/img/	709 B 1 KB	134ms 133ms	Image image/svg+xml	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/img/image-placeholder.svg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/Content/responsive/RFE/be-BY/RFE-be-BY.css?&av=0.1.0.0&cb=333 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 709 x-xss-protection 1; mode=block x-ua-compatible IE=edge last-modified Mon, 08 Aug 2022 13:53:08 GMT server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/Content/responsive/img/image-placeholder.svg content-type image/svg+xml cache-control public, max-age=1515955 x-amz-cf-id rvE7UDFgPTzhcVdvhudUkXB1vwoNUAFqliY1T8BP0Siag7UmGy37Ow== expires Sat, 06 Jan 2024 01:17:59 GMT
GET H2	200	res Show response d3saiyj1nme3gs.cloudfront.net/	48 KB 48 KB	208ms 207ms	Script application/javascript	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash 7d5ec099ba5fea4289e3dbb06785bf8c4c67b4d863bd9eb54912f8fe7b1f92e4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 48741 x-xss-protection 1; mode=block x-ua-compatible IE=edge server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20 content-language be content-type application/javascript; charset=utf-8 cache-control public, no-transform, max-age=1964911 x-amz-cf-id NcB-z7BGFZmSrexgi4uS7I4jMueOr2eXod83X4iWh1IV8LdCmueL5w== expires Thu, 11 Jan 2024 06:00:36 GMT
GET H2	200	01000000-0aff-0242-375c-08db9743b0a2_cx0_cy10_cw0_w408_r1.jpg d1yfjy5zvnysug.cloudfront.net/	38 KB 38 KB	762ms 618ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-0aff-0242-375c-08db9743b0a2_cx0_cy10_cw0_w408_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash ad7ad4f52318822ba6200a83021b173f6b554019c71a6b1a1f768b61f8aa15f8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Tue, 19 Dec 2023 07:04:15 GMT server Akamai Image Manager x-amz-cf-pop PHL51-P1 etag "69787" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2573457 content-length 38640 x-amz-cf-id 8yS9ZB6yvGIha8OguO25YAbHP9nZ9Ut2ztD2wrN-9IqDCasivXhRTA== expires Thu, 18 Jan 2024 07:03:02 GMT
GET H2	200	01000000-0aff-0242-c2ff-08db935343a7_cx6_cy5_cw81_w144_r1.jpeg d1yfjy5zvnysug.cloudfront.net/	5 KB 6 KB	849ms 705ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-0aff-0242-c2ff-08db935343a7_cx6_cy5_cw81_w144_r1.jpeg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 5681a759d60633639a94e3c6fc776135cc9ee70d721104a62c6205c13c9bfd27 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 18:06:53 GMT server Akamai Image Manager x-amz-cf-pop PHL51-P1 etag "12006" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2526986 content-length 5390 x-amz-cf-id -MA20gGAnrAcppv6POaxxn5Fak65CA0ugCOQ9nZR7QSK8ZKaH3wNZQ== expires Wed, 17 Jan 2024 18:08:31 GMT
GET H2	200	01000000-0a00-0242-ce71-08dbffdef776_w144_r1.jpg d1yfjy5zvnysug.cloudfront.net/	5 KB 5 KB	1036ms 892ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-0a00-0242-ce71-08dbffdef776_w144_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 5eef066b4a042d6864929574006335b83d9be32f869d94c767c67f0a69295218 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 16:55:39 GMT server Akamai Image Manager x-serial 1674 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "11696" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2522540 content-length 5180 x-amz-cf-id 7A0xajfxa_2HVvx8oHPg-0sY6WiPMWgqn0cH39zpFhidb1Nf8Bf5Og== expires Wed, 17 Jan 2024 16:54:25 GMT
GET H2	200	01000000-0aff-0242-9fd9-08dbff9f4e1e_w144_r1.jpg d1yfjy5zvnysug.cloudfront.net/	4 KB 5 KB	387ms 243ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-0aff-0242-9fd9-08dbff9f4e1e_w144_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash feb9eda9ed8743608f0365fe5e2f8484b0c5ad22598112b16c9822f2a6cfdba4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 11:10:18 GMT server Akamai Image Manager x-amz-cf-pop PHL51-P1 etag "7709" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2501957 content-length 4479 x-amz-cf-id cDFOGlRnkA5nCQUXU1gyNCGqBbEgexqg10PPNe8KO6lANaiVHgEZIw== expires Wed, 17 Jan 2024 11:11:22 GMT
GET H2	200	12D21AAA-DB60-45CD-899C-2618AEE3D50D_w408_r1.jpg d1yfjy5zvnysug.cloudfront.net/	23 KB 23 KB	798ms 655ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/12D21AAA-DB60-45CD-899C-2618AEE3D50D_w408_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 72d86bfc9371098359b64169d903772a1a2fb270eee88fb9a7f0d34b75a1ce40 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 08:37:55 GMT server Akamai Image Manager x-serial 1988 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "42247" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2492756 content-length 23059 x-amz-cf-id 3y_OvzCOdzqpKVLjfUOMdqXltNmATdr8aZL2RLBdRUjUpRU_PxQ9yg== expires Wed, 17 Jan 2024 08:38:01 GMT
GET H2	200	01000000-c0a8-0242-6d04-08dbf584b24a_w144_r1.png d1yfjy5zvnysug.cloudfront.net/	4 KB 4 KB	394ms 250ms	Image image/png	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-c0a8-0242-6d04-08dbf584b24a_w144_r1.png Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 2e2a1d49db995e2417c3be8ab918de0bd938961cae3223d10edf208b9917b6b1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 04:07:12 GMT server Akamai Image Manager x-serial 214 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "3686" x-cache Miss from cloudfront content-type image/png cache-control private, no-transform, max-age=2476451 content-length 3686 x-amz-cf-id 9rohA4dDnk2-YmT_RK2bWM7pCM-xx5CS9ALbh3cCgJvGzCB-ZEHodg== expires Wed, 17 Jan 2024 04:06:16 GMT
GET H2	200	08530000-0a00-0242-bad7-08db08e5a3ae_w144_r1.jpg d1yfjy5zvnysug.cloudfront.net/	4 KB 4 KB	818ms 675ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/08530000-0a00-0242-bad7-08db08e5a3ae_w144_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 4af648f12a370bbed0a047201ff454238d3d662c112618abfe746e8477911cbc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 07:59:34 GMT server Akamai Image Manager x-serial 499 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "6313" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2490482 content-length 4171 x-amz-cf-id OzKknN2h0AP9KUXaFbccr4XJtwDa4YG7vkJwLtJGvZ50_47ch4zvWQ== expires Wed, 17 Jan 2024 08:00:07 GMT
GET H2	200	01000000-0aff-0242-a7c1-08dbffabbcde_w144_r1.jpg d1yfjy5zvnysug.cloudfront.net/	4 KB 5 KB	1233ms 1090ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/01000000-0aff-0242-a7c1-08dbffabbcde_w144_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 2fc831971d71ef04ea5147691a15082f2fbf8c6e8896e2782934364c7d72759f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:06 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 13:08:08 GMT server Akamai Image Manager x-serial 410 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "7652" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2509015 content-length 4560 x-amz-cf-id ND2jXsnidsHNbpApUXA01eryY8cmuSGskm_DgvEey1dCcfC5sdfCZg== expires Wed, 17 Jan 2024 13:09:01 GMT
GET H2	200	05025b78-aff9-4f25-8585-742b1f7d44fd_w144_r1.jpg d1yfjy5zvnysug.cloudfront.net/	7 KB 7 KB	1029ms 886ms	Image image/jpeg	2600:9000:25c8:4200:b:d522:6200:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d1yfjy5zvnysug.cloudfront.net/05025b78-aff9-4f25-8585-742b1f7d44fd_w144_r1.jpg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:4200:b:d522:6200:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Akamai Image Manager / Resource Hash 462da027391db5395c2367d7c6d93b48c8ae0748810229ee6afc6f452d04cd13 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 via 1.1 7e50e11b37fc55ad87bf48e905b770a0.cloudfront.net (CloudFront) last-modified Mon, 18 Dec 2023 12:52:45 GMT server Akamai Image Manager x-serial 1883 x-check-cacheable YES x-amz-cf-pop PHL51-P1 etag "11374" x-cache Miss from cloudfront content-type image/jpeg cache-control private, no-transform, max-age=2508034 content-length 7078 x-amz-cf-id hKDWMLBWzAeXXU5shkVdld2Jtn545wDMfKOlDdBpvwkAgJBXqPL13w== expires Wed, 17 Jan 2024 12:52:39 GMT
GET H2	200	utag.53.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	2 KB 1 KB	55ms 55ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5e0ae38ad10707a4befaecb8ff5374a2a171ebf91ff5354c7c6c4105e577a731 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id atE4zcpCtIUIdoPuOD3xxc_B35_nmcb0 content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:11:27 GMT last-modified Thu, 14 Dec 2023 13:08:45 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 38 x-amz-server-side-encryption AES256 etag W/"1e22013109dac0e96c0c2b6a831a3dde" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id gEu2323DNbWv4s7in_pu9_AwzT3ineGWzFtVxs4Vet7ai_mz3wPSqg==
GET H2	200	rd Show response dpm.demdex.net/id/ Redirect Chain https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922 https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922	362 B 920 B	54ms 54ms	XHR application/json	54.86.156.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Server 54.86.156.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-86-156-123.compute-1.amazonaws.com Software / Resource Hash a23c21c17130d508392e7cccc06e7176b7cd780bb32b85ee6a99c2f556357dd3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-va6-2-v053-066e48067.edge-va6.demdex.com 2 ms pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000; includeSubDomains content-encoding gzip x-tid /9xy9oRBQDc= vary Origin content-type application/json;charset=utf-8 p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" access-control-allow-origin https://d3saiyj1nme3gs.cloudfront.net cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 307 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-va6-1-v053-0c06c0e72.edge-va6.demdex.com 0 ms pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid ydbW78umRDs= vary Origin p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702987924922 access-control-allow-origin https://d3saiyj1nme3gs.cloudfront.net cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private access-control-allow-credentials true content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	utag.72.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	85 KB 23 KB	72ms 69ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202312122139 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 9gH2UWQSXg.fEs3vi8QBv0Yy3Zc2Xm.j content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:10:47 GMT last-modified Thu, 14 Dec 2023 13:08:44 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 78 x-amz-server-side-encryption AES256 etag W/"4b302efc5b38e5b3f50431325b1802a4" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id eTHya3iPI3JEE_gmRMc9W4qVdG44skD_63LLlylEjYkN1sBK51I1jg==
GET H2	200	utag.24.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	10 KB 4 KB	58ms 56ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 95819cf37147353756390501608f3df0681483952d3770ef10c632569f95546c Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id qGh9SgqeSN7NcKX7JubgK7AX4P85g_b7 content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:09:29 GMT last-modified Thu, 14 Dec 2023 13:08:44 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 170 x-amz-server-side-encryption AES256 etag W/"35bea2f2df46c45975e9d556fdb30485" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id oT6IbPlJmVngHCce4XaYJNmEgAkSnPbSWNORBlB_WLKLeRc3_C1ObQ==
GET H2	200	utag.7.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	607 B 1 KB	59ms 57ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id MFRvDMha7pw77iq_14RzZbP.bsM2IlF8 date Tue, 19 Dec 2023 12:08:39 GMT via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C2 age 206 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 607 last-modified Thu, 14 Dec 2023 13:08:45 GMT server AmazonS3 etag "b04c2a096a5d839a6fb21261392ba882" vary Accept-Encoding content-type application/javascript cache-control max-age=1296000 accept-ranges bytes x-amz-cf-id PPZkL-HiAyAt7tIh-1NTnwup878K0OkQ9dwSkKLPh6XAgu7ECuPFjw==
GET H2	200	utag.4.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	55 KB 17 KB	68ms 66ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id nMiMcodGGXZuDEOr_LkuOTdEG1s4..Nc content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:07:37 GMT last-modified Thu, 14 Dec 2023 13:08:44 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 268 x-amz-server-side-encryption AES256 etag W/"6a5e55f6c53de2c5fad8f6eaefc225c6" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id XdhtMjdYIsv4fijRniafqEBE63oxjspYvExFqW09OO2sUL82wYjeqQ==
GET H2	200	utag.73.js Show response tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/	4 KB 2 KB	71ms 70ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id j5H5BcarJL3JyoJ9vTyZM7tpL83fYq5U content-encoding br via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) date Tue, 19 Dec 2023 12:09:12 GMT last-modified Thu, 14 Dec 2023 13:08:45 GMT server AmazonS3 x-amz-cf-pop IAD79-C2 age 173 x-amz-server-side-encryption AES256 etag W/"bd506405154704ba3ad1b776f24dd192" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=1296000 x-amz-cf-id 0Q3_1oD9wX1pIzRO3qUTdvOtprH3x48Aw7NfOl3_Z1sb64xPgV9RMQ==
GET H2	200	OneSignalPageSDKES6.js Show response cdn.onesignal.com/sdks/	284 KB 68 KB	42ms 41ms	Script application/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:04 GMT via 1.1 google content-encoding br cf-cache-status HIT server cloudflare strict-transport-security max-age=15552000; includeSubDomains age 415 etag W/"e3be409ac3c100e2a5d3f264ec260551" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 837f8d42d8e3dad5-MIA access-control-allow-headers OneSignal-Subscription-Id alt-svc h3=":443"; ma=86400 expires Fri, 22 Dec 2023 12:12:04 GMT
GET H2	200	chartbeat_mab.js Show response static.chartbeat.com/js/	24 KB 10 KB	260ms 114ms	Script application/x-javascript	2600:9000:24f3:2400:18:1fcd:353:c61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_mab.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f3:2400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 19:53:42 GMT content-encoding gzip via 1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront) last-modified Thu, 14 Dec 2023 01:53:37 GMT server nginx x-amz-cf-pop IAD55-P2 age 58703 etag W/"657a6021-5f55" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id ZiFdBvpr2HFnHZLtYbKVIRbJ_nvnrF-lYOyvnCi_2yR62hsk7uPo5A== expires Tue, 19 Dec 2023 19:53:42 GMT
GET H2	200	0255.js Show response script.crazyegg.com/pages/scripts/0026/	6 KB 3 KB	108ms 37ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0026/0255.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip cf-cache-status HIT age 542 cf-polished origSize=6157 ce-version 11.5.160 cf-bgj minify last-modified Tue, 19 Dec 2023 12:03:02 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 837f8d43a8c34c14-MIA
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 54 KB	204ms 68ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 19 Dec 2023 12:12:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug n05GIXiBbIvKe4kG9XMrl3/td+A8GroO4VWS9bOJM8reD/iHCbO5sORAqXVMojFQ8qpq25768Ei4csJEOW1sxA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	chartbeat_video.js Show response static.chartbeat.com/js/	71 KB 24 KB	184ms 62ms	Script application/x-javascript	2600:9000:24f3:2400:18:1fcd:353:c61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.chartbeat.com/js/chartbeat_video.js Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:24f3:2400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 19:53:17 GMT content-encoding gzip via 1.1 bdf2aab533e801e16a7a135842a2ee18.cloudfront.net (CloudFront) last-modified Thu, 14 Dec 2023 01:53:13 GMT server nginx x-amz-cf-pop IAD55-P2 age 58728 etag W/"657a6009-11b4f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/x-javascript cache-control max-age=86400 cross-origin-resource-policy cross-origin x-amz-cf-id Wi7b6tVgQPxNt12nTkVr9NudFPJx0wUlHJR8BoEyiYAR5DidWTYayQ== expires Tue, 19 Dec 2023 19:53:16 GMT
GET H2	200	web Show response onesignal.com/api/v1/sync/8d26e48b-b4f5-4d6b-9008-6586a0651963/	5 KB 2 KB	200ms 192ms	Script text/javascript	2606:4700::6812:d63b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://onesignal.com/api/v1/sync/8d26e48b-b4f5-4d6b-9008-6586a0651963/web?callback=__jp0 Requested by Host: cdn.onesignal.com URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 598e3a276a519582f6a43873d4371bfac4aa212d06c01b43b2ea6acc66d78816 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT via 1.1 google x-content-type-options nosniff cf-cache-status EXPIRED content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=15552000; includeSubDomains alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block x-request-id bc22bd56-e51f-4f83-a458-2495d841303d x-runtime 0.030276 referrer-policy strict-origin-when-cross-origin server cloudflare etag W/"598e3a276a519582f6a43873d4371bfa" x-download-options noopen vary Origin, Accept-Encoding x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=3600 cf-ray 837f8d437972dad5-MIA access-control-allow-headers SDK-Version expires Tue, 19 Dec 2023 13:12:05 GMT
GET H2	200	cs.js Show response sb.scorecardresearch.com/internal-c2/default/ Redirect Chain https://sb.scorecardresearch.com/c2/6035794/cs.js https://sb.scorecardresearch.com/internal-c2/default/cs.js	0 383 B	55ms 54ms	Script application/javascript	18.238.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/internal-c2/default/cs.js Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Server 18.238.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-74.phl51.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 03:59:39 GMT via 1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront) last-modified Mon, 03 Jul 2023 14:48:48 GMT server AmazonS3 x-amz-cf-pop PHL51-P1 age 29553 x-amz-server-side-encryption AES256 etag "d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 accept-ranges bytes content-length 0 x-amz-cf-id 09zF4jIQb8ehyONNhj6X0VRb3vi02T3rt0p_IPgcjdMWvB2FZW2SXA== Redirect headers date Tue, 19 Dec 2023 12:12:05 GMT via 1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront location /internal-c2/default/cs.js content-length 0 x-amz-cf-id XWt1k8uDsvFxW28Oz8TO3URJYvkuUn3Bfk62ZqEco-IeaNh_Lxnjww==
GET H2	204	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D1... https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D...	0 226 B	58ms 58ms	Image text/plain	18.238.4.74 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&c7=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&c9= Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Server 18.238.4.74 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-238-4-74.phl51.r.cloudfront.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT via 1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop PHL51-P1 x-amz-cf-id sYwpLwkE8ynViXjSXy77faNP1DkM1qPPknGrT2cZASQSS20iOWDKxA== x-cache Miss from cloudfront Redirect headers date Tue, 19 Dec 2023 12:12:05 GMT via 1.1 1d4079b9c92abe0dba6581682966e934.cloudfront.net (CloudFront) accept-ch UA, Platform, Arch, Model, Mobile x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront location /b2?c1=2&c2=6035794&ns__t=1702987925019&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%9F%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%91%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&c7=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&c9= content-length 0 x-amz-cf-id 1C2nWFcQC1A5XP0iJYMvaiU4-M44WF2WtisOv6jizeUexIiy7_ygJA==
GET H2	200	utag.v.js Show response tags.tiqcdn.com/utag/tiqapp/	2 B 431 B	55ms 55ms	Script application/javascript	2600:9000:20e2:2600:7:2bfb:7c00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202312141307&cb=1702987925037 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20e2:2600:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id 2XUX04X5QEw0.xFya64khU._sHTRl_Pz date Tue, 19 Dec 2023 12:05:23 GMT via 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront) x-amz-cf-pop IAD79-C2 age 403 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2 last-modified Sat, 11 Mar 2023 06:57:46 GMT server AmazonS3 etag "7bc0ee636b3b83484fc3b9348863bd22" vary Accept-Encoding content-type application/javascript cache-control max-age=300 accept-ranges bytes x-amz-cf-id bVAD5h9y1ZRd7fb2qs581s_2rrBzLYjExlG9kF980uWJA4Ia_K7whw==
GET H2	200	d3saiyj1nme3gs.cloudfront.net.json Show response script.crazyegg.com/pages/data-scripts/0026/0255/site/	111 KB 7 KB	311ms 255ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d3saiyj1nme3gs.cloudfront.net.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0026/0255.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f0e7931dd44402c12a4adbbc33e2870b9f66cca2f2dddec722642e2ed466ec1 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 19 Dec 2023 12:12:05 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.160 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 837f8d446a7525e3-MIA content-length 7018
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	229ms 222ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 7b2e2321431dbf73264849c69fcc8de4dd05b54d5471051c9655d451794e82ec Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 19 Dec 2023 12:12:05 GMT content-md5 l5f9eEvwBMrnIgHevgLZJA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 reporting-endpoints x-fb-debug SYvBI2ZeEt6u/x6AMsObaDoCLfRZW7J8zgPQj8tW+uFBNBMtkkG4Z4ej3raVE+K4la4M5H1Pzb6+BMeJOaKuvg== x-fb-content-md5 5b8154a4759e47a4e278bd625ed8a0c4 cross-origin-opener-policy same-origin-allow-popups etag "174fbb8f09758e19b58eeee298f089c6" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Tue, 19 Dec 2023 12:15:30 GMT
GET H2	200	hljson Show response d3saiyj1nme3gs.cloudfront.net/	1 KB 2 KB	115ms 114ms	XHR application/json	2600:9000:25c8:6400:0:4a9a:c300:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3saiyj1nme3gs.cloudfront.net/hljson Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:25c8:6400:0:4a9a:c300:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash b6f85b8886b43ef46191ef65c087b8491ba4a0ff11a147a6e5bcf878055f31cc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 e887b311f5a4e2b9f32ce96feeb041ca.cloudfront.net (CloudFront) x-amz-cf-pop PHL51-P1 x-cache Miss from cloudfront content-length 1468 x-xss-protection 1; mode=block x-ua-compatible IE=edge pragma no-cache server nginx/1.18.0 (Ubuntu) onion-location https://www.svabodmmmsdce3rmzoor5cw3byj6rqss4q6bh2yfhux2dbmobnpg5ead.onion/hljson content-language be content-type application/json; charset=utf-8 cache-control max-age=163 x-amz-cf-id PmpPCu3tfBkUe7BWRnj0z6s2ekbbr_CNzU0LI9pRoMCoaCJje3nuzg== expires Tue, 19 Dec 2023 12:14:48 GMT
GET H2	200	element.js Show response translate.google.com/translate_a/	88 KB 31 KB	343ms 86ms	Script text/javascript	2607:f8b0:4004:c06::66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c06::66 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 32d4262f7229eba89588f1142a64d51e1afa73bf23a44f01d3b609380edea849 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip x-content-type-options nosniff server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	dest5.html Show response bbg.demdex.net/ Frame 1169	7 KB 3 KB	58ms 52ms	Document text/html	54.86.156.123 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bbg.demdex.net/dest5.html?d_nsid=0 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.86.156.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-86-156-123.compute-1.amazonaws.com Software / Resource Hash 7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-encoding gzip content-type text/html;charset=UTF-8 date Tue, 19 Dec 2023 12:12:05 GMT dcs dcs-prod-va6-1-v053-0740ee61b.edge-va6.demdex.com 0 ms expires Thu, 01 Jan 1970 00:00:00 UTC last-modified Sun, 12 Nov 2023 19:58:55 GMT p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" pragma no-cache strict-transport-security max-age=31536000; includeSubDomains vary accept-encoding x-tid g+nVyEZXS+4=
GET H2	200	id Show response bbg.sc.omtrdc.net/	2 B 277 B	280ms 55ms	XHR application/x-javascript	63.140.38.232 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=88358983245965681291859432319821035903&ts=1702987925164 Requested by Host: tags.tiqcdn.com URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.38.232 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ip-63-140-38-232.data.adobedc.net Software jag / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Tue, 19 Dec 2023 12:12:05 GMT x-content-type-options nosniff server jag vary Origin content-type application/x-javascript;charset=utf-8 access-control-allow-origin https://d3saiyj1nme3gs.cloudfront.net p3p CP="This is not a P3P policy" cache-control no-cache, no-store, max-age=0, no-transform, private access-control-allow-credentials true content-length 2 x-xss-protection 1; mode=block
GET H2	200	ibs:dpid=411&dpuuid=ZYGIlQAAAMS-PQN_ dpm.demdex.net/ Redirect Chain https://cm.everesttech.net/cm/dd?d_uuid=88315668976888254981855881261701875620 https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYGIlQAAAMS-PQN_	42 B 717 B	55ms 54ms	Image image/gif	54.86.156.123 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYGIlQAAAMS-PQN_ Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Server 54.86.156.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-86-156-123.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers dcs dcs-prod-va6-1-v053-0745308f9.edge-va6.demdex.com 2 ms pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid KHc/gxnST+k= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers Location https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZYGIlQAAAMS-PQN_ Date Tue, 19 Dec 2023 12:12:05 GMT Cache-Control no-cache Server AMO-cookiemap/1.1 Connection keep-alive Content-Length 0 P3P CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
GET H2	200	ping ping.chartbeat.net/	43 B 201 B	227ms 53ms	Image image/gif	44.206.78.90 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ping.chartbeat.net/ping?h=rferl.belarus&p=%2F&u=CFNhsXHz87C9AXo-&d=d3saiyj1nme3gs.cloudfront.net&g=62557&g0=%D1%80%D0%B0%D0%B4%D1%8B%D1%91%20%D1%81%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=5653&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&b=1258&t=Bn13MKBjWgf5DHoFmzCrCcaxCmZDpt&V=142&i=%D0%A0%D0%B0%D0%B4%D1%8B%D1%91%20%D0%A1%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0&tz=600&sn=1&sv=BvmfrIDHZ55ysmMC-BrHuBZm2IJX&sr=external&sd=1&im=061b2ff3&_ Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.206.78.90 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-206-78-90.compute-1.amazonaws.com Software / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-type image/gif pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-length 43 expires 0
GET H2	200	/ Show response mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/	173 B 502 B	206ms 67ms	XHR application/json	2a04:4e42:200::714 FASTLY
General Check archive.org Show headers Download Go to Full URL https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.belarus&domain=d3saiyj1nme3gs.cloudfront.net&path=%2F Requested by Host: static.chartbeat.com URL: https://static.chartbeat.com/js/chartbeat_mab.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:200::714 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7d36ff10035280cb135d62c99ac060b69a0af3f5d519249f819f34e4d70b9a33 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-cache-hits 0 date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip via 1.1 varnish (Varnish/6.0), 1.1 varnish age 0 x-cache MISS cross-origin-resource-policy cross-origin content-length 144 x-served-by cache-mia-kmia1760028-MIA x-timer S1702987925.397091,VS0,VE41 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding content-type application/json access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0, s-maxage=0 accept-ranges bytes expires Sun, 17 Dec 2023 12:12:05 GMT
GET H2	200	644944113733951 Show response connect.facebook.net/signals/config/	135 KB 35 KB	157ms 155ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/644944113733951?v=2.9.138&r=stable&domain=d3saiyj1nme3gs.cloudfront.net Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 118c160b41b444b51876cf3025450df2ab23dcb4caeda96a65aaf55504eb3b80 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Tue, 19 Dec 2023 12:12:05 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug shKDJQk4vDjmboA3E/QRVcI30NDOcJ6r/2qzNNqFV1hugrRtS0t3DlGZMgvNAfUUgBRtamRlChcJ1ASODSpIrQ== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	all.js Show response connect.facebook.net/en_US/	299 KB 84 KB	138ms 68ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=23c4e62d10702ae6b9a4235343d01de8 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 019d4573b54f97066ca7035bc07caa213aed4667856163a4aabcf9e86c0f993d Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://d3saiyj1nme3gs.cloudfront.net/ Origin https://d3saiyj1nme3gs.cloudfront.net accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Tue, 19 Dec 2023 12:12:05 GMT content-md5 w/2lui2tL+xxhjF7P02weA== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 86309 reporting-endpoints x-fb-debug usykSkK9WfhxymdNsOxl+82wAV3cUTPt1HWei989TVHUvOLoVD0QMfGZn81T3yhZ3GlW/UKmsciEw+xKMB/YWw== x-fb-content-md5 e82c68db8f65303cd05d1df2210a5ef4 cross-origin-opener-policy same-origin-allow-popups etag "bc2a38f14c02df7eb7ad9e26c755cb49" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Wed, 18 Dec 2024 10:55:20 GMT
GET H2	200	aa11c6ba4e87d897b23473b84559fbe8.js Show response script.crazyegg.com/pages/versioned/commontransformations-scripts/	138 KB 46 KB	36ms 35ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0026/0255.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 11 Dec 2023 19:16:01 GMT server cloudflare age 71758 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 837f8d45fb534c14-MIA content-length 46770
GET H2	200	s46830840562372 ssc.svaboda.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/	43 B 372 B	384ms 57ms	Image image/gif	63.140.38.178 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://ssc.svaboda.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s46830840562372?AQB=1&ndh=1&pf=1&t=19%2F11%2F2023%202%3A12%3A5%202%20600&sdid=05457D055816C106-14D9C9DEBB44B482&mid=88358983245965681291859432319821035903&aamlh=7&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Abel%3Ar%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D1%8B%D1%91%20%D1%81%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%BF%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%B1%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&g=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&cc=USD&ch=%2F&server=d3saiyj1nme3gs.cloudfront.net&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&v4=index&v5=%D1%80%D0%B0%D0%B4%D1%8B%D1%91%20%D1%81%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0&v6=%D1%80%D0%B0%D0%B4%D1%8B%D1%91%20%D1%81%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%BF%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%B1%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&v13=halounaja-staronka&v15=belarusian&v16=rferl%20belarusian&v17=responsive&v20=yes&v21=homepage&v23=88358983245965681291859432319821035903&v24=018c81fd85ad0018ce2de087a92b03074002606c00b08&v25=rfe&v27=RFERL%20Belarusian%20Responsive&v29=d3saiyj1nme3gs.cloudfront.net&v30=423&v31=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&v32=rfe%3Abel%3Ar%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D1%8B%D1%91%20%D1%81%D0%B2%D0%B0%D0%B1%D0%BE%D0%B4%D0%B0.%20%D0%BF%D0%B0%D0%B4%D0%B7%D0%B5%D1%96%20%D0%B1%D0%B5%D0%BB%D0%B0%D1%80%D1%83%D1%81%D1%96&v36=8.28.0.0.333&v38=homepage&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v82=view&v85=halounaja-staronka&v100=2023-12-19%3A02.12%3A-10.00&v101=Pacific%2FHonolulu&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1 Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 63.140.38.178 , United States, ASN14618 (AMAZON-AES, US), Reverse DNS ip-63-140-38-178.data.adobedc.net Software jag / Resource Hash a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Tue, 19 Dec 2023 12:12:05 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff last-modified Wed, 20 Dec 2023 12:12:05 GMT server jag etag 3657138722910076928-4617921968279503820 vary * p3p CP="This is not a P3P policy" access-control-allow-origin * content-type image/gif;charset=utf-8 cache-control no-cache, no-store, max-age=0, no-transform, private content-length 43 x-xss-protection 1; mode=block expires Mon, 18 Dec 2023 12:12:05 GMT
GET H2	200	d3saiyj1nme3gs.cloudfront.net.json Show response script.crazyegg.com/pages/data-scripts/0026/0255/sampling/	8 KB 2 KB	86ms 85ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d3saiyj1nme3gs.cloudfront.net.json?t=473052 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e46c7a5b64630191d045c4b230d964f642cb99085be7c5b6894967c14fa44be Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 12:12:05 GMT content-encoding gzip cf-cache-status MISS last-modified Tue, 19 Dec 2023 12:12:05 GMT server cloudflare vary Accept-Encoding content-type application/json ce-version 11.5.160 access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 837f8d465ca925e3-MIA content-length 1495
GET H2	200	m=el_main_css www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/	22 KB 5 KB	161ms 53ms	Stylesheet text/css	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 71ca2652e2b3ffd3c0ec966958604714ce6c7af01d961b44adc438518eb58cb3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 14:35:56 GMT content-encoding gzip x-content-type-options nosniff age 77769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4144 x-xss-protection 0 last-modified Sat, 15 Jul 2023 01:09:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 17 Dec 2024 14:35:56 GMT
GET H2	200	m=el_main Show response translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/	255 KB 88 KB	160ms 52ms	Script text/javascript	2607:f8b0:4004:c08::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=ABA/d=1/exm=el_conf/ed=1/rs=AN8SPfrvbbcZU1RihXJkoY3v7Q0tCTxd2A/m=el_main Requested by Host: URL: /_/translate_http/_/js/k=translate_http.tr.en_US.hc8uh1cZYeo.O/am=AAM/d=1/rs=AN8SPfpMcQB0gfUlmrjJQl2ZicoDMkCotQ/m=el_conf Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e826524250716c7e17af91c57cdf9931686c4531fbe187e37cd5375886eab07c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 14:35:56 GMT content-encoding gzip x-content-type-options nosniff age 77769 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 89479 x-xss-protection 0 last-modified Wed, 06 Dec 2023 14:12:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="rosetta" vary Accept-Encoding report-to {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 17 Dec 2024 14:35:56 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	218ms 80ms	Image text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=644944113733951&ev=PageView&dl=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&rl=&if=false&ts=1702987925553&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.2.1702987925551.2040819207&ler=empty&it=1702987925364&coo=false&rqm=GET Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Tue, 19 Dec 2023 12:12:05 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	status www.facebook.com/x/oauth/	0 0	150ms 114ms	Fetch text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=639500409416371&input_token&origin=1&redirect_uri=https%3A%2F%2Fd3saiyj1nme3gs.cloudfront.net%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=23c4e62d10702ae6b9a4235343d01de8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=() strict-transport-security max-age=15552000; preload date Tue, 19 Dec 2023 12:12:05 GMT x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0 reporting-endpoints default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown" pragma no-cache x-fb-debug qkWPMWA12mCrGnO6wSDiGuvQyI4EHbRGolVDVE+ZxObAHMOJ23ptrkqefKgEW7CEAzsFAND3qDCzmEEiLOQPXQ== fb-s unknown report-to {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://d3saiyj1nme3gs.cloudfront.net origin-agent-cluster ?0 access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=() expires Sat, 01 Jan 2000 00:00:00 GMT
GET DATA	200 OK	truncated Show response / Frame F3DE	1 KB 1 KB		Document text/html
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 31f4e4abd5d8e145d6bd5505ae3ee469f66e6aba53fcc6cf04741d0a802ebc3d Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Content-Type text/html;charset=UTF-8
GET H2	200	24px.svg fonts.gstatic.com/s/i/productlogos/translate/v14/	6 KB 4 KB	160ms 53ms	Image image/svg+xml	2607:f8b0:4004:c1b::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fonts.gstatic.com/s/i/productlogos/translate/v14/24px.svg Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ab5c23a05e39deed14d9d8262b0dce9f024f86105a27196cad37d14a3f516e09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 09:21:11 GMT content-encoding gzip x-content-type-options nosniff age 10255 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3340 x-xss-protection 0 last-modified Wed, 20 Apr 2022 14:24:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" vary Accept-Encoding report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Dec 2024 09:21:11 GMT
GET H2	200	googlelogo_color_42x16dp.png www.gstatic.com/images/branding/googlelogo/1x/	910 B 995 B	56ms 55ms	Image image/png	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png Requested by Host: d3saiyj1nme3gs.cloudfront.net URL: https://d3saiyj1nme3gs.cloudfront.net/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://d3saiyj1nme3gs.cloudfront.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 04:25:44 GMT x-content-type-options nosniff age 27981 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 910 x-xss-protection 0 last-modified Thu, 02 Nov 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 18 Dec 2024 04:25:44 GMT
GET H2	200	translate_24dp.png www.gstatic.com/images/branding/product/2x/	2 KB 2 KB	54ms 53ms	Image image/png	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/branding/product/2x/translate_24dp.png Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.qhDXWpKopYk.L.W.O/am=AAM/d=0/rs=AN8SPfoZVDB5be-TudnAO_y4l2LFY_GHyA/m=el_main_css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 04:25:44 GMT x-content-type-options nosniff age 27981 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1842 x-xss-protection 0 last-modified Thu, 14 Oct 2021 09:08:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 18 Dec 2024 04:25:44 GMT