gdbrferl.bypassnews.online Open in urlscan Pro
2606:4700:3034::6815:2a7b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gdbrferl.bypassnews.online/
Submission: On December 15 via api (December 15th 2023, 5:27:05 pm UTC) from US — Scanned from US

Summary HTTP 75 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 18 domains to perform 75 HTTP transactions. The main IP is 2606:4700:3034::6815:2a7b, located in United States and belongs to CLOUDFLARENET, US. The main domain is gdbrferl.bypassnews.online.
TLS certificate: Issued by GTS CA 1P5 on November 7th 2023. Valid for: 3 months.

This is the only time gdbrferl.bypassnews.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	2606:4700:303... 2606:4700:3034::6815:2a7b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:20e... 2600:9000:20e2:4a00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
16	2600:141b:1c0... 2600:141b:1c00:2395::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:141b:1c0... 2600:141b:1c00:238b::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
1 4	3.94.224.106 3.94.224.106	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:24f... 2600:9000:24f1:6200:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	63.140.38.139 63.140.38.139	14618 (AMAZON-AES) (AMAZON-AES)
1 1	44.198.134.182 44.198.134.182	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::714	54113 (FASTLY) (FASTLY)
1	87.240.137.164 87.240.137.164	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2 4	18.173.219.113 18.173.219.113	16509 (AMAZON-02) (AMAZON-02)
1	3.208.135.151 3.208.135.151	14618 (AMAZON-AES) (AMAZON-AES)
1	63.140.38.163 63.140.38.163	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
75	19

18 2606:4700:3034::6815:2a7b (United States)

ASN13335 (CLOUDFLARENET, US)

gdbrferl.bypassnews.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81c::200e (United States)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:141b:1c00:2395::1317 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

gdb.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:238b::1317 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

docs.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.94.224.106 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-224-106.compute-1.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:24f1:6200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.139 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-139.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.198.134.182 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-134-182.compute-1.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.173.219.113 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-113.jfk52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.208.135.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-135-151.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.38.163 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-163.data.adobedc.net

ssc.svoboda.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	rferl.org gdb.rferl.org — Cisco Umbrella Rank: 159396 docs.rferl.org — Cisco Umbrella Rank: 623693	225 KB
18	bypassnews.online gdbrferl.bypassnews.online	710 KB
10	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1001	82 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	1 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2199	56 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 208 bbg.demdex.net — Cisco Umbrella Rank: 140299	5 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1767 mab.chartbeat.com — Cisco Umbrella Rank: 2658	35 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4165 onesignal.com — Cisco Umbrella Rank: 1473	74 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 71	69 KB
1	svoboda.org ssc.svoboda.org — Cisco Umbrella Rank: 849044	373 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1455	201 B
1	vk.com vk.com — Cisco Umbrella Rank: 7251	612 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1110	517 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 183159	275 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	90 KB
0	Failed function sub() { [native code] }. Failed
75	18

	Domain	Requested by
18	gdbrferl.bypassnews.online	gdbrferl.bypassnews.online
16	gdb.rferl.org	gdbrferl.bypassnews.online
10	tags.tiqcdn.com	gdbrferl.bypassnews.online tags.tiqcdn.com
4	sb.scorecardresearch.com	2 redirects gdbrferl.bypassnews.online
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	connect.facebook.net	tags.tiqcdn.com connect.facebook.net gdbrferl.bypassnews.online
3	dpm.demdex.net	1 redirects gdbrferl.bypassnews.online
2	www.facebook.com	connect.facebook.net gdbrferl.bypassnews.online
2	static.chartbeat.com	tags.tiqcdn.com
2	cdn.onesignal.com	gdbrferl.bypassnews.online cdn.onesignal.com
2	docs.rferl.org	gdbrferl.bypassnews.online
2	www.youtube.com	gdbrferl.bypassnews.online www.youtube.com
1	ssc.svoboda.org	gdbrferl.bypassnews.online
1	ping.chartbeat.net	gdbrferl.bypassnews.online
1	vk.com	gdbrferl.bypassnews.online
1	mab.chartbeat.com	static.chartbeat.com
1	onesignal.com	cdn.onesignal.com
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	tags.tiqcdn.com
1	bbg.demdex.net	tags.tiqcdn.com
1	www.googletagmanager.com	gdbrferl.bypassnews.online
0	blank Failed	gdbrferl.bypassnews.online
75	22

This site contains links to these domains. Also see Links.

Domain
www.sibreal.org
www.severreal.org
www.factograph.info
www.facebook.com
twitter.com
bit.ly
vk.com
t.me
soundcloud.com
www.instagram.com
ok.ru
svobodaradio.livejournal.com
www.threads.net
svoboda.bypassnews.online
facebook.com
smarturl.click
archive.svoboda.org

Subject Issuer	Validity	Valid
bypassnews.online GTS CA 1P5	`2023-11-07` - `2024-02-05`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.rferl.org R3	`2023-10-12` - `2024-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-24` - `2023-12-23`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2023-03-16` - `2024-02-20`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
ssc.svoboda.org DigiCert TLS RSA SHA256 2020 CA1	`2023-01-18` - `2024-01-18`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gdbrferl.bypassnews.online/
Frame ID: 5078F46A1089A53088EAB3D51D718B21
Requests: 74 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 413291E191357AE2617553E52AC85F41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Радио Свобода

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

75
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

22
Subdomains

19
IPs

2
Countries

1524 kB
Transfer

3113 kB
Size

22
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sibreal.org/
Title: Сибирь.Реалии

Search URL Search Domain Scan URL

URL: https://www.severreal.org/
Title: Север.Реалии

Search URL Search Domain Scan URL

URL: https://www.factograph.info/
Title: Фактограф.Архив

Search URL Search Domain Scan URL

URL: https://www.facebook.com/radiosvoboda

Search URL Search Domain Scan URL

URL: https://twitter.com/SvobodaRadio

Search URL Search Domain Scan URL

URL: http://bit.ly/2vQLCnh

Search URL Search Domain Scan URL

URL: https://vk.com/public12637912

Search URL Search Domain Scan URL

URL: https://t.me/radiosvoboda

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-svoboda

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radiosvoboda/

Search URL Search Domain Scan URL

URL: https://ok.ru/radio.svoboda

Search URL Search Domain Scan URL

URL: http://svobodaradio.livejournal.com/

Search URL Search Domain Scan URL

URL: https://www.threads.net/@radiosvoboda

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/live/audio/81
Title: Эфир

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3a%2f%2fsvoboda.bypassnews.online%2ft%2f282.html
Title: Поделиться в Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3a%2f%2fsvoboda.bypassnews.online%2ft%2f282.html&text=
Title: Поделиться в Twitter

Search URL Search Domain Scan URL

URL: https://smarturl.click/nAXV
Title: <img src="https://gdb.rferl.org/C86A4A2C-03D9-4815-A638-401729E3B40F_w160_r1.jpg" alt=" " />

Search URL Search Domain Scan URL

URL: https://smarturl.click/db0z
Title: <img src="https://gdb.rferl.org/01000000-0aff-0242-2335-08dbfbeb83b8_cx0_cy17_cw0_w160_r1.jpg" alt="Фотографии из "И.Джуха. Греки СССР. Архив Национальной Памяти"" />

Search URL Search Domain Scan URL

URL: https://smarturl.click/o0ya
Title: <img src="https://gdb.rferl.org/01000000-0aff-0242-266b-08db8e897e33_cx0_cy10_cw0_w160_r1.jpg" alt=" " />

Search URL Search Domain Scan URL

URL: https://smarturl.click/05vv
Title: СВОБОДУ АЛСУ

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/femvremya?int_cid=banner:femvremya-gr-2055--1c-thin
Title: ФемВремя

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/p/6404.html?utm_source=rferl-russian&utm_medium=banner&utm_campaign=Signs-of-Life_banner_GR-1c
Title: Признаки жизни

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/money?utm_source=rferl-russian&utm_medium=banner&utm_campaign=Money_on_Freedom
Title: Деньги на Свободе с Максимом Блантом

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/subscribe
Title: Почтовая Рассылка

Search URL Search Domain Scan URL

URL: https://svoboda.bypassnews.online/schedule/radio/81
Title: Расписание Вещания

Search URL Search Domain Scan URL

URL: http://archive.svoboda.org/
Title: Архив 1997-2006

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218

Request Chain 52

https://cm.everesttech.net/cm/dd?d_uuid=66652177629258231391576419433279728830 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXyMXQAAAKmYRwNz

Request Chain 59

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 61

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&c9=

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gdbrferl.bypassnews.online/ 123 KB
25 KB 386ms
289ms Document
text/html 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d9ea58f2dd35bcb458a1f46585329290d7ce423274b436da1de0d8138722449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: must-revalidate, max-age=120
cf-cache-status: DYNAMIC
cf-ray: 836064dffc014bbd-BUF
content-encoding: br
content-language: ru
content-type: text/html; charset=utf-8
date: Fri, 15 Dec 2023 17:26:52 GMT
expires: Fri, 15 Dec 2023 17:28:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igRNipxgWsu5lCybEwzKpB%2BmRMECNvoRKf7AXsED4z%2BAV9lZJuvIy%2F2k4Snvq3xC3lF1KxivcDWbZEAZO9sLc1HwtCfR3MyH7yPzA4stiCGkktULsdJ6BqFyJkLyVHdlfdVxQxE6vEgi3Dk6vH6RujQA2tw3RQmb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 RFE-ru-RU.css
gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/ 291 KB
292 KB 343ms
340ms Stylesheet
text/css 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7abefad5fa0588ec9511f411c8f459049380f08e6a5e4587a403c31020172bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bcs0a0x02VKDiKh2pCiLItXU6fuwuj3ASe63tg73R6UdZwAdCrrf76CEwFB4%2B%2B%2BF%2BdOT8v1w2whuSPOmAUzVeYnQKaHCHCtmMItpb87ltLv5brDAhUPRwvSLYtzdAwX7jpbaO%2FBpjxsclAbZtlwxCnzWrGTbrqh52g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2290994, no-transform
cf-ray: 836064e1dd004bbd-BUF
expires: Thu, 11 Jan 2024 05:50:06 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
1 KB 143ms
28ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MsLd0ENYttoJNN9snQW4N9fSCmBP2oEb
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:22:09 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 293
x-amz-server-side-encryption: AES256
etag: W/"3f9113fdbc232b35c3b669ac64c6d145"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 2WONEeD_6LQKsRWlOumvTThgPqUcUBqjJMGeJ4WxuT3bLg125C34vg==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 117ms
54ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
content-security-policy-report-only: base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';script-src 'report-sample' 'nonce-jGU0abdISiIQ-PUNN1AXSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline';report-uri /cspreport
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 15 Dec 2023 17:26:52 GMT

GET
H2 200 infographics.b Show response
gdbrferl.bypassnews.online/Scripts/responsive/ 4 KB
4 KB 249ms
248ms Script
application/javascript 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 05:50:47 GMT
date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=loTjLJwrdQIEhBVuiNlYlNQYc316COnubfQggWmp7bR87iAdnI8c0YhCGfyGfXb%2B9tPaEa5Hlb7hxeIOvnSyJ%2FUJEW8j01Tv27kKDBrHoRYV2VG3S3K8oQKINnjX6Nl2SHOn7B2is4tgBKmvEUyoLhdQYLacwqR4zg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, no-transform, max-age=2291035
cf-ray: 836064e1dd024bbd-BUF
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 loader.b Show response
gdbrferl.bypassnews.online/Scripts/responsive/ 86 KB
87 KB 264ms
263ms Script
application/javascript 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd5d0b1889b5ee3a04a81f46a34adb21e897ad828f6f211901339e0ccc9a45d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 11 Jan 2024 05:59:03 GMT
date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333
content-type: application/javascript; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEQmHhsKGPMg3Qj15U0eAgyr3uHVCebdTmMFnX9HoDi%2BW3IFKzrkPfaBExKIjQucyRcuVeGhnatxOjBalGdpDRuo0tAMZLsAsapgeP2iuHXpjysEZNm%2FwaY%2BvS6cSAk80ftP%2FSjinPO43V5f5930Sy7DMQPu%2BsITcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, no-transform, max-age=2291531
cf-ray: 836064e1dd034bbd-BUF
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Skolar-Lt_Cyrl_v2.4.woff
gdbrferl.bypassnews.online/Content/responsive/fonts/ 33 KB
33 KB 328ms
327ms Font
application/font-woff 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/
Origin: https://gdbrferl.bypassnews.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
content-type: application/font-woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4F3JDMiwK%2BhleAGLkys3CEV9DMpmTVp2JkKF6dawPPrWXVr5DDME2Tb5ZbCQmUAsM6IWKd8yNQFLfQhz75bshR6co4JVBuuYFV72Y7RmAe5%2BMYFwGSB9Y1hyKBA0w1b5H6zRxLrnsQeTexEbnfD0%2F9VgwiQejwOfsA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 836064e1dd044bbd-BUF
expires: Sun, 14 Jan 2024 17:26:52 GMT

GET
H2 200 sectionversioncss
gdbrferl.bypassnews.online/api/customization/ 1 KB
847 B 231ms
230ms Stylesheet
text/css 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/api/customization/sectionversioncss?sectionversionid=6915&cv=4

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16827ceeb4edac47def7e935c4050bcbf979b05e5054f57ceb6b850bb0f3dde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/customization/sectionversioncss?sectionversionid=6915&cv=4
content-type: text/css; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5NUZ7taRI2dkGVA2MFl5nQlBhPMFws4T5ezQ3hDhL51%2FJAVv2IKOgGhaeTm9ZIy%2FkaaQSSLvMYvYUAckd8tHddV6OehHD9KjjqAO5BFj9l8WYmirpgRUvneQ7KONqq6B0DkaevRQXf2N0jKDBx2x3Z02pvMFLbFZlg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=1017690
cf-ray: 836064e1dd054bbd-BUF
expires: Wed, 27 Dec 2023 12:08:22 GMT

GET
H3 200 logo-compact.svg
gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/ 6 KB
3 KB 229ms
228ms Image
image/svg+xml 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/logo-compact.svg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-compact.svg
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwPoJkqhRSqkNX458KjCCBmEEy61XwzqE3pyGFBFw2ZhaDn1cHbC39pG4GWr6DcRtvGGEaJ0zlfeNdSmsYKx%2B9erLJ01ygo1JQd7xwuiclW5yT51Rhm8J9vPa2tmUqaO2f2fK8O9EsNF6IlyGKauYwH1OSJLumdGhg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1466221
cf-ray: 836064e24dab4bc9-BUF
expires: Mon, 01 Jan 2024 16:43:53 GMT

GET
H3 200 logo.svg
gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/ 9 KB
4 KB 257ms
257ms Image
image/svg+xml 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/logo.svg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo.svg
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtrwiiHxJex574PlqyGlldVu2KiaSGM4Q4dbAmFmN9LWRKhjrSPMwr1NFxUEVQjQlPbIJmZPc4ZVrV4yJUJjKFf5VXuIpv8ITINFC1OIDZjY35Acn4z%2B1Mi9YzGJR2r2%2BLTJhmV9W1ypbA6m3C6z3rDfBp%2F5eeqKag%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1529951
cf-ray: 836064e24dad4bc9-BUF
expires: Tue, 02 Jan 2024 10:26:03 GMT

GET
H3 200 logo-print.gif
gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/ 2 KB
3 KB 253ms
253ms Image
image/gif 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/logo-print.gif

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print.gif
content-type: image/gif
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh8Lpb4ukaT9xb2z7tqgkjKBFtkM9UT3HFjO%2B%2Fh4MkrUGBjILpkkuYGQNP2MBK4c1DwcZqmyKPU4L1HCSoekksGOr%2Bfv2KAZ5mOQoAYWSTKJmM3EyfsYSmJYL%2BOblhxNlL%2FT5SjqB32MGwAKt%2FwDHCqi3RNLdNglig%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1886574
cf-ray: 836064e3be7b4bc9-BUF
expires: Sat, 06 Jan 2024 13:29:46 GMT

GET
H3 200 logo-print_color.png
gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/ 6 KB
6 KB 227ms
225ms Image
image/png 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/img/logo-print_color.png

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:52 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/RFE/ru-RU/img/logo-print_color.png
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dJpfMzedJvQkKKog2xwf0BNbVNT6MWRzfE7SjoWHOJcFVagV6DS434KsBwgUeLiTGUeVKUVu7TxACdBMhKrs7cCpZNjAtNHvlbH9dJEBRfn0wYR7lbJ70Tsaq6BZpS1n%2BCjRBbnMAn4GpU6nDdvQ6aoDaPwQoR4zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1571720
cf-ray: 836064e3ee924bc9-BUF
expires: Tue, 02 Jan 2024 22:02:12 GMT

GET
H3 200 player-spinner.png
gdbrferl.bypassnews.online/Content/responsive/img/ 978 B
2 KB 147ms
146ms Image
image/png 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/img/player-spinner.png

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:53 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/img/player-spinner.png
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HvwGt4j%2BPKfXPrQGlKX6YzLcFf4x6h4czq9DVxTtJh68Nqn3RWTLj67tzNdc6ceFkRgxOyBdFbPf9D2xRIZQV%2B6TFwpTORyzMYmph1fAoqNUNYSnI6E1SRZkX7FJ9nWEw6T2yD%2B%2F3347%2FrJBh6S2B1rJxYy7wcLf2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2079452
cf-ray: 836064e558834bc9-BUF
expires: Mon, 08 Jan 2024 19:04:25 GMT

GET
H2 200 01000000-0aff-0242-9f6b-08dbfd69484e_w100_r1.jpg
gdb.rferl.org/ 1 KB
2 KB 175ms
39ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-9f6b-08dbfd69484e_w100_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

773c375ffd56d8ee4c37b354dd85cbd1103315d3d46586d2bdaa067499528fdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 15:01:29 GMT
server: Akamai Image Manager
etag: "4135"
content-type: image/avif
cache-control: private, no-transform, max-age=2583313
content-length: 1481
expires: Sun, 14 Jan 2024 15:02:06 GMT

GET
H2 200 banners-styles.css
docs.rferl.org/branding/cdn/html_banners/ 4 KB
1 KB 176ms
37ms Stylesheet
text/css 2600:141b:1c00:238b::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.rferl.org/branding/cdn/html_banners/banners-styles.css

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:238b::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Feb 2018 10:24:04 GMT
server: Microsoft-IIS/10.0
etag: "0ba49726b9ed31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 849
expires: Sun, 14 Jan 2024 17:26:53 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 103ms
38ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2083
etag: W/"a87c48d211877c49b878679b2e3cdab8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 836064e608f64bc9-BUF
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 17:26:53 GMT

GET
H3 200 conf.js Show response
gdbrferl.bypassnews.online/ 6 KB
2 KB 286ms
283ms Script
application/javascript 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/conf.js?x=333

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1d387c62d1ae77771f1e294a0be89ae0926de0ca224613d3b39412966b39317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:53 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/conf.js?x=333
content-type: application/javascript
content-language: ru
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bkFw6QctCoGnT1fkeD037KH8u0YTCF21VpcR4lc9SyO2tKwNYZO2DDgkvYx0DgvW1OaWF0joTIo3kyuLmkPTlT53X0zAZMi27rKq%2BQSCHFvgvL1HRJxNj79n2ciX58Fj8%2FgcpdI2%2FBs%2FDSNyVnC9bnQhYgT9BoKjA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2291156
cf-ray: 836064e5a8b74bc9-BUF
expires: Thu, 11 Jan 2024 05:52:49 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/ 216 KB
67 KB 25ms
23ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d23221b6/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 16:21:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3945
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68553
x-xss-protection: 0
last-modified: Wed, 13 Dec 2023 02:47:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 14 Dec 2024 16:21:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 286 KB
90 KB 107ms
45ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5ffcfbb3ab5460e760b9aa3d3303fcd33214392e24c8797f1865b12136ede566

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91285
x-xss-protection: 0
last-modified: Fri, 15 Dec 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Dec 2023 17:26:53 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 103 KB
31 KB 33ms
32ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ktuod7oUGQ1iM5mrE4cEesdd9KazSkhI
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:23:48 GMT
last-modified: Thu, 14 Dec 2023 13:08:46 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 186
x-amz-server-side-encryption: AES256
etag: W/"3b5d35e0a59e2ad66782cf5411d15344"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: wV8O10ClOKEtIgVF5Ws7wvm4MkhPcDywBH6x6aXPILUZUU7ItjFqEw==

GET
H3 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
gdbrferl.bypassnews.online/Content/responsive/fonts/ 40 KB
41 KB 243ms
242ms Font
application/font-woff 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333
Origin: https://gdbrferl.bypassnews.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:53 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type: application/font-woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiZ5n3bYyTVrYL0vJCHVyVsVmrR5mw0Kw%2Bta8O1%2FQ4EoRitFaBCjIkzT%2FOWrC%2BZHPEQ4aI7AzF7H4ZMrNmao66dT%2F31qP9qwY5x5%2FcZ0JTc4iN5oYc2V%2B7uSHRFkPDlcXYIKAiVxcHHh6K4eaeFWWGX5I4akEEBLXw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 836064e5b8c24bc9-BUF
expires: Sun, 14 Jan 2024 17:26:53 GMT

GET
H3 200 icons-font-1698069833780.woff
gdbrferl.bypassnews.online/Content/responsive/fonts/ 18 KB
19 KB 359ms
358ms Font
application/font-woff 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/fonts/icons-font-1698069833780.woff

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333
Origin: https://gdbrferl.bypassnews.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:53 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/fonts/icons-font-1698069833780.woff
content-type: application/font-woff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucQQf1jmcKXR4Kuz99oiYtDsQihqrFIAJOa0bdrqsLUVs1akRKRGOY2TfjHRDGUNnYTglhy1WGVi63Sbd9NEfdrFjM0yqyNZrqDdG8v6%2BMMzGcRvRnJyCSYUElMKv1XuUv5hGbSw6tW259MPeR34sJCoCqkt2psGyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=2592000
cf-ray: 836064e5b8c34bc9-BUF
expires: Sun, 14 Jan 2024 17:26:53 GMT

GET blank
/ 0
0

GET
H3 200 image-placeholder.svg
gdbrferl.bypassnews.online/Content/responsive/img/ 709 B
1 KB 314ms
313ms Image
image/svg+xml 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdbrferl.bypassnews.online/Content/responsive/img/image-placeholder.svg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/Content/responsive/RFE/ru-RU/RFE-ru-RU.css?&av=0.1.0.0&cb=333
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 15 Dec 2023 17:26:53 GMT
server: cloudflare
vary: Accept-Encoding
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/Content/responsive/img/image-placeholder.svg
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uq8F9mYsH1yCwdS10bvYyT8xrLtDbgaTnTkKu9pjbQxjs5dI0DnS0MVj9v%2FB%2B%2Fb3zRZjP5GSPociOLf%2FRXDUWW8%2FHDCytqvZovfISdrWBTVqpdld2EPxSdTJ9rrHAdgbFO2ARbMz5I0Nv8nMLwuB70gw2gUHl%2F8Qxw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=596526
cf-ray: 836064e5f8e84bc9-BUF
expires: Fri, 22 Dec 2023 15:08:59 GMT

GET
H2 200 utag.53.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 2 KB
1 KB 31ms
30ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e0ae38ad10707a4befaecb8ff5374a2a171ebf91ff5354c7c6c4105e577a731

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: atE4zcpCtIUIdoPuOD3xxc_B35_nmcb0
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:23:41 GMT
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 193
x-amz-server-side-encryption: AES256
etag: W/"1e22013109dac0e96c0c2b6a831a3dde"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: HeVv6J5593d4pERQM9z-rJDHxN4Y2GsL0vsV6mPjL7q3r49KI1iCXQ==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218

362 B
921 B

60ms
59ms

XHR
application/json

3.94.224.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Server

3.94.224.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-224-106.compute-1.amazonaws.com

Software

Resource Hash

91c914137a9d0d6fe085ef127c37bbf15e4934eb42d40cb79b7c52a057fe7ef7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-1-v053-027a201c5.edge-va6.demdex.com 6 ms
pragma: no-cache
date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: AAVqB+0qSaM=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://gdbrferl.bypassnews.online
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 309
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-0ad568775.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: Koej3PRlTl0=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1702661213218
access-control-allow-origin: https://gdbrferl.bypassnews.online
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 banners-styles.css
docs.rferl.org/branding/cdn/html_banners/ 4 KB
1 KB 35ms
35ms Stylesheet
text/css 2600:141b:1c00:238b::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.rferl.org/branding/cdn/html_banners/banners-styles.css

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:238b::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Feb 2018 10:24:04 GMT
server: Microsoft-IIS/10.0
etag: "0ba49726b9ed31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 849
expires: Sun, 14 Jan 2024 17:26:53 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 133ms
35ms Script
application/x-javascript 2600:9000:24f1:6200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:6200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 15:53:42 GMT
content-encoding: gzip
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 01:53:37 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 5591
etag: W/"657a6021-5f55"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 3Btq8kxY0qQK_iSm0wA0zP6zLuphJEqI3_7o6k7yjAP5x2ul2lNJrA==
expires: Fri, 15 Dec 2023 17:53:42 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 43ms
42ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2067
etag: W/"e3be409ac3c100e2a5d3f264ec260551"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 836064e719e74bc9-BUF
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Mon, 18 Dec 2023 17:26:53 GMT

GET
H2 200 01000000-c0a8-0242-240e-08dbe139bf08_w408.png
gdb.rferl.org/ 6 KB
6 KB 96ms
94ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-c0a8-0242-240e-08dbe139bf08_w408.png

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

97535c6daed69c9d598e8ba5d54299452e9e2eb8e794a05bf349a9c57b9dd3bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 30 Nov 2023 12:53:56 GMT
server: Akamai Image Manager
etag: "26591"
content-type: image/avif
cache-control: private, no-transform, max-age=1279700
content-length: 6091
expires: Sat, 30 Dec 2023 12:55:13 GMT

GET
H2 200 08ef0000-0a00-0242-c6be-08d9c3dc074c_w210.png
gdb.rferl.org/ 3 KB
3 KB 225ms
223ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/08ef0000-0a00-0242-c6be-08d9c3dc074c_w210.png

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

dccbe7deb05c1987a8b08cd273ab53e23ec510efecbefe76f4e3fa63bf40b529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 30 Nov 2023 13:02:24 GMT
x-serial: 40
server: Akamai Image Manager
x-check-cacheable: YES
etag: "10854"
content-type: image/avif
cache-control: private, no-transform, max-age=1279967
content-length: 3081
expires: Sat, 30 Dec 2023 12:59:40 GMT

GET
H2 200 B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg
gdb.rferl.org/ 6 KB
7 KB 191ms
189ms Image
image/webp 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/B81FD519-4CAE-4E99-AD73-9CC9D8190D91_w282.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

02b4a199941d273ca2b15e72a6006ebef6c81be7fcefaed6f6046d3f3abd07e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 10 Aug 2022 10:31:48 GMT
x-serial: 764
server: Akamai Image Manager
x-check-cacheable: YES
etag: "12538"
content-type: image/webp
cache-control: private, no-transform, max-age=2592000
content-length: 6460
expires: Sun, 14 Jan 2024 17:26:53 GMT

GET
H2 200 08700000-0a00-0242-ac8a-08da02a07732_w600.jpg
gdb.rferl.org/ 73 KB
73 KB 113ms
112ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/08700000-0a00-0242-ac8a-08da02a07732_w600.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

316bbf0753f79aff5289214e68da8453d6440e6f0014f2055f21007110de8027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 12 Feb 2023 08:11:16 GMT
server: Akamai Image Manager
etag: "196769"
content-type: image/avif
cache-control: private, no-transform, max-age=947736
content-length: 74313
expires: Tue, 26 Dec 2023 16:42:29 GMT

GET
H2 200 utag.72.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 85 KB
23 KB 37ms
36ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202312122139
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 9gH2UWQSXg.fEs3vi8QBv0Yy3Zc2Xm.j
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:22:31 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 263
x-amz-server-side-encryption: AES256
etag: W/"4b302efc5b38e5b3f50431325b1802a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: vXYW-872ftv0XmBqC-IqYK7HNNwuf6YSM1YFDFu74ceQgC8C7zJJaw==

GET
H2 200 utag.24.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 10 KB
4 KB 41ms
39ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 95819cf37147353756390501608f3df0681483952d3770ef10c632569f95546c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: qGh9SgqeSN7NcKX7JubgK7AX4P85g_b7
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:24:37 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 244
x-amz-server-side-encryption: AES256
etag: W/"35bea2f2df46c45975e9d556fdb30485"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pFXbjJr0hqXtK5Scn_bUvxnz1lSm3DqAB47RITesypHFKKtpSNGXGA==

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
1 KB 42ms
41ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: MFRvDMha7pw77iq_14RzZbP.bsM2IlF8
date: Fri, 15 Dec 2023 17:24:37 GMT
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 607
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
etag: "b04c2a096a5d839a6fb21261392ba882"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1296000
accept-ranges: bytes
x-amz-cf-id: XtTOskJGbqPRdQMjzse3ACqg_S5HBIqly2UBKM5Sit6a7sf1W59npw==

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 41ms
41ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: nMiMcodGGXZuDEOr_LkuOTdEG1s4..Nc
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:24:37 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 263
x-amz-server-side-encryption: AES256
etag: W/"6a5e55f6c53de2c5fad8f6eaefc225c6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: L-C_TwS_mmX0sXmBk1fwgptCOWAWzYu5wFc96vJ8Uyq5PPNH0WotMQ==

GET
H2 200 utag.59.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
2 KB 75ms
74ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.59.js?utv=ut4.46.201803271649
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ee2e26fe3aacd13f2e17c40d3ff2a9a0aa0080ea3293541efc681b002e02330

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: Ckw2Gr5LJQF99EFbQLF9j9TaRUawwN3d
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:24:41 GMT
last-modified: Thu, 14 Dec 2023 13:08:44 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 133
x-amz-server-side-encryption: AES256
etag: W/"4aa5611b9547fe0757d99a9f323e1c6e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: _CYsjQllrcswEy0NBhRzTIfu2hxw_8ZJFJCrsOj8rrv29e6py6Vojg==

GET
H2 200 utag.73.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 4 KB
2 KB 73ms
73ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: j5H5BcarJL3JyoJ9vTyZM7tpL83fYq5U
content-encoding: br
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
date: Fri, 15 Dec 2023 17:24:37 GMT
last-modified: Thu, 14 Dec 2023 13:08:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
age: 243
x-amz-server-side-encryption: AES256
etag: W/"bd506405154704ba3ad1b776f24dd192"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: SV3MJE6hpwtZED08WjyxyjEdyuq6pOSJYXxrZIra0S4trYVJ5JFMyQ==

GET
H3 200 res Show response
gdbrferl.bypassnews.online/ 185 KB
186 KB 229ms
191ms Script
application/javascript 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,multimedia_player_utils,multimedia_player_mpd,multimedia_player_analytics,multimedia_player_core,multimedia_player_ui,sticky_player_pangea_video,sticky_player_history_handler,sticky_player,copy_to_clipboard,widget_switcher,accordeon,sharing_open,transition_toggler,nav20,live_b_drop

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

236ca83b7a5dfd08962d1cfe5318244808a648a47c380b37d949a849ae114b6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,multimedia_player_utils,multimedia_player_mpd,multimedia_player_analytics,multimedia_player_core,multimedia_player_ui,sticky_player_pangea_video,sticky_player_history_handler,sticky_player,copy_to_clipboard,widget_switcher,accordeon,sharing_open,transition_toggler,nav20,live_b_drop
content-type: application/javascript
content-language: ru
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHbdjavvrOM7eUCyzcXJBDTz08cAIBYrrltFpqVC5YcXYUhN7W8OID8SRoOKtVsCj4aX2JgSIgAdlECAMX%2FKWVZ%2FBejiAFHw2LO%2FG3GUPiJ2lfYwpxkHS4SoVbLcXpebSvkUeDIenO6xkjro31aiN2TJwEzPCgWyjw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, no-transform, max-age=2291100
cf-ray: 836064e81a434bc9-BUF
expires: Thu, 11 Jan 2024 05:51:53 GMT

GET
H2 200 f4f8788e-72d9-4487-b9a2-16a7d62f0f7c_w650_r1.jpg
gdb.rferl.org/ 15 KB
15 KB 235ms
196ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/f4f8788e-72d9-4487-b9a2-16a7d62f0f7c_w650_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f275a6a510fe21ae2455ea22b7bb8efc9ee72fdacb0d1f9e137c5f12a7318c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 16:55:39 GMT
server: Akamai Image Manager
etag: "87088"
content-type: image/avif
cache-control: private, no-transform, max-age=2590144
content-length: 15626
expires: Sun, 14 Jan 2024 16:55:57 GMT

GET
H2 200 01000000-0aff-0242-9f6b-08dbfd69484e_w408_r1.jpg
gdb.rferl.org/ 8 KB
8 KB 107ms
69ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-9f6b-08dbfd69484e_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

65ae67f1b15e49b5b886225649213a43eb34a48a4e70efb1fdc0b737ace298c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 15:01:58 GMT
server: Akamai Image Manager
etag: "33165"
content-type: image/avif
cache-control: private, no-transform, max-age=2583210
content-length: 8445
expires: Sun, 14 Jan 2024 15:00:23 GMT

GET
H2 200 01000000-0aff-0242-4d1e-08dbfd55a888_cx7_cy0_cw87_w408_r1.jpg
gdb.rferl.org/ 9 KB
9 KB 122ms
85ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-4d1e-08dbfd55a888_cx7_cy0_cw87_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

956c758e3cb1ecac5218d010fec6d7a8c65ce7957ff9e8a15c9bee28b5935379

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 10:13:35 GMT
x-serial: 293
server: Akamai Image Manager
x-check-cacheable: YES
etag: "36805"
content-type: image/avif
cache-control: private, no-transform, max-age=2565930
content-length: 8958
expires: Sun, 14 Jan 2024 10:12:23 GMT

GET
H2 200 C86A4A2C-03D9-4815-A638-401729E3B40F_w408_r1.jpg
gdb.rferl.org/ 22 KB
22 KB 682ms
650ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/C86A4A2C-03D9-4815-A638-401729E3B40F_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

bbfa223082785e3aab57499ac3cee9fbfec51334b8ed024a2f6fe0df732634ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 10:07:29 GMT
x-serial: 844
server: Akamai Image Manager
x-check-cacheable: YES
etag: "65171"
content-type: image/avif
cache-control: private, no-transform, max-age=2565705
content-length: 22398
expires: Sun, 14 Jan 2024 10:08:39 GMT

GET
H2 200 01000000-0aff-0242-46f4-08dbb810f694_cx0_cy6_cw0_w144_r1.jpg
gdb.rferl.org/ 3 KB
3 KB 88ms
58ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-46f4-08dbb810f694_cx0_cy6_cw0_w144_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

20d8427850d50c053d4401cf73c07b338c67644a89ce45e90a6264b5a63fe32a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Dec 2023 17:33:57 GMT
x-serial: 2039
server: Akamai Image Manager
x-check-cacheable: YES
etag: "8749"
content-type: image/avif
cache-control: private, no-transform, max-age=2506000
content-length: 3250
expires: Sat, 13 Jan 2024 17:33:33 GMT

GET
H2 200 01000000-0aff-0242-c9da-08dbfcb945f5_w144_r1.jpg
gdb.rferl.org/ 4 KB
4 KB 87ms
57ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-c9da-08dbfcb945f5_w144_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6dbe46e860c8fbc4cc503b689b2c926191e3914b3438d2bd15e3dda6ec064f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 14 Dec 2023 15:29:38 GMT
server: Akamai Image Manager
etag: "11058"
content-type: image/avif
cache-control: private, no-transform, max-age=2498443
content-length: 4185
expires: Sat, 13 Jan 2024 15:27:36 GMT

GET
H2 200 01000000-0aff-0242-871f-08dbfbec4d0f_w144_r1.jpg
gdb.rferl.org/ 3 KB
3 KB 86ms
56ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-871f-08dbfbec4d0f_w144_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3a6a6de9ce05cc4fdafb46f0a7012d9374ced176e511e23197d433d618770735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 13 Dec 2023 15:07:44 GMT
x-serial: 376
server: Akamai Image Manager
x-check-cacheable: YES
etag: "12056"
content-type: image/avif
cache-control: private, no-transform, max-age=2410882
content-length: 3157
expires: Fri, 12 Jan 2024 15:08:15 GMT

GET
H2 200 200348e9-f5c8-468d-a3e6-388dcbdd2e41_w408_r1.jpg
gdb.rferl.org/ 23 KB
23 KB 187ms
157ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/200348e9-f5c8-468d-a3e6-388dcbdd2e41_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1157f2d2a0fcc075c7f2b4b173e8bb40f5e7e0484873e5c6c547fd6754160485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 14:27:40 GMT
server: Akamai Image Manager
etag: "66950"
content-type: image/avif
cache-control: private, no-transform, max-age=2581268
content-length: 23498
expires: Sun, 14 Jan 2024 14:28:01 GMT

GET
H2 200 01000000-0aff-0242-d9c8-08dbfce0e1c3_w408_r1.jpg
gdb.rferl.org/ 6 KB
6 KB 90ms
60ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-d9c8-08dbfce0e1c3_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2736782d8f8128b003dbbc8ddd7fb4917d85d5114abe42a0a236dbe4ffd5cf39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 09:40:08 GMT
server: Akamai Image Manager
etag: "32270"
content-type: image/avif
cache-control: private, no-transform, max-age=2564150
content-length: 6354
expires: Sun, 14 Jan 2024 09:42:43 GMT

GET
H2 200 01000000-0aff-0242-2335-08dbfbeb83b8_cx0_cy17_cw0_w408_r1.jpg
gdb.rferl.org/ 27 KB
27 KB 77ms
47ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-2335-08dbfbeb83b8_cx0_cy17_cw0_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

fe1c457d0fdeda1ae53b69e0f34ad09e962283836f39269d0c816d16591901fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 14:30:35 GMT
server: Akamai Image Manager
etag: "74025"
content-type: image/avif
cache-control: private, no-transform, max-age=2581445
content-length: 27372
expires: Sun, 14 Jan 2024 14:30:58 GMT

GET
H2 200 01000000-0aff-0242-266b-08db8e897e33_cx0_cy10_cw0_w408_r1.jpg
gdb.rferl.org/ 10 KB
10 KB 73ms
43ms Image
image/avif 2600:141b:1c00:2395::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/01000000-0aff-0242-266b-08db8e897e33_cx0_cy10_cw0_w408_r1.jpg

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:2395::1317 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

0dfe649ba1f7c967a882ebdc8cacbba43b036e336cf70667202380824434baf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 15 Dec 2023 10:37:34 GMT
x-serial: 1158
server: Akamai Image Manager
x-check-cacheable: YES
etag: "39307"
content-type: image/avif
cache-control: private, no-transform, max-age=2567431
content-length: 10483
expires: Sun, 14 Jan 2024 10:37:24 GMT

GET
H2 200 dest5.html Show response
bbg.demdex.net/ Frame 4132 7 KB
3 KB 54ms
39ms Document
text/html 3.94.224.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.94.224.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-224-106.compute-1.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://gdbrferl.bypassnews.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 15 Dec 2023 17:26:53 GMT
dcs: dcs-prod-va6-1-v053-0cfbd0968.edge-va6.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 20 Nov 2023 15:28:35 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: ZHDtiZKATHo=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
275 B 124ms
36ms XHR
application/x-javascript 63.140.38.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=66610896847080147121580760051460756069&ts=1702661213495

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.139 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-139.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://gdbrferl.bypassnews.online
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZXyMXQAAAKmYRwNz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=66652177629258231391576419433279728830
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXyMXQAAAKmYRwNz

42 B
717 B

45ms
40ms

Image
image/gif

3.94.224.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXyMXQAAAKmYRwNz

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Server

3.94.224.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-94-224-106.compute-1.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0b264a712.edge-va6.demdex.com 2 ms
pragma: no-cache
date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 1xDWSH2+TC8=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZXyMXQAAAKmYRwNz
Date: Fri, 15 Dec 2023 17:26:53 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 web Show response
onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/ 5 KB
2 KB 62ms
54ms Script
text/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c388ecc4-a620-4ca6-9bfa-2bee26973ff1/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f4bbdea9ea230c2bd7cbdbacebeab5c860c4f0acf7fe445f01633e9a78fb5df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
cf-polished: origSize=5437
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 583289e4-da8b-4ab1-a17c-d7a6f1221df1
x-runtime: 0.041818
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"1c57ee9bd06dc753df98455d682dc408"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 836064e89ad24bc9-BUF
access-control-allow-headers: SDK-Version
expires: Fri, 15 Dec 2023 18:26:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 156ms
27ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Dec 2023 17:26:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: uxzCSULgog/8nD+Ig11dtxZlCeV37gaOIlUWKEXKg9dlB2x0tZBKUPcbTXu+sjL2au3IsOmo9e1/wc0ziXXfPA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 6 KB
3 KB 182ms
49ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 19392
cf-polished: origSize=6157
ce-version: 11.5.160
cf-bgj: minify
last-modified: Fri, 15 Dec 2023 11:50:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 836064e9e9834bc7-BUF

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 183 B
493 B 184ms
50ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=gdbrferl.bypassnews.online&domain=gdbrferl.bypassnews.online&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: caabcd36fde21c52f125b07d9c3358417fe2492712016ff58af0ad7affb5622b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-cache-hits: 0
date: Fri, 15 Dec 2023 17:26:53 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 135
x-served-by: cache-nyc-kteb1890054-NYC
x-timer: S1702661214.746822,VS0,VE12
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 13 Dec 2023 17:26:53 GMT

GET
H2 200 rtrg
vk.com/ 49 B
612 B 815ms
391ms Image
image/gif 87.240.137.164
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-227495-44Mps&_rnd=0.08324736443568304

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv164-137-240-87.vk.com

Software

kittenx / KPHP/7.4.115321

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-trace-id: CZzoGFfrnwU8MQcCngkQKXk7ciBo0Q
date: Fri, 15 Dec 2023 17:26:54 GMT
content-encoding: gzip
x-frontend: front512007
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.115321
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 29ms
29ms Script
application/x-javascript 2600:9000:24f1:6200:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f1:6200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 15:53:17 GMT
content-encoding: gzip
via: 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 01:53:13 GMT
server: nginx
x-amz-cf-pop: JFK50-P4
age: 5616
etag: W/"657a6009-11b4f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: dPphiAVfb5LeM0v5JlHutMjaLVCE6vms4IiEY_ojymdGNrRlVvNHJw==
expires: Fri, 15 Dec 2023 17:53:17 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

28ms
26ms

Script
application/javascript

18.173.219.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/
Protocol: H2
Server: 18.173.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-113.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 04:23:58 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P1
age: 46976
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: TIjfW1lC7ZSNX4i2OxzuPcPzGNx-QBHiq_J_y1Uhxu5q9JWmNcZESQ==

Redirect headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: On8oNcW5zKqWjrLwJ7TJqDsg3qA6h6QjNL9IgDXAhEE1gZJ37CA9kw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
431 B 35ms
35ms Script
application/javascript 2600:9000:20e2:4a00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202312141307&cb=1702661213604
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:4a00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Fri, 15 Dec 2023 17:25:22 GMT
via: 1.1 f4cb5dc388dd91aa43ce5b333fc7c7c2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD79-C2
age: 92
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: aMLNe8bsxoBRqRSdR8179x-IoP0eGRDryDwNHAu4byEZbIMyRyfAvg==

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnews...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnew...

0
224 B

36ms
32ms

Image
text/plain

18.173.219.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&c9=
Requested by: Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/
Protocol: H2
Server: 18.173.219.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-219-113.jfk52.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P1
x-amz-cf-id: 00JCvt3LsKL3MzQ6NZzBGRZ3knEzeHnQZ2u20wFoBYjeCV4DWWputg==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 15 Dec 2023 17:26:53 GMT
via: 1.1 64d968aa0a0b58a1d00cb142d02b0ac0.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
location: /b2?c1=2&c2=6035794&ns__t=1702661213603&ns_c=UTF-8&c8=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&c7=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&c9=
content-length: 0
x-amz-cf-id: eot41An_cpLkZsMqwuhbOxw5xmUy5vTN7O_XfivHT1k_QAkFJeTX0g==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 178ms
37ms Image
image/gif 3.208.135.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.russian.svoboda&p=%2F&u=Da4FVfBI70knBq9sXW&d=gdbrferl.bypassnews.online&g=62557&g0=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3542&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&b=1688&t=CcGob2BPXiC-ckJ2dBox4qHDCzdU1&V=142&i=%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%A1%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&tz=600&sn=1&sv=CEiyAPDnqCc7dybECOFZ3FByEHj_&sr=external&sd=1&im=061b2fd3&_
Requested by: Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.208.135.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-208-135-151.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 15 Dec 2023 17:26:53 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 s32987743067345
ssc.svoboda.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
373 B 126ms
35ms Image
image/gif 63.140.38.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssc.svoboda.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s32987743067345?AQB=1&ndh=1&pf=1&t=15%2F11%2F2023%207%3A26%3A53%205%20600&sdid=55839065DBE355A4-3A3594635043F069&mid=66610896847080147121580760051460756069&aamlh=7&ce=UTF-8&ns=bbg&cdp=2&pageName=rfe%3Aru%3Ar%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&g=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&cc=USD&ch=%2F&server=gdbrferl.bypassnews.online&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&v4=index&v5=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&v6=%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&v13=home-page-svoboda&v15=russian&v16=rferl%20russian&v17=responsive&v20=yes&v21=homepage&v23=66610896847080147121580760051460756069&v24=018c6e844bf30089421437e2f87003074002306c00b08&v25=rfe&v27=RFERL%20Russian%20Responsive&v29=gdbrferl.bypassnews.online&v30=414&v31=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&v32=rfe%3Aru%3Ar%3Ahomepage%3A%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%20%D1%81%D0%B2%D0%BE%D0%B1%D0%BE%D0%B4%D0%B0&v36=8.28.0.0.333&v38=homepage&v50=homepage%20view&v70=2.23.0&v71=bbgdev&v72=prod&v75=2.23.0&v82=view&v85=home-page-svoboda&v100=2023-12-15%3A07.26%3A-10.00&v101=Pacific%2FHonolulu&v102=en-US%3Aen%3Aen-US&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.38.163 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ip-63-140-38-163.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Dec 2023 17:26:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Sat, 16 Dec 2023 17:26:53 GMT
server: jag
etag: 3656437113673842688-4617957392431762161
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 14 Dec 2023 17:26:53 GMT

GET
H2 200 gdbrferl.bypassnews.online.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 107 KB
6 KB 253ms
192ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/gdbrferl.bypassnews.online.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f238cdec8ea63228951488fa3b428b3a9ccb3a0cbde6f458bc98c496e390e04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 15 Dec 2023 17:26:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836064eb29d94bc7-BUF
content-length: 5836

GET
H2 200 513797670662669 Show response
connect.facebook.net/signals/config/ 135 KB
35 KB 218ms
217ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/513797670662669?v=2.9.138&r=stable&domain=gdbrferl.bypassnews.online

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5de3a2a7e0a45c50444123f4970598a4fde65f7bbec1b33a46c371f8f5ce67e5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Dec 2023 17:26:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: A16ILut8Owwn4MNm0uHRu9MdnYl9rPhi+j4JDbXac+qrcye5G3vPNBH2WBP4oBbA3KwEBDU9xXGV5Ad4DHGukg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 29ms
28ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/res?callback=_resourceLoaderReceiver_0&x=333&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,slider_fred,back_to_top,whatsapp_share_button,multimedia_player_utils,multimedia_player_mpd,multimedia_player_analytics,multimedia_player_core,multimedia_player_ui,sticky_player_pangea_video,sticky_player_history_handler,sticky_player,copy_to_clipboard,widget_switcher,accordeon,sharing_open,transition_toggler,nav20,live_b_drop

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

65f911212c36bd407499e11edc9cb101aa7df13777c9c2d6d8f16f5737a9386d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Dec 2023 17:26:53 GMT
content-md5: 3QQL9hw6azekTqyaQeT1fg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: +mzhJf1zTqQ7DaVMRNADAXabm1hn+DUZn8WemSV+XeFkZdY9VTDRKcnbcHpJJo75+LlIt1t1cDoFfTfDnamrbA==
x-fb-content-md5: aad41657335f1c2676663759a744fa11
cross-origin-opener-policy: same-origin-allow-popups
etag: "47577a81c764192e683756f7bd952753"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 15 Dec 2023 17:30:00 GMT

GET
H3 200 hljson Show response
gdbrferl.bypassnews.online/ 2 KB
1 KB 160ms
159ms XHR
application/json 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/hljson

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab4a7ca992dc17e3ada9f1f69f2f248909bd645677c49a5bc33ff535169951c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/hljson
content-type: application/json; charset=utf-8
content-language: ru
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZNM7dGzFSlVAYZvf25AZlWh5mCc0OWsdV38J7xAvMWuZ0R75hUeNRcnPIgMV%2BmlD4Ywsypi%2BmKouYNg41QVsj%2BLqbw7XVhRyCnjciLT262pNUZv0%2FC896oJ4OU9OJ74rJCI8RfM%2Fl7X4JkKGfKCnsgr641p0%2BK2nQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=229
cf-ray: 836064eb4ca94bc9-BUF
expires: Fri, 15 Dec 2023 17:30:43 GMT

GET
H3 200 items Show response
gdbrferl.bypassnews.online/api/header/ 254 B
815 B 155ms
154ms XHR
application/json 2606:4700:3034::6815:2a7b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gdbrferl.bypassnews.online/api/header/items

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/Scripts/responsive/loader.b?v=R3LR59bI_QYIvBT1Uo8ClLBpzI0pAdZYweFWJofnu6U1?&av=0.1.0.0&cb=333

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:2a7b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c16b3ab30a770d110bd84f630c295f1bce359b6db5872acfba7d9be6689f763d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gdbrferl.bypassnews.online/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: cloudflare
onion-location: https://www.svobod7mjzb3hwxhgcnx7ui2ffd4p5zulftzkzdlmpaztuuoxnlpwhyd.onion/api/header/items
content-type: application/json; charset=utf-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkTzhTQALmuT03JZxPyRXXP8L1piTgD6U2SYZ%2BtMdg8SW%2FMgoy6mgpomP2dNdnhcFiehHXSPnJcbuy1psWa9UtBxLFK6a%2B1NT%2FZ4rUAOgDAgFKrrsZqHLP2E6rLxbRnwGlX5XpBkUL8ebZqSmPEyvu1tPDVQl%2BNo%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=664
cf-ray: 836064eb8cc64bc9-BUF
expires: Fri, 15 Dec 2023 17:37:58 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 304 KB
86 KB 63ms
31ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=f36ac4f8df0756f5d101883dddb85a79

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

603cfd92b475ddd5d3e5a8545a759fb3d3b387a8b30af2943b0f6bec25b85bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gdbrferl.bypassnews.online/
Origin: https://gdbrferl.bypassnews.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Dec 2023 17:26:54 GMT
content-md5: eLXbzg+iZubNose7f8/DZw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87804
reporting-endpoints
x-fb-debug: 96rqCZaPGebJd4i4QufvRGB0+f8gEJe2MzP6SDcF8ZgpPs/7InV1tUA5iEDLgwxzTf+jSMs1v5k9V5l4QST6GA==
x-fb-content-md5: 6ca29bc448bb5faaf74f695890e38958
cross-origin-opener-policy: same-origin-allow-popups
etag: "9b32233dedd929a3d00299520bb77696"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Dec 2024 16:35:18 GMT

GET
H2 200 aa11c6ba4e87d897b23473b84559fbe8.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 138 KB
46 KB 39ms
38ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Dec 2023 19:16:01 GMT
server: cloudflare
age: 265756
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836064ec6a9b4bc7-BUF
content-length: 46770

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 176ms
102ms Fetch
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=322210431200953&input_token&origin=1&redirect_uri=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=f36ac4f8df0756f5d101883dddb85a79

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
date: Fri, 15 Dec 2023 17:26:54 GMT
x-content-type-options: nosniff
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: bnpm+LysthjWNg6fGBVLvyFLYu8sBex8m2anV13DslOfeOQwRiSyFV58H/gcGhL/Ngiajnl8mzftTST8u2/e4Q==
fb-s: unknown
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://gdbrferl.bypassnews.online
origin-agent-cluster: ?0
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gdbrferl.bypassnews.online.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 8 KB
2 KB 95ms
88ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/gdbrferl.bypassnews.online.json?t=472961
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/aa11c6ba4e87d897b23473b84559fbe8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6355c5e8836344e719a0aa5a530da7cf633fc0bba3abeabffa44f36c7975837e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 17:26:54 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 15 Dec 2023 17:26:54 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.160
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 836064ed2afa4bc7-BUF
content-length: 1498

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 33ms
32ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=513797670662669&ev=PageView&dl=https%3A%2F%2Fgdbrferl.bypassnews.online%2F&rl=&if=false&ts=1702661214270&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.1.1702661214264.1418830383&ler=empty&it=1702661213897&coo=false&rqm=GET

Requested by

Host: gdbrferl.bypassnews.online
URL: https://gdbrferl.bypassnews.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gdbrferl.bypassnews.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 15 Dec 2023 17:26:54 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: blank
URL: about:blank

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YoMDHNT7PsY
.youtube.com/	1970-01-20 21:16:53	Name: VISITOR_INFO1_LIVE Value: B356f1fHJWY
.bypassnews.online/	1970-01-21 01:43:17	Name: utag_main Value: v_id:018c6e844bf30089421437e2f87003074002306c00b08$_sn:1$_se:1$_ss:1$_st:1702663013172$ses_id:1702661213172%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:bypassnews.online
.demdex.net/	1970-01-20 21:16:53	Name: demdex Value: 66652177629258231391576419433279728830
.bypassnews.online/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.bypassnews.online/	1970-01-21 02:26:29	Name: _cb Value: Da4FVfBI70knBq9sXW
.bypassnews.online/	1970-01-21 02:26:29	Name: _chartbeat2 Value: .1702661213718.1702661213718.1.CEiyAPDnqCc7dybECOFZ3FByEHj_.1
.bypassnews.online/	1970-01-20 16:57:43	Name: _cb_svref Value: external
.bypassnews.online/	1970-01-21 02:26:29	Name: _v__chartbeat3 Value: VVkoVBIHygICfw8Pj
.scorecardresearch.com/	1970-01-21 02:33:41	Name: UID Value: 1A2ec141ab9cd58306e425b1702661213
.everesttech.net/	1970-01-21 01:43:17	Name: everest_g_v2 Value: g_surferid~ZXyMXQAAAKmYRwNz
.dpm.demdex.net/	1970-01-20 21:16:53	Name: dpm Value: 66652177629258231391576419433279728830
.bypassnews.online/	1969-12-31 23:59:59	Name: s_cc Value: true
.bypassnews.online/	1970-01-21 02:33:41	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19707%7CMCMID%7C66610896847080147121580760051460756069%7CMCAAMLH-1703266013%7C7%7CMCAAMB-1703266013%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1702668413s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19714%7CvVersion%7C5.4.0
gdbrferl.bypassnews.online/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.bypassnews.online/	1970-01-20 19:07:17	Name: _fbp Value: fb.1.1702661214264.1418830383
.bypassnews.online/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.bypassnews.online/	1969-12-31 23:59:59	Name: cebs Value: 1
.bypassnews.online/	1970-01-21 01:43:17	Name: _ce.s Value: v~2b5f6b44515fd224cd464e0065e2e9c6dc0cf22d~lcw~1702661214376~lva~1702661214376~vpv~0~lcw~1702661214378
.vk.com/	1970-01-21 01:38:13	Name: remixlang Value: 3
.vk.com/	1970-01-21 01:43:17	Name: remixstlid Value: 9053239623446281304_6n3UtT3Z4j9HqixMMExqaZbFjYcfAZz8jdtNVxf3u8s
.onesignal.com/	1970-01-20 16:57:43	Name: __cf_bm Value: 7ohJfA5nvuSWnLwti6mMKCNrCBqbuyP7pvRsaioGHYI-1702661215-1-AX+3g4lJUxS+/E3ly8JAq4nAdtq94LodXI2YOql4uADe1Kz8PKd7p8ehXHNm77E9rubbA0jj3iieAUiv95vbcVk=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: about:blank Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
other	warning	URL: https://connect.facebook.net/signals/config/513797670662669?v=2.9.138&r=stable&domain=gdbrferl.bypassnews.online(Line 132) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
blank
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
docs.rferl.org
dpm.demdex.net
gdb.rferl.org
gdbrferl.bypassnews.online
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
ssc.svoboda.org
static.chartbeat.com
tags.tiqcdn.com
vk.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
blank
18.173.219.113
2600:141b:1c00:238b::1317
2600:141b:1c00:2395::1317
2600:9000:20e2:4a00:7:2bfb:7c00:93a1
2600:9000:24f1:6200:18:1fcd:353:c61
2606:4700:3034::6815:2a7b
2606:4700::6812:d63b
2606:4700::6813:9408
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81c::200e
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:600::714
3.208.135.151
3.94.224.106
44.198.134.182
63.140.38.139
63.140.38.163
87.240.137.164
02b4a199941d273ca2b15e72a6006ebef6c81be7fcefaed6f6046d3f3abd07e2
0dfe649ba1f7c967a882ebdc8cacbba43b036e336cf70667202380824434baf0
0f238cdec8ea63228951488fa3b428b3a9ccb3a0cbde6f458bc98c496e390e04
1157f2d2a0fcc075c7f2b4b173e8bb40f5e7e0484873e5c6c547fd6754160485
169901f666801459695826173dc5032f7464f26bf6ede5f748d5bf8f5cab4b6c
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
20d8427850d50c053d4401cf73c07b338c67644a89ce45e90a6264b5a63fe32a
236ca83b7a5dfd08962d1cfe5318244808a648a47c380b37d949a849ae114b6d
2736782d8f8128b003dbbc8ddd7fb4917d85d5114abe42a0a236dbe4ffd5cf39
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2ee2e26fe3aacd13f2e17c40d3ff2a9a0aa0080ea3293541efc681b002e02330
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
316bbf0753f79aff5289214e68da8453d6440e6f0014f2055f21007110de8027
3a6a6de9ce05cc4fdafb46f0a7012d9374ced176e511e23197d433d618770735
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d9ea58f2dd35bcb458a1f46585329290d7ce423274b436da1de0d8138722449
54c2fbe897ce09b068765e4f97b403a2b860b3b0b5604c8381d366780baea8a3
54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f
5a0e2b951191e60b6c3905118d84d9a95a309d355c4eb71dfead2ae2866683ee
5de3a2a7e0a45c50444123f4970598a4fde65f7bbec1b33a46c371f8f5ce67e5
5e0ae38ad10707a4befaecb8ff5374a2a171ebf91ff5354c7c6c4105e577a731
5ffcfbb3ab5460e760b9aa3d3303fcd33214392e24c8797f1865b12136ede566
603cfd92b475ddd5d3e5a8545a759fb3d3b387a8b30af2943b0f6bec25b85bf9
6355c5e8836344e719a0aa5a530da7cf633fc0bba3abeabffa44f36c7975837e
65ae67f1b15e49b5b886225649213a43eb34a48a4e70efb1fdc0b737ace298c8
65f911212c36bd407499e11edc9cb101aa7df13777c9c2d6d8f16f5737a9386d
6dbe46e860c8fbc4cc503b689b2c926191e3914b3438d2bd15e3dda6ec064f5a
723b19ed4676c07faa84a5c3a833db985448e061527589c025a1ec2278e738e3
73c48a750a107c5809e5b332e74b0f1b32ddd1c24b98f1d9e8febf73322fbb84
773c375ffd56d8ee4c37b354dd85cbd1103315d3d46586d2bdaa067499528fdb
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
7abefad5fa0588ec9511f411c8f459049380f08e6a5e4587a403c31020172bd1
7bd25da287369fecc5abc0a1d557d21daefafad0b5ebac00634a0e279ceabb59
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2e58de8d96aa3ab709593d5c09178dc35561a18bc684886245adb515f388c1
9107aabbe099f8b263c0bf57f05f0bbe1f8d6177626dc10a9db146619297ee4c
91c914137a9d0d6fe085ef127c37bbf15e4934eb42d40cb79b7c52a057fe7ef7
956c758e3cb1ecac5218d010fec6d7a8c65ce7957ff9e8a15c9bee28b5935379
95819cf37147353756390501608f3df0681483952d3770ef10c632569f95546c
97535c6daed69c9d598e8ba5d54299452e9e2eb8e794a05bf349a9c57b9dd3bf
98b7d90beeaf2d2944f47d2c001be5d943d1b6306bbf7dc27c240e092ed8544d
9977bc7e23e6e0614b8cf3d1a75cefd42346851e5a5baacc872cf905f47da466
9f1f226ba233ebce168e9871cb9f9a11fee7e0d16c41795e53a85ef2fcdd5990
9f4bbdea9ea230c2bd7cbdbacebeab5c860c4f0acf7fe445f01633e9a78fb5df
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ab4a7ca992dc17e3ada9f1f69f2f248909bd645677c49a5bc33ff535169951c0
afb7a8ee8cc9591bf27ec322ce3e9235457d0c606d92fb73c74f1b3617f3ed4d
bb551534c7c698d5befb5ab755051e61ff88d4c4baba78fedcba4ab8f500354f
bbfa223082785e3aab57499ac3cee9fbfec51334b8ed024a2f6fe0df732634ec
bd5d0b1889b5ee3a04a81f46a34adb21e897ad828f6f211901339e0ccc9a45d1
c16b3ab30a770d110bd84f630c295f1bce359b6db5872acfba7d9be6689f763d
ca391ccc2d3868e3bf0062c021dc343a3176663e479bb4d4ef9c7b4c5276312a
caabcd36fde21c52f125b07d9c3358417fe2492712016ff58af0ad7affb5622b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16827ceeb4edac47def7e935c4050bcbf979b05e5054f57ceb6b850bb0f3dde
dccbe7deb05c1987a8b08cd273ab53e23ec510efecbefe76f4e3fa63bf40b529
e1d387c62d1ae77771f1e294a0be89ae0926de0ca224613d3b39412966b39317
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e426a1dfc6624a4df0e8f63db1415326b2203481a6439652007ebcad414c6df8
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
e872e50f4d63b0e9ffa65666b7e5b4371d02690051f3a310141bea1d361cf0dc
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f275a6a510fe21ae2455ea22b7bb8efc9ee72fdacb0d1f9e137c5f12a7318c62
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5
fe1c457d0fdeda1ae53b69e0f34ad09e962283836f39269d0c816d16591901fb

gdbrferl.bypassnews.online Open in urlscan Pro 2606:4700:3034::6815:2a7b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

93 %HTTPS

63 %IPv6

18 Domains

22 Subdomains

19 IPs

2 Countries

1524 kBTransfer

3113 kBSize

22 Cookies

26 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gdbrferl.bypassnews.online Open in urlscan Pro
2606:4700:3034::6815:2a7b Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

93 %
HTTPS

63 %
IPv6

18
Domains

22
Subdomains

19
IPs

2
Countries

1524 kB
Transfer

3113 kB
Size

22
Cookies

75 HTTP transactions
0 data transactions