d2jkbvejwdwk9j.cloudfront.net Open in urlscan Pro
2600:9000:2057:a00:f:5e62:e5c0:21  Public Scan

URL: https://d2jkbvejwdwk9j.cloudfront.net/
Submission: On January 17 via manual from ZA — Scanned from DE

Summary

This website contacted 22 IPs in 6 countries across 19 domains to perform 76 HTTP transactions. The main IP is 2600:9000:2057:a00:f:5e62:e5c0:21, located in United States and belongs to AMAZON-02, US. The main domain is d2jkbvejwdwk9j.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on December 8th 2022. Valid for: a year.
This is the only time d2jkbvejwdwk9j.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2600:9000:205... 16509 (AMAZON-02)
10 104.75.88.194 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
3 81.19.89.18 24638 (RAMBLER-T...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 52.209.157.185 16509 (AMAZON-02)
13 2600:9000:205... 16509 (AMAZON-02)
1 2a02:26f0:11a... 20940 (AKAMAI-ASN1)
2 2600:9000:205... 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 34.250.33.236 16509 (AMAZON-02)
2 15.236.117.205 16509 (AMAZON-02)
1 1 54.229.62.148 16509 (AMAZON-02)
1 2 95.163.52.67 47764 (VK-AS)
1 2 88.212.201.198 39134 (UNITEDNET)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 87.240.129.133 47541 (VKONTAKTE...)
4 2a03:2880:f01... 32934 (FACEBOOK)
1 3 143.204.215.58 16509 (AMAZON-02)
1 3.231.65.19 14618 (AMAZON-AES)
3 2a03:2880:f11... 32934 (FACEBOOK)
76 22
Apex Domain
Subdomains
Transfer
31 cloudfront.net
d2jkbvejwdwk9j.cloudfront.net
d2qii21258vzz5.cloudfront.net
d1i74xb5g7uiki.cloudfront.net
1 MB
10 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 969
76 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 153
222 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 1630
35 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
bbg.demdex.net — Cisco Umbrella Rank: 120923
6 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
203 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 158
773 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1447
mab.chartbeat.com — Cisco Umbrella Rank: 2199
34 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3300
onesignal.com — Cisco Umbrella Rank: 1332
73 KB
3 rambler.ru
counter.rambler.ru — Cisco Umbrella Rank: 100462
kraken.rambler.ru — Cisco Umbrella Rank: 31245
104 KB
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 9550
1 KB
2 mail.ru
top-fwz1.mail.ru — Cisco Umbrella Rank: 9859
3 KB
2 omtrdc.net
bbg.sc.omtrdc.net — Cisco Umbrella Rank: 100119
677 B
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
63 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1202
201 B
1 vk.com
vk.com — Cisco Umbrella Rank: 5870
577 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 974
517 B
1 rferl.org
gdb.rferl.org — Cisco Umbrella Rank: 103051
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
69 KB
76 19
Domain Requested by
17 d2jkbvejwdwk9j.cloudfront.net d2jkbvejwdwk9j.cloudfront.net
13 d1i74xb5g7uiki.cloudfront.net d2jkbvejwdwk9j.cloudfront.net
10 tags.tiqcdn.com d2jkbvejwdwk9j.cloudfront.net
tags.tiqcdn.com
4 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
d2jkbvejwdwk9j.cloudfront.net
4 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
3 www.facebook.com d2jkbvejwdwk9j.cloudfront.net
connect.facebook.net
3 sb.scorecardresearch.com 1 redirects d2jkbvejwdwk9j.cloudfront.net
3 dpm.demdex.net 1 redirects d2jkbvejwdwk9j.cloudfront.net
2 counter.yadro.ru 1 redirects d2jkbvejwdwk9j.cloudfront.net
2 top-fwz1.mail.ru 1 redirects d2jkbvejwdwk9j.cloudfront.net
2 kraken.rambler.ru d2jkbvejwdwk9j.cloudfront.net
2 bbg.sc.omtrdc.net tags.tiqcdn.com
2 static.chartbeat.com tags.tiqcdn.com
2 cdn.onesignal.com d2jkbvejwdwk9j.cloudfront.net
cdn.onesignal.com
2 www.youtube.com d2jkbvejwdwk9j.cloudfront.net
www.youtube.com
1 ping.chartbeat.net d2jkbvejwdwk9j.cloudfront.net
1 vk.com d2jkbvejwdwk9j.cloudfront.net
1 onesignal.com cdn.onesignal.com
1 cm.everesttech.net 1 redirects
1 bbg.demdex.net tags.tiqcdn.com
1 mab.chartbeat.com static.chartbeat.com
1 gdb.rferl.org d2jkbvejwdwk9j.cloudfront.net
1 www.googletagmanager.com d2jkbvejwdwk9j.cloudfront.net
1 counter.rambler.ru d2jkbvejwdwk9j.cloudfront.net
1 d2qii21258vzz5.cloudfront.net d2jkbvejwdwk9j.cloudfront.net
76 25
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
*.tiqcdn.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-12 -
2024-01-14
a year crt.sh
*.google.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
*.rambler.ru
GlobalSign GCC R3 DV TLS CA 2020
2022-05-16 -
2023-05-06
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-03 -
2023-06-02
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-12-12 -
2023-03-06
3 months crt.sh
www.rferl.org
R3
2022-11-22 -
2023-02-20
3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2022-05-06 -
2023-06-03
a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-26 -
2023-10-27
a year crt.sh
*.sc.omtrdc.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2022-03-18 -
2023-04-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-10-26 -
2023-01-24
3 months crt.sh
*.scorecardresearch.com
Amazon
2022-12-30 -
2024-01-28
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2022-12-19 -
2023-12-30
a year crt.sh

This page contains 3 frames:

Primary Page: https://d2jkbvejwdwk9j.cloudfront.net/
Frame ID: C3FEC835A2A974941D45FAB0FD1A684E
Requests: 74 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 2A2079CAC91DBE4D8BA590F12932F0E4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 9EB531C2B523B2431BF92BC54DCEBB77
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Радио Свобода

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

76
Requests

93 %
HTTPS

52 %
IPv6

19
Domains

25
Subdomains

22
IPs

6
Countries

1741 kB
Transfer

3164 kB
Size

22
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690
Request Chain 30
  • https://cm.everesttech.net/cm/dd?d_uuid=39217678517684308272914210891794488902 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ZtTQAAAHOHvAOY
Request Chain 33
  • https://top-fwz1.mail.ru/counter?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725
Request Chain 34
  • https://counter.yadro.ru/hit?t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.599136903477794 HTTP 302
  • https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.599136903477794
Request Chain 59
  • https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
d2jkbvejwdwk9j.cloudfront.net/
115 KB
116 KB
Document
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b6f1c2752fb064b1ccbff219812da8ba172b24a921f4f0d5527b0c9c7b683b41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
must-revalidate, max-age=22
content-language
ru
content-type
text/html; charset=utf-8
date
Tue, 17 Jan 2023 09:41:31 GMT
expires
Tue, 17 Jan 2023 09:41:53 GMT
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-id
c2Wqu6-7B-XX1nRC3BGe_CoNl5teMdomYzJhp5YT41GHaeSkQeKNiQ==
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
RFE-ru-RU.css
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/
298 KB
299 KB
Stylesheet
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0ed946adc3151bbd77f32df1208c55e2ec7cc4a339e67414d1ff8394011b9bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Sat, 04 Feb 2023 07:59:33 GMT
date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
content-type
text/css
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1549081
x-amz-cf-id
AU6wuqxz0_14VIOXvVkP10jE1zmZNwwn5VN-5Fv-ZK0dsJAezusxjg==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
07ad0c6a0d604121d841948c312420077d26ba1c2a0c5dddaeba02185ff85581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:31 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 19:48:41 GMT
server
AkamaiNetStorage
etag
"d0c98153f32052f418894840e49cc851:1670528921.789129"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
1047
expires
Tue, 17 Jan 2023 09:46:31 GMT
iframe_api
www.youtube.com/
992 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 17 Jan 2023 09:41:31 GMT
infographics.b
d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/
4 KB
4 KB
Script
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=307
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ua-compatible
IE=edge
date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=307
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1549098
x-amz-cf-id
kvxmLtMeqyFuAxE4WDYrU7E8ov1AUqjEgISHvufQIcQM4iczYHT8lg==
content-length
3943
x-xss-protection
1; mode=block
expires
Sat, 04 Feb 2023 07:59:50 GMT
loader.b
d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/
87 KB
87 KB
Script
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/loader.b?v=0FPXjBVVg5xYYGUT59l_WQeH3R6xCH2Xr3SzghXFwDM1?&av=0.1.0.0&cb=307
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
df7fb83679b8d53c7446697e600a8fff012ec1c6bf782f7e05d2584f42964930
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Sat, 04 Feb 2023 07:59:42 GMT
date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/loader.b?v=0FPXjBVVg5xYYGUT59l_WQeH3R6xCH2Xr3SzghXFwDM1?&av=0.1.0.0&cb=307
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1549090
x-amz-cf-id
SHxvK3XZHYg-cG0wgbb_0i8BWb8C6HPrU_z6mXz8_nRkWhW7l7GiFw==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
Skolar-Lt_Cyrl_v2.4.woff
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/
33 KB
33 KB
Font
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
Origin
https://d2jkbvejwdwk9j.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
33340
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:07 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
J7BdBSHv-A65nPzSBLUSLOLT0RapiBsXDQL1QNtnYSQaNaUyo2GRZw==
expires
Thu, 16 Feb 2023 09:41:32 GMT
sectionversioncss
d2jkbvejwdwk9j.cloudfront.net/api/customization/
1 KB
2 KB
Stylesheet
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/api/customization/sectionversioncss?sectionversionid=6915&cv=3
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d12b917748670cabc4f27972b671c65babf3a810f4a954bcdb838ec9cebe042f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Sat, 21 Jan 2023 02:06:53 GMT
date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/customization/sectionversioncss?sectionversionid=6915&cv=3
content-type
text/css; charset=utf-8
x-cache
Miss from cloudfront
cache-control
max-age=318321
x-amz-cf-id
TGgFVh-mAW6DKApb7-EQTa-sa3l8WunbSH87jS_BGbJB0yJ8IRXgrg==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
logo-compact.svg
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/
6 KB
6 KB
Image
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-compact.svg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
5730
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-compact.svg
content-type
image/svg+xml
cache-control
public, max-age=2340415
x-amz-cf-id
lkS3P4CfRCJUW1KF39_PmGcSJg4YoQh5yfcQ1inY7zHb5HB0uMePIg==
expires
Mon, 13 Feb 2023 11:48:27 GMT
logo.svg
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/
9 KB
10 KB
Image
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo.svg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
9488
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo.svg
content-type
image/svg+xml
cache-control
public, max-age=2340540
x-amz-cf-id
_XVjvWvhi4RgZwMrmervKb7rP7sU5jcmy-NXoKqoxqH9eRPAqPGObA==
expires
Mon, 13 Feb 2023 11:50:32 GMT
logo-print.gif
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/
2 KB
3 KB
Image
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-print.gif
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
2424
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print.gif
content-type
image/gif
cache-control
public, max-age=2338327
accept-ranges
bytes
x-amz-cf-id
q_9rVU8iwa2_ghMSzmPz29Lg0Thl1Mvpzw1Yb3DpZoZZuON3xCiSvQ==
expires
Mon, 13 Feb 2023 11:13:40 GMT
logo-print_color.png
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/
6 KB
6 KB
Image
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/img/logo-print_color.png
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
5788
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:02 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print_color.png
content-type
image/png
cache-control
public, max-age=2338510
accept-ranges
bytes
x-amz-cf-id
2zz47yKtrETewsviKRes8ueVZvO3pEckr2oA3c9LTUAeBr37oTrIiA==
expires
Mon, 13 Feb 2023 11:16:42 GMT
banners-styles.css
d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/
4 KB
1 KB
Stylesheet
General
Full URL
https://d2qii21258vzz5.cloudfront.net/branding/cdn/html_banners/banners-styles.css
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:a600:11:fbd8:f840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
date
Tue, 17 Jan 2023 09:41:32 GMT
x-amz-cf-pop
FRA53-C1
x-cache
RefreshHit from cloudfront
content-length
849
last-modified
Mon, 05 Feb 2018 10:24:04 GMT
server
Microsoft-IIS/10.0
etag
"0ba49726b9ed31:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
886Oe8fKa_slwZUnnNwZb9XrV2e5jLYBni8pLfvj4-aGUlemf1FMXA==
expires
Thu, 16 Feb 2023 09:41:32 GMT
top100.jcn
counter.rambler.ru/
101 KB
102 KB
Script
General
Full URL
https://counter.rambler.ru/top100.jcn?57787
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
696e0b20a0da7dfb5c6b915d3182018ef009e8ed48ff71fdfd98210916961c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
application/octet-stream, application/javascript
date
Tue, 17 Jan 2023 09:41:32 GMT
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1812
etag
W/"ae63ef8ff03da61fffaa7f165729897a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78ae22bf3d559bd6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 20 Jan 2023 09:41:32 GMT
conf.js
d2jkbvejwdwk9j.cloudfront.net/
6 KB
6 KB
Script
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/conf.js?x=307
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1fa15340a9311e1f20c2edefca19f68af5749ffb7f8a940749a2c7e3b6f4075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
5752
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/conf.js?x=307
content-language
ru
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1549142
x-amz-cf-id
zxgRYWNq6uFZTqiZrVOoK22Tue7Q9YqwGkQfAH8vtoPpNkwvKGL_TQ==
expires
Sat, 04 Feb 2023 08:00:34 GMT
www-widgetapi.js
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/
183 KB
62 KB
Script
General
Full URL
https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 03:57:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
20618
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62798
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 17 Jan 2024 03:57:54 GMT
gtm.js
www.googletagmanager.com/
221 KB
69 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
28739d522688851282a68d9a11e67bef91c6f51297d9ec22273d9ee4c9a2ff73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69648
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 17 Jan 2023 09:41:32 GMT
utag.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
84 KB
27 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ef676d888bbc23be3a78ad82c14dac6c1ad74ecb4144bf7e03192fc469c1e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 19:48:41 GMT
server
AkamaiNetStorage
etag
"3f81b1abb26ac043b2d89882544eaefe:1670528921.359876"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
26914
expires
Tue, 17 Jan 2023 09:46:32 GMT
SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/
40 KB
41 KB
Font
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Origin
https://d2jkbvejwdwk9j.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
41216
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:07 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
cNigcYZfg3xMSVc8mXv-PSuYrQYMtE9Z96qTGcmjGgB5l5Ej49ZQ8g==
expires
Thu, 16 Feb 2023 09:41:32 GMT
icons-font-1661417065025.woff
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/
17 KB
18 KB
Font
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/fonts/icons-font-1661417065025.woff
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Origin
https://d2jkbvejwdwk9j.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
17808
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 25 Aug 2022 13:57:51 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/icons-font-1661417065025.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
5shIY8lU9cUscqyst3MhQp2Y7GPcFvzeqljLqjp3tgCm2mbKtZIUiA==
expires
Thu, 16 Feb 2023 09:41:33 GMT
utag.53.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:26 GMT
server
AkamaiNetStorage
etag
"ac8019f27f0b21231abe8e581d40e753:1574110106.939453"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
835
expires
Wed, 01 Feb 2023 09:41:32 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690
362 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
HTTP/1.1
Server
52.209.157.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-157-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7acf2102021a38c959631778d248dceeaffd22548e56bb3636e9de63fd0531b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0bb46f593.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
oUZlOamYRQo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://d2jkbvejwdwk9j.cloudfront.net
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
306
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ha6h8LxXSZM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://d2jkbvejwdwk9j.cloudfront.net
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1673948492690
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
image-placeholder.svg
d2jkbvejwdwk9j.cloudfront.net/Content/responsive/img/
709 B
1 KB
Image
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/img/image-placeholder.svg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=307
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
709
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Aug 2022 13:53:08 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/img/image-placeholder.svg
content-type
image/svg+xml
cache-control
public, max-age=2364058
x-amz-cf-id
5Nw_uFCYi3GjrBuqj9LYbTWJgeCO6pKQx1EJ0ODNwPVUWMqGnVjVYw==
expires
Mon, 13 Feb 2023 18:22:30 GMT
30F397A4-5EB7-4FC3-8C4B-7CDDBFF979EB.jpg
d1i74xb5g7uiki.cloudfront.net/
48 KB
48 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/30F397A4-5EB7-4FC3-8C4B-7CDDBFF979EB.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e43708904d8e075741ebb8426abea38641fd92eea2da8b962eda679fca8c8028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
"49162"
pangea-nodeid
ogJFsMhgsy4co7VMOEvBoA==
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
public, max-age=1915555
gdb-fall-back
false
x-amz-cf-id
YQdaEbQoJ7DnztThLqBYD_zK5G2dEIbzTm3nxhxJad8LiX11nooLYw==
content-length
49162
x-xss-protection
1; mode=block
expires
Wed, 08 Feb 2023 13:47:27 GMT
8F30084F-5205-4A32-BC3F-30F7CD76E57A_w800.png
d1i74xb5g7uiki.cloudfront.net/
51 KB
52 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/8F30084F-5205-4A32-BC3F-30F7CD76E57A_w800.png
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
99fb01f45a2d245b12dad2aa7b8b34c0a35b8b38389c43c4540253da177d2992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Wed, 24 Nov 2021 15:21:39 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"80711"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
private, no-transform, max-age=671077
content-length
52581
x-amz-cf-id
v1t9ce5Rlm64YVmRYdqqWmKNWSJrDg_wdq-lddaXpCqCiJPMm-P3Dw==
expires
Wed, 25 Jan 2023 04:06:09 GMT
B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg
gdb.rferl.org/
6 KB
7 KB
Image
General
Full URL
https://gdb.rferl.org/B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a:38c::1317 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
02b4a199941d273ca2b15e72a6006ebef6c81be7fcefaed6f6046d3f3abd07e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 10 Aug 2022 10:31:48 GMT
x-serial
764
server
Akamai Image Manager
x-check-cacheable
YES
etag
"12538"
content-type
image/webp
cache-control
private, no-transform, max-age=2470945
content-length
6460
expires
Wed, 15 Feb 2023 00:03:57 GMT
chartbeat_mab.js
static.chartbeat.com/js/
23 KB
10 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.201902121217
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 00:43:35 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
32277
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
UXilFjp4HnOA48bOefN-WzTZ9NK67Thv110Xp8SArwnXTbQjztTk5w==
expires
Wed, 18 Jan 2023 00:43:35 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/
189 B
499 B
XHR
General
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=d2jkbvejwdwk9j.cloudfront.net&domain=d2jkbvejwdwk9j.cloudfront.net&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f4fd62e64e8d2e4866b80ae77ea3e806513dc59febdc7a4eb87e275437b02d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
140
x-served-by
cache-hhn-etou8220056-HHN
x-timer
S1673948493.897344,VS0,VE100
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 15 Jan 2023 09:41:32 GMT
dest5.html
bbg.demdex.net/ Frame 2A20
7 KB
3 KB
Document
General
Full URL
https://bbg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.33.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-33-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
M2KyvgvDQSg=
content-encoding
gzip
date
Tue, 17 Jan 2023 09:41:33 GMT
last-modified
Fri, 28 Oct 2022 11:02:57 GMT
transfer-encoding
chunked
vary
accept-encoding
id
bbg.sc.omtrdc.net/
2 B
278 B
XHR
General
Full URL
https://bbg.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=39191244591123164642917829698432491677&ts=1673948492919
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-117-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://d2jkbvejwdwk9j.cloudfront.net
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Y8ZtTQAAAHOHvAOY
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=39217678517684308272914210891794488902
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ZtTQAAAHOHvAOY
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ZtTQAAAHOHvAOY
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
HTTP/1.1
Server
52.209.157.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-157-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0f3ed56cf.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
P/9BnwzGRvo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y8ZtTQAAAHOHvAOY
Date
Tue, 17 Jan 2023 09:41:33 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
kraken.rambler.ru/cnt/v2/
595 B
991 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&project_id=57787&session_id=2095865358_1673948492933&session_number=1&session_event_number=1&version=3.13.2i&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.57787.1280094902.1673948492932&adtech_uid=6008946c-c9e5-49fe-9ae7-9d88ee4d7df7&adtech_uid_scope=d2jkbvejwdwk9j.cloudfront.net&fingerprint=pA8AAENKs1fI7n7AAXNXsAA%3D&url=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&request_id=1673948492.931-1830169645&event_id=779284929361787&meta=%7B%22title%22%3A%22%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A%220%22%7D&rn=939310776
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
server
nginx/1.19.4
x-srv
2kraken-prod0002.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
595
/
kraken.rambler.ru/cnt/
595 B
991 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/?et=pv&v=3.13.2i&pid=57787&tid=t1.57787.1280094902.1673948492932&rid=1673948492.931-1830169645&fid=pA8AAENKs1fI7n7AAXNXsAA%3D&eid=146984929355882&aduid=6008946c-c9e5-49fe-9ae7-9d88ee4d7df7&aduidsc=d2jkbvejwdwk9j.cloudfront.net&stid=2095865358_1673948492933&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&le=0&ct=web&url=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&rn=574171066
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
server
nginx/1.19.4
x-srv
2kraken-prod0002.ad.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
content-type
content-length
595
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725
  • https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725
935 B
2 KB
Image
General
Full URL
https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Server
95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
aabf62c0a841e03a747c99313530d0412bef3b236d39d3d2cb11550c41fac1c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
935
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
accept-ch-lifetime
86400
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Tue, 17 Jan 2023 09:41:33 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime
86400
location
https://top-fwz1.mail.ru/counter2?id=959355;t=216;js=13;r=;j=false;s=1600*1200;d=24;rand=0.41298974313152725
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
*
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u04...
  • https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u...
177 B
663 B
Image
General
Full URL
https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.599136903477794
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
HTTP/1.1
Server
88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host198.rax.ru
Software
nginx/1.17.9 /
Resource Hash
35b12229634acf68184dffcc1aa7de743e83b7b20ed3d47c8b9893b768081065
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 17 Jan 2023 09:41:33 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
177
Expires
Sun, 16 Jan 2022 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 17 Jan 2023 09:41:33 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t14.6;r%3Chttps://counter.yadro.ru/hit?t14.6;r%3E;s1600*1200*24;uhttps%3A//d2jkbvejwdwk9j.cloudfront.net/;h%u0420%u0430%u0434%u0438%u043E%20%u0421%u0432%u043E%u0431%u043E%u0434%u0430;0.599136903477794
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Sun, 16 Jan 2022 21:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
469
etag
W/"2f96824aee4bf927e734cc519e3e726d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
78ae22c0e8699bd6-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 20 Jan 2023 09:41:32 GMT
utag.72.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
77 KB
22 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202211171411
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f67812d5d85a30996e4ced43a9157823281e7830bd42b8d46fba8b06b870bf98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 14:11:21 GMT
server
AkamaiNetStorage
etag
"d40b7dd4b9307861d385faa0409d55ae:1668694281.888897"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
21879
expires
Wed, 01 Feb 2023 09:41:32 GMT
utag.24.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
10 KB
4 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f7d5f56907337f09fd7f88163e91f211416cd206cb3f622c8b232323037f797d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Thu, 08 Dec 2022 19:48:41 GMT
server
AkamaiNetStorage
etag
"f4d7efe4ef4d19cd94a8d10424758ec1:1670528921.664484"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
3794
expires
Wed, 01 Feb 2023 09:41:32 GMT
utag.7.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
607 B
830 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 17 Jan 2023 09:41:32 GMT
last-modified
Mon, 18 Nov 2019 20:48:23 GMT
server
AkamaiNetStorage
etag
"d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
607
expires
Wed, 01 Feb 2023 09:41:32 GMT
utag.4.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
55 KB
17 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:34 GMT
server
AkamaiNetStorage
etag
"4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
17297
expires
Wed, 01 Feb 2023 09:41:32 GMT
utag.31.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.31.js?utv=ut4.46.202208161936
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2dd96f8157c87be4ad34c76e5b591145c56c76aa8f5d1269dc56a0739e1e6c49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 18:26:06 GMT
server
AkamaiNetStorage
etag
"650718573dedfe294d6da44e1a401580:1594232766.904052"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1088
expires
Wed, 01 Feb 2023 09:41:32 GMT
utag.59.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/
3 KB
2 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.59.js?utv=ut4.46.201803271649
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e42a903a5543ea3db161f5e3e4aa57a3f31f97b0320a45e0ae6885b501976952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 17 Jan 2023 09:41:32 GMT
content-encoding
gzip
last-modified
Mon, 18 Nov 2019 20:48:34 GMT
server
AkamaiNetStorage
etag
"19ab20d67360ddefcc3c87f84b598075:1574110114.696382"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1551
expires
Wed, 01 Feb 2023 09:41:32 GMT
res
d2jkbvejwdwk9j.cloudfront.net/
50 KB
51 KB
Script
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=307&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/loader.b?v=0FPXjBVVg5xYYGUT59l_WQeH3R6xCH2Xr3SzghXFwDM1?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
63e569e817abd3cd5ccd55a1bec543ed0a64f8075091aa5a7e51e8dbb1942ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ua-compatible
IE=edge
date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA6-C1
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/res?callback=_resourceLoaderReceiver_0&x=307&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
content-type
application/javascript; charset=utf-8
content-language
ru
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1549199
x-amz-cf-id
sHCqVwxyZNjokI_pPt6gT1O9GvsQp1jpPHCTT_NtL-bCfOF1n1x2Xg==
x-xss-protection
1; mode=block
expires
Sat, 04 Feb 2023 08:01:32 GMT
034d0000-0aff-0242-ee32-08daf79b87e5_w650_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
82 KB
83 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/034d0000-0aff-0242-ee32-08daf79b87e5_w650_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
87c85afa4bf53e001c02928a0f53bbc6018e645882d40b8eb393ef3374ebbf78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jan 2023 08:37:36 GMT
server
Akamai Image Manager
x-serial
61
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"146808"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2501719
content-length
84188
x-amz-cf-id
B3Cg8cmRWhsQgNNvToJjeSDIawWZzwxeVF4Afr_ipYveKlUQ8Fz3Vg==
expires
Wed, 15 Feb 2023 08:36:51 GMT
02490000-0aff-0242-0308-08daf56191f0_cx0_cy4_cw0_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
22 KB
22 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/02490000-0aff-0242-0308-08daf56191f0_cx0_cy4_cw0_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
051972e000ff5664094db8e3fbc4df59a39e192f397bb19d1a3937fd25017f4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 21:31:16 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"40471"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2461851
content-length
22417
x-amz-cf-id
XXI_mJInbaPG4FyQ2cjW9xj1iXTyVC8ryWKbN7w2EwOKc25TOqFxUw==
expires
Tue, 14 Feb 2023 21:32:24 GMT
9f4b17a3-8e95-4229-81b3-bd45af42c0d7_cx0_cy5_cw0_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
20 KB
20 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/9f4b17a3-8e95-4229-81b3-bd45af42c0d7_cx0_cy5_cw0_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
805f6fc09afbc56b4f515472aa2eb2831039d3a261a00ddb8e086d961f62e766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jan 2023 08:12:20 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"36533"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2500137
content-length
20009
x-amz-cf-id
zBJH8Jlm8MO9uNx1aMkPtUZZQ8dSkb8rpcal1pn_AxgpSLuO9b92_A==
expires
Wed, 15 Feb 2023 08:10:30 GMT
733CEB2B-EB90-4EA1-8077-0EBB8ABD00D5_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
18 KB
19 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/733CEB2B-EB90-4EA1-8077-0EBB8ABD00D5_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2b73dbcd3b9961d4cd3fab1527a0fcd079fa641bd7322174baca5dfeedc04748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 07:57:49 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"33554"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2258356
content-length
18921
x-amz-cf-id
V_oDerOKnh5aM--OoUSH23YikvH8KabTyqnRFLaXfzgGfCpFYd2KBQ==
expires
Sun, 12 Feb 2023 13:00:48 GMT
02490000-0aff-0242-2636-08daf627d03b_w144_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
6 KB
6 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/02490000-0aff-0242-2636-08daf627d03b_w144_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
2c2a09defd9a7843207e76c66b9597a36e28c6496436429a88e0f94af35c31ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Sat, 14 Jan 2023 12:32:17 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"9751"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2343106
content-length
5718
x-amz-cf-id
QdYiQ6hY7XcudfZw_LvopQvJrbOgK1FBRxcKfqOcJXtraqNiuIaM3Q==
expires
Mon, 13 Feb 2023 12:33:19 GMT
02490000-0aff-0242-f484-08dae20a1bb0_w144_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
5 KB
6 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/02490000-0aff-0242-f484-08dae20a1bb0_w144_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
b0c794509b1670a9ae36905ddc26c37c3fc71ec011628880315fc3737f8897f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Wed, 04 Jan 2023 07:44:06 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA6-C1
etag
"11266"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=1461700
content-length
5424
x-amz-cf-id
oMfYdhA8EVI9rbjVrlr9NvaVoEhjXMgwj_tUIbHwx184OdkH4jmtNw==
expires
Fri, 03 Feb 2023 07:43:13 GMT
02490000-0aff-0242-9f16-08daf4ac6c8a_w144_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
3 KB
4 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/02490000-0aff-0242-9f16-08daf4ac6c8a_w144_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
845181f044ee8b63b75a73057e107cbe659e210c86dc0dfebd77c30a0ca36051
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Thu, 12 Jan 2023 16:23:17 GMT
server
Akamai Image Manager
x-serial
1118
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"5553"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2184124
content-length
3315
x-amz-cf-id
t_6roHoZhCM6E0q0PVubWV-18FctDiIAZFDzoSdvgA6ldLJ9WVpO1w==
expires
Sat, 11 Feb 2023 16:23:37 GMT
034d0000-0aff-0242-fbe4-08daf4a8d523_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
37 KB
38 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/034d0000-0aff-0242-fbe4-08daf4a8d523_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
1f669c30e9c1059872156f451e5270942d9b9b27ed7dc7cb148353ed99511b10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:32 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Sat, 14 Jan 2023 07:57:46 GMT
server
Akamai Image Manager
x-serial
528
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"67915"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2326491
content-length
38396
x-amz-cf-id
7uIY3Sy-7BVuBn8yHhuaC98m3-1W892SX8dOariIf-Hftj1YofMZVg==
expires
Mon, 13 Feb 2023 07:56:23 GMT
613d3d98-e086-41b6-8104-4729ed13a527_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
21 KB
21 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/613d3d98-e086-41b6-8104-4729ed13a527_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
02aa8c4ab6ce64da3a27f4d75f35ad2c9c7aafa92b5f8d7a73235ef61b29683f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jan 2023 15:13:55 GMT
server
Akamai Image Manager
x-serial
930
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"35048"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2525481
content-length
21266
x-amz-cf-id
O8RouTK4uhLFvzMh_Tttc0RAxJkd63ano20fKp6P8D3BF6dI_LttjA==
expires
Wed, 15 Feb 2023 15:12:54 GMT
034d0000-0aff-0242-a12f-08dae8271993_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
23 KB
24 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/034d0000-0aff-0242-a12f-08dae8271993_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
07b51bf0165430c4325f1c50a3c6e8a1c35a4052b0e14218e51b4e4ae26caf5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 16:38:31 GMT
server
Akamai Image Manager
x-serial
1508
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"42876"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=802576
content-length
24035
x-amz-cf-id
v1MbozeePwjfIF0YiibKmYW_cwcM1CpPnuenKtmEFFaopNc8GHiuDA==
expires
Thu, 26 Jan 2023 16:37:49 GMT
02490000-0aff-0242-c4dd-08daf706cc41_w408_r1.jpg
d1i74xb5g7uiki.cloudfront.net/
18 KB
18 KB
Image
General
Full URL
https://d1i74xb5g7uiki.cloudfront.net/02490000-0aff-0242-c4dd-08daf706cc41_w408_r1.jpg
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5000:a:e71c:2080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
09c8e4ff5357d42e89b383bdef53f121ed85f99a6647f70fd6fb26450083f4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Sun, 15 Jan 2023 23:37:24 GMT
server
Akamai Image Manager
x-serial
194
x-check-cacheable
YES
x-amz-cf-pop
FRA6-C1
etag
"29960"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2469272
content-length
18078
x-amz-cf-id
ZigY4XxVYK8651W9VwxYPOlriEXUJwQPovb-zmU7I4V55IGPV7cA8g==
expires
Tue, 14 Feb 2023 23:36:05 GMT
0255.js
script.crazyegg.com/pages/scripts/0026/
6 KB
2 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39633b0e96b199bed8f2a47981751de6961c806b43e5d101bb97dc4d9dc0ed1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
54664
cf-polished
origSize=6088
ce-version
11.5.16
cf-bgj
minify
last-modified
Mon, 16 Jan 2023 18:30:29 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
78ae22c17d3f2c63-FRA
web
onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/
5 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8008f34c91399b89a70f1be166576e2fdd41a509697a2374cfdfa4ce9d4c0e8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
2790
cf-polished
origSize=5437
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
e1ec9ccf-2339-4edc-bffa-7b5d7c3e70e4
x-runtime
0.019592
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ca6345f281e7e4b5a8d7a05912633d24"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
78ae22c159269bd6-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 17 Jan 2023 10:41:33 GMT
rtrg
vk.com/
49 B
577 B
Image
General
Full URL
https://vk.com/rtrg?p=VK-RTRG-227495-44Mps&_rnd=0.8657746606764489
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.129.133 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv133-129-240-87.vk.com
Software
kittenx / KPHP/7.4.113078
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
content-encoding
gzip
x-frontend
front623305
strict-transport-security
max-age=15768000
server
kittenx
x-powered-by
KPHP/7.4.113078
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
fbevents.js
connect.facebook.net/en_US/
106 KB
28 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Jan 2023 09:41:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27815
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
EjeMlZ5eqgBl534s10L2+Jc7+fUq8bS3s2AMaRU/ttrYRwwifBf0taps/Km6xaJTeobdZVnPrhtVlEnAj1g0zQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/
70 KB
24 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.31.js?utv=ut4.46.202208161936
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:6400:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 01:04:30 GMT
content-encoding
gzip
via
1.1 7ce1191b390045e05b9cc74f7514b77a.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:02:37 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
31023
etag
W/"639218ad-11856"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
4Ii5tod9tFU0y3k-HQ6sfNqDwbyvqi4aeCcS221tNqlSXZk-ptknxQ==
expires
Wed, 18 Jan 2023 01:04:30 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035794/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:28:49 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
765
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
jpyqEqLtfTEBqpIL3lCje74Ux2ZXqHYrRsd3KzTlIC-DUtebDhWnOw==

Redirect headers

location
/internal-c2/default/cs.js
date
Tue, 17 Jan 2023 09:41:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
pEfQYYwcjDzAqP-ft3lpfJy-Ffonb02XPT7n6VEpiwlrtAPDtzJyvA==
x-cache
Miss from cloudfront
b
sb.scorecardresearch.com/
0
189 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1673948493028&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&c9=
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
via
1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
2Haq9XI_9qMMER3FVFGCgE0ROJmnbsINl5MQNOQ2Dgp4QlEf_j60sw==
x-cache
Miss from cloudfront
s52439758301258
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/
43 B
399 B
XHR
General
Full URL
https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s52439758301258
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202211171411
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-117-205.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 09:41:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 18 Jan 2023 09:41:33 GMT
server
jag
etag
3594777017252347904-4619662489109744177
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://d2jkbvejwdwk9j.cloudfront.net
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 16 Jan 2023 09:41:33 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
216 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202212081948&cb=1673948493049
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62
8096267
date
Tue, 17 Jan 2023 09:41:33 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Tue, 17 Jan 2023 09:51:33 GMT
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=rferl.russian&p=%2F&u=DB7784DVbk4yB0XAjQ&d=d2jkbvejwdwk9j.cloudfront.net&g=62557&g0=d2jkbvejwdwk9j.cloudfront.net&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3533&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&b=2062&t=D-CyWvDLLBV_B4TltWD8glKrQPXKE&V=139&i=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&tz=0&sn=1&sv=DHiNhfBwTuxnBMeiNwDmqUzYb4Deu&sd=1&im=061b2ff3&_
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.231.65.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-231-65-19.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 17 Jan 2023 09:41:33 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
d2jkbvejwdwk9j.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/site/
100 KB
5 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d2jkbvejwdwk9j.cloudfront.net.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66aad34bcca61b12df7eb5629a5fbe7945af502b83a15a9e978dd87b36498623

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9610
ce-version
11.5.16
content-length
4452
last-modified
Tue, 17 Jan 2023 07:01:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78ae22c2481092a2-FRA
513797670662669
connect.facebook.net/signals/config/
376 KB
108 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/513797670662669?v=2.9.92&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
76b0aff1bfa9a26dc928b378e25e8c4b53d032431a1babb546d212ce96681e86
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 17 Jan 2023 09:41:33 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
110059
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
XNQGdq0V4Po84UrUK37AbSjxp8WJ/8j2wF0/CRMwcoCHRJBs1iOM93/Qhyk6xhMOHAu3W/kNiDXoec45h6pCkg==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
91184d02a87923a014c1209f71972a90.js
script.crazyegg.com/pages/versioned/common-scripts/
77 KB
26 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2286f307668c84511e2271af5e2805b4400511bca2a28edbabd32fcdcea17c7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 12:59:21 GMT
server
cloudflare
age
54672
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78ae22c26e9b2c63-FRA
content-length
26887
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=513797670662669&ev=PageView&dl=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&rl=&if=false&ts=1673948493220&sw=1600&sh=1200&v=2.9.92&r=stable&a=tmtealium&ec=0&o=30&cs_est=true&fbp=fb.2.1673948493219.2103037743&it=1673948493161&coo=false&rqm=GET
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 17 Jan 2023 09:41:33 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
d2jkbvejwdwk9j.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/
8 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d2jkbvejwdwk9j.cloudfront.net.json?t=464985
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/91184d02a87923a014c1209f71972a90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d4c71445be38a6034e89e17cd8cc5a96cd6cc2fa3eeb5448b14835533b24ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
content-encoding
gzip
cf-cache-status
HIT
age
9610
ce-version
11.5.16
content-length
1487
last-modified
Tue, 17 Jan 2023 07:01:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
78ae22c2b87e92a2-FRA
all.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=307&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d1b37fbc7045c2e154756646ab4e00f5d196449b008ab9e39f63ccb3b32229d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Jan 2023 09:41:33 GMT
content-md5
VfWbQpOOdb8JrwBdBTcgCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
ZbfRZ4StsFRl7VqCk4xA7BnPdTrpDZL/kmby3v7sTVamLnl5E+HWmnDhzEhY3OMFyx/ybTPpkQ+1IhgX2RuV5w==
x-fb-content-md5
be6d54cb7224f6c5ec11d49538473c10
cross-origin-opener-policy
same-origin-allow-popups
etag
"588ac569cae3941e1e5d87f2bdbc58a9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Tue, 17 Jan 2023 09:50:15 GMT
hljson
d2jkbvejwdwk9j.cloudfront.net/
2 KB
2 KB
XHR
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/hljson
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/loader.b?v=0FPXjBVVg5xYYGUT59l_WQeH3R6xCH2Xr3SzghXFwDM1?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
402ec48f00be5623c8b265c515b1f222d801b88916eeefe675049298c04a1012
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
1937
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/hljson
content-language
ru
content-type
application/json; charset=utf-8
cache-control
max-age=63
x-amz-cf-id
wJlxWqFK1IJTmxlKZlBjJDn3vQktuP2n6U3YKDYS_ZSjJa0cJEuQhg==
expires
Tue, 17 Jan 2023 09:42:36 GMT
items
d2jkbvejwdwk9j.cloudfront.net/api/compactheader/
272 B
780 B
XHR
General
Full URL
https://d2jkbvejwdwk9j.cloudfront.net/api/compactheader/items
Requested by
Host: d2jkbvejwdwk9j.cloudfront.net
URL: https://d2jkbvejwdwk9j.cloudfront.net/Scripts/responsive/loader.b?v=0FPXjBVVg5xYYGUT59l_WQeH3R6xCH2Xr3SzghXFwDM1?&av=0.1.0.0&cb=307
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:a00:f:5e62:e5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
55caeac7f9380a8a61dca0f77c7caa9e3c86d7778c51118f97fbff50f4945dcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 09:41:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
x-cache
Miss from cloudfront
content-length
272
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
onion-location
https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/compactheader/items
content-type
application/json; charset=utf-8
cache-control
max-age=3
x-amz-cf-id
ysW0aY3H_J_rHdf2vFIy1Te951nWlwjBLqr9q2g4LsblsirGxju89g==
expires
Tue, 17 Jan 2023 09:41:36 GMT
all.js
connect.facebook.net/en_US/
302 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/all.js?hash=245f47e63499ffbdc863e8cf1b6c6740
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
da025d69d2edd950b01bcb1b7654b9b5a2587c92453acc5a7a6876365beb9944
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://d2jkbvejwdwk9j.cloudfront.net/
Origin
https://d2jkbvejwdwk9j.cloudfront.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 17 Jan 2023 09:41:33 GMT
content-md5
j9lFkg8sT6BBz6DCaniIFQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86784
x-fb-rlafr
0
x-fb-debug
wTO/sY3lsH0NnQE9RAJD63Smcin+5Q+Arqty5OYKn5EZ1EPZdatL4qybXuwoArhK4QkCBfLlJLd+sMOaws+Rag==
x-fb-content-md5
1ef8d84a2a99526a142f3243fce2717b
cross-origin-opener-policy
same-origin-allow-popups
etag
"9d8ce0c0926b8428bef6c13c94d7e3c9"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 17 Jan 2024 08:01:02 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=322210431200953&input_token&origin=1&redirect_uri=https%3A%2F%2Fd2jkbvejwdwk9j.cloudfront.net%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=245f47e63499ffbdc863e8cf1b6c6740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 17 Jan 2023 09:41:33 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
bWGyQwIGvcEuFMOnBRhtAJgL/GMIsGFvxhgqFJ+6H4SXYezINoZlqlaeDKkcnv48lYh9Hymy/ovOSwWQgZjl/w==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://d2jkbvejwdwk9j.cloudfront.net
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 9EB5
0
18 B
Document
General
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://d2jkbvejwdwk9j.cloudfront.net
Referer
https://d2jkbvejwdwk9j.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://d2jkbvejwdwk9j.cloudfront.net
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 09:41:33 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange function| AMPStrategy object| _cbv_strategies object| _cbv object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady string| cacheBuster string| appBaseUrl object| imgEnhancerBreakpoints boolean| isLoggingEnabled boolean| isPreviewPage boolean| isLivePreviewPage boolean| pwaEnabled undefined| swCacheDisabled function| initInfographics object| _RFE_module_app_code object| $dom function| webpackJsonp_RFE_module__name_ object| JSON3 function| setImmediate function| clearImmediate object| RFE function| renderExternalContent function| loadScript function| createHTML function| isInsideCms function| ajaxGet function| ajaxPost function| root object| moduleManager function| FireAnalyticsTagEvent function| FireAnalyticsTagEventOnDownload function| FireAnalyticsTagEventOnSearch function| FireAnalyticsTagEventOnSearchResultItemClick function| FireAnalyticsTagEventQuiz function| FireTealiumEvent function| FireTealiumEventOnDownload string| renderGtm object| dataLayer object| utag_data undefined| utag_from undefined| utag_searchKeyword object| nav2In object| nav2Sec object| secStyle object| Infographics number| __infographcisCount boolean| utag_condload string| utag_lh object| platform string| url string| parent_domain object| utag function| utag_condloader function| toBytesUTF8 function| fromBytesUTF8 function| trunc100bytes boolean| __tealium_twc_switch function| Visitor object| s_c_il number| s_c_in object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| _sf_startpt object| _sf_async_config number| _sf_endpt object| google_tag_manager object| google_tag_data object| _cb_shared function| Kraken function| top100 object| _top100q object| _top100 string| a object| d number| js object| s boolean| isPreview function| OneSignal number| numVisitsTrigger function| promptAndSubscribeUser object| pangeaConfiguration object| bar_data object| defaultLoaderContext number| __oneSignalSdkLoadCount function| __jp0 object| _cbm function| fbq function| _fbq object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick object| s_bbg function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap number| s_objectID number| s_giq object| s_i_bbgprod_bbgentityrferl object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT object| _RFE_module_prog_install_prompt object| _RFE_module_facebook_api object| _RFE_module_collapsible object| _RFE_module_highlights object| _RFE_module_hljson_loader object| _RFE_module_smooth_scroll object| _RFE_module_google_translate object| _RFE_module_swipe_slide object| _RFE_module_simple_captcha object| _RFE_module_analyticstag_event object| _RFE_module_slider_fred object| _RFE_module_back_to_top object| _RFE_module_whatsapp_share_button object| _RFE_module_sticky_player_history_handler object| _RFE_module_copy_to_clipboard object| _RFE_module_accordeon object| _RFE_module_transition_toggler object| _RFE_module_nav20 object| _RFE_module_live_b_drop function| fbAsyncInit boolean| StickyPlayerHistoryHandlerAttached object| FB object| __buffer

22 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: FTlB_9tjj8w
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU0T1RVMU5EQXlOVFkzT0RJd01URTVOdz09EMvamZ4GGMvamZ4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: bkq6KGaW7_o
.rambler.ru/ Name: ruid
Value: 1CIAAExtxmO/by2JAWP1BQB=
.demdex.net/ Name: demdex
Value: 39217678517684308272914210891794488902
.d2jkbvejwdwk9j.cloudfront.net/ Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg
Value: 1
.d2jkbvejwdwk9j.cloudfront.net/ Name: adtech_uid
Value: 6008946c-c9e5-49fe-9ae7-9d88ee4d7df7%3Ad2jkbvejwdwk9j.cloudfront.net
.d2jkbvejwdwk9j.cloudfront.net/ Name: _cb
Value: DB7784DVbk4yB0XAjQ
.d2jkbvejwdwk9j.cloudfront.net/ Name: _chartbeat2
Value: .1673948493082.1673948493082.1.DHiNhfBwTuxnBMeiNwDmqUzYb4Deu.1
.d2jkbvejwdwk9j.cloudfront.net/ Name: _cb_svref
Value: null
.yadro.ru/ Name: FTID
Value: 1ZncrD25-PuU1ZncrD001Fqe
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y8ZtTQAAAHOHvAOY
.yadro.ru/ Name: VID
Value: 24NV_925bkuU1ZncrD001Rw6
.mail.ru/ Name: VID
Value: 2dUAGY1EEgoF00000n1YP42F:::0-0-0-8e0c60d:CAASEB-XAc_fNquJUtppHBnZD7YaYFnkkLldroSIKLYQfGDcAPL04q5snQMT3o06rzloVnMjCvJ0vF6k8fwMioIDIePTpP20yg3atlHKugqfsvXt27TbV_HhHL8TWfhlCNVHHGKkvkq-l_PWaj6-JE0EdgptcQ
.vk.com/ Name: remixlang
Value: 6
.vk.com/ Name: remixstlid
Value: 9100176494347682876_UhwxIo6WdSIOTp85a1Zqz89sRyQFTlG7rxKwzD6QAtk
.d2jkbvejwdwk9j.cloudfront.net/ Name: _fbp
Value: fb.2.1673948493219.2103037743
.dpm.demdex.net/ Name: dpm
Value: 39217678517684308272914210891794488902
.d2jkbvejwdwk9j.cloudfront.net/ Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg
Value: 1406116232%7CMCIDTS%7C19375%7CMCMID%7C39191244591123164642917829698432491677%7CMCAAMLH-1674553292%7C6%7CMCAAMB-1674553292%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1673955692s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19382%7CvVersion%7C2.5.0
d2jkbvejwdwk9j.cloudfront.net/ Name: clickCounter
Value: 0
.d2jkbvejwdwk9j.cloudfront.net/ Name: cebs
Value: 1
.d2jkbvejwdwk9j.cloudfront.net/ Name: _ce.s
Value: v~821e126d045322df11a86ace77b0527dc6fc4bb1~vpv~0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
counter.rambler.ru
counter.yadro.ru
d1i74xb5g7uiki.cloudfront.net
d2jkbvejwdwk9j.cloudfront.net
d2qii21258vzz5.cloudfront.net
dpm.demdex.net
gdb.rferl.org
kraken.rambler.ru
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
tags.tiqcdn.com
top-fwz1.mail.ru
vk.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
104.75.88.194
143.204.215.58
15.236.117.205
2600:9000:2057:5000:a:e71c:2080:21
2600:9000:2057:6400:18:1fcd:351:7bc1
2600:9000:2057:a00:f:5e62:e5c0:21
2600:9000:214f:a600:11:fbd8:f840:21
2606:4700::6812:e234
2606:4700::6813:9308
2a00:1450:4001:802::200e
2a00:1450:4001:806::2008
2a02:26f0:11a:38c::1317
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::714
3.231.65.19
34.250.33.236
52.209.157.185
54.229.62.148
81.19.89.18
87.240.129.133
88.212.201.198
95.163.52.67
02aa8c4ab6ce64da3a27f4d75f35ad2c9c7aafa92b5f8d7a73235ef61b29683f
02b4a199941d273ca2b15e72a6006ebef6c81be7fcefaed6f6046d3f3abd07e2
051972e000ff5664094db8e3fbc4df59a39e192f397bb19d1a3937fd25017f4f
07ad0c6a0d604121d841948c312420077d26ba1c2a0c5dddaeba02185ff85581
07b51bf0165430c4325f1c50a3c6e8a1c35a4052b0e14218e51b4e4ae26caf5a
09c8e4ff5357d42e89b383bdef53f121ed85f99a6647f70fd6fb26450083f4fd
0d1b37fbc7045c2e154756646ab4e00f5d196449b008ab9e39f63ccb3b32229d
0ed946adc3151bbd77f32df1208c55e2ec7cc4a339e67414d1ff8394011b9bc6
169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
1f669c30e9c1059872156f451e5270942d9b9b27ed7dc7cb148353ed99511b10
1fa15340a9311e1f20c2edefca19f68af5749ffb7f8a940749a2c7e3b6f4075f
2286f307668c84511e2271af5e2805b4400511bca2a28edbabd32fcdcea17c7c
28739d522688851282a68d9a11e67bef91c6f51297d9ec22273d9ee4c9a2ff73
2b73dbcd3b9961d4cd3fab1527a0fcd079fa641bd7322174baca5dfeedc04748
2c2a09defd9a7843207e76c66b9597a36e28c6496436429a88e0f94af35c31ca
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2dd96f8157c87be4ad34c76e5b591145c56c76aa8f5d1269dc56a0739e1e6c49
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
35b12229634acf68184dffcc1aa7de743e83b7b20ed3d47c8b9893b768081065
39633b0e96b199bed8f2a47981751de6961c806b43e5d101bb97dc4d9dc0ed1d
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
402ec48f00be5623c8b265c515b1f222d801b88916eeefe675049298c04a1012
42d4c71445be38a6034e89e17cd8cc5a96cd6cc2fa3eeb5448b14835533b24ed
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f
4f4fd62e64e8d2e4866b80ae77ea3e806513dc59febdc7a4eb87e275437b02d7
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55caeac7f9380a8a61dca0f77c7caa9e3c86d7778c51118f97fbff50f4945dcf
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
63e569e817abd3cd5ccd55a1bec543ed0a64f8075091aa5a7e51e8dbb1942ea1
66aad34bcca61b12df7eb5629a5fbe7945af502b83a15a9e978dd87b36498623
696e0b20a0da7dfb5c6b915d3182018ef009e8ed48ff71fdfd98210916961c2d
71cb30430b2978855689e1011cc5dce4084a518a3a5662aca8b4f618f190377d
76b0aff1bfa9a26dc928b378e25e8c4b53d032431a1babb546d212ce96681e86
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
7acf2102021a38c959631778d248dceeaffd22548e56bb3636e9de63fd0531b4
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
805f6fc09afbc56b4f515472aa2eb2831039d3a261a00ddb8e086d961f62e766
843114448aaeeda7e8caa0cf76d61e0c63b8bffccd34517483363fdb15cdc80c
845181f044ee8b63b75a73057e107cbe659e210c86dc0dfebd77c30a0ca36051
87c85afa4bf53e001c02928a0f53bbc6018e645882d40b8eb393ef3374ebbf78
94e48660eccab7ff0fc135096e5e98d6af8752dec43634df77f0b0af45563223
9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466
99fb01f45a2d245b12dad2aa7b8b34c0a35b8b38389c43c4540253da177d2992
9ef676d888bbc23be3a78ad82c14dac6c1ad74ecb4144bf7e03192fc469c1e6d
9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4e403c7245b00375232364f36d09d16a96488154a2414d40ce211e4693ef8d4
aabf62c0a841e03a747c99313530d0412bef3b236d39d3d2cb11550c41fac1c7
b0c794509b1670a9ae36905ddc26c37c3fc71ec011628880315fc3737f8897f2
b6f1c2752fb064b1ccbff219812da8ba172b24a921f4f0d5527b0c9c7b683b41
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d12b917748670cabc4f27972b671c65babf3a810f4a954bcdb838ec9cebe042f
d12c6745eca14e06d4dea70f4c2bd875769b349770d04300477ab18d0db005d4
da025d69d2edd950b01bcb1b7654b9b5a2587c92453acc5a7a6876365beb9944
df7fb83679b8d53c7446697e600a8fff012ec1c6bf782f7e05d2584f42964930
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a903a5543ea3db161f5e3e4aa57a3f31f97b0320a45e0ae6885b501976952
e43708904d8e075741ebb8426abea38641fd92eea2da8b962eda679fca8c8028
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc
e88ad0296c47a94cd7fbeb9188290220015c7ffa51cd434bdfb226cc8c61e002
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67812d5d85a30996e4ced43a9157823281e7830bd42b8d46fba8b06b870bf98
f7d5f56907337f09fd7f88163e91f211416cd206cb3f622c8b232323037f797d
f8008f34c91399b89a70f1be166576e2fdd41a509697a2374cfdfa4ce9d4c0e8
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5