rrn.media Open in urlscan Pro
172.67.176.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://puuatk.ambatukam45.shop/xvggc8
Effective URL:
https://rrn.media/fr/week-end-touristique-de-zelensky/
Submission: On June 21 via api (June 21st 2024, 3:54:10 pm UTC) from GB — Scanned from GB

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 8 domains to perform 24 HTTP transactions. The main IP is 172.67.176.60, located in and belongs to . The main domain is rrn.media.
TLS certificate: Issued by GTS CA 1P5 on May 13th 2024. Valid for: 3 months.

This is the only time rrn.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	185.172.128.161 185.172.128.161	216309 (EVILEMPIR...) (EVILEMPIRE-AS)
1	195.85.115.36 195.85.115.36	399629 (BLNWX) (BLNWX)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
16	172.67.176.60 172.67.176.60	() ()
1	2a00:1450:400... 2a00:1450:4001:82b::2008	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::200e	() ()
24	9

2 185.172.128.161 (Russian Federation)

ASN216309 (EVILEMPIRE-AS, GB)

puuatk.ambatukam45.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.85.115.36 (London, United Kingdom)

ASN399629 (BLNWX, US)

compensate.cyou	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cheekss.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.67.176.60 (None, )

ASN- ()

rrn.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	rrn.media rrn.media	812 KB
2	ambatukam45.shop puuatk.ambatukam45.shop	6 KB
1	google-analytics.com www.google-analytics.com
1	googletagmanager.com www.googletagmanager.com	103 KB
1	gstatic.com fonts.gstatic.com	33 KB
1	cheekss.click cheekss.click	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1004 B
1	compensate.cyou compensate.cyou	3 KB
24	8

	Domain	Requested by
16	rrn.media	rrn.media
2	puuatk.ambatukam45.shop
1	www.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	rrn.media
1	fonts.gstatic.com	fonts.googleapis.com
1	cheekss.click	puuatk.ambatukam45.shop
1	fonts.googleapis.com	compensate.cyou
1	compensate.cyou
24	8

This site contains no links.

Subject Issuer	Validity	Valid
ambatukam45.shop R11	`2024-06-18` - `2024-09-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
cheekss.click GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
rrn.media GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://rrn.media/fr/week-end-touristique-de-zelensky/
Frame ID: 8FEA4F9B20B5B3101C49C28F7F830C92
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://puuatk.ambatukam45.shop/xvggc8 HTTP 307
https://puuatk.ambatukam45.shop/xvggc8 Page URL
http://compensate.cyou/rrn6782080 HTTP 307
https://compensate.cyou/rrn6782080 HTTP 307
http://compensate.cyou/rrn6782080 Page URL
https://rrn.media/fr/week-end-touristique-de-zelensky/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

24
Requests

88 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

960 kB
Transfer

1368 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://puuatk.ambatukam45.shop/xvggc8 HTTP 307
https://puuatk.ambatukam45.shop/xvggc8 Page URL
http://compensate.cyou/rrn6782080 HTTP 307
https://compensate.cyou/rrn6782080 HTTP 307
http://compensate.cyou/rrn6782080 Page URL
https://rrn.media/fr/week-end-touristique-de-zelensky/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://puuatk.ambatukam45.shop/xvggc8 HTTP 307
https://puuatk.ambatukam45.shop/xvggc8

Request Chain 1

http://compensate.cyou/rrn6782080 HTTP 307
https://compensate.cyou/rrn6782080 HTTP 307
http://compensate.cyou/rrn6782080

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

xvggc8 Show response
puuatk.ambatukam45.shop/
Redirect Chain

http://puuatk.ambatukam45.shop/xvggc8
https://puuatk.ambatukam45.shop/xvggc8

12 KB
5 KB

438ms
233ms

Document
text/html

185.172.128.161
EVILEMPIRE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://puuatk.ambatukam45.shop/xvggc8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software: openresty / PHP/7.2.30
Resource Hash: 71d19de475f47ead7cfd15a9ec597993c34185f087860e1d052582bf6c6650eb

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 21 Jun 2024 15:53:57 GMT
Server: openresty
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.30

Redirect headers

Location: https://puuatk.ambatukam45.shop/xvggc8
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1

200
OK

rrn6782080 Show response
compensate.cyou/
Redirect Chain

http://compensate.cyou/rrn6782080
https://compensate.cyou/rrn6782080
http://compensate.cyou/rrn6782080

6 KB
3 KB

399ms
399ms

Document
text/html

195.85.115.36
BLNWX

General

Check archive.org

Show headers Download Go to

Full URL: http://compensate.cyou/rrn6782080
Protocol: HTTP/1.1
Server: 195.85.115.36 London, United Kingdom, ASN399629 (BLNWX, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: 0e1327f05e9925146ef3cb880a82cb62a0430bb7a91af52beed3c18aab098e6b

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://puuatk.ambatukam45.shop/xvggc8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
CF-Cache-Status: DYNAMIC
CF-RAY: 89752cb82afe93e5-LHR
Connection: keep-alive
Content-Encoding: gzip
Date: Fri, 21 Jun 2024 15:54:00 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lC8A%2BGxn4H0axkPjWOARWIHaA8PSe2FyINGhQEzJCLRFmymqC3ojZ0diHdfQElrhimYuELjKQfnXG887XKXG2usDf%2BVEpMxFOscuZCYxaZxcZH6g0zmMR9FXag%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Origin
X-Powered-By: Express

Redirect headers

Location: http://compensate.cyou/rrn6782080
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 404
Not Found favicon.ico
puuatk.ambatukam45.shop/ 552 B
363 B 83ms
82ms Other
text/html 185.172.128.161
EVILEMPIRE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://puuatk.ambatukam45.shop/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.172.128.161 , Russian Federation, ASN216309 (EVILEMPIRE-AS, GB),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://puuatk.ambatukam45.shop/xvggc8
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 21 Jun 2024 15:53:57 GMT
Content-Encoding: gzip
Server: openresty
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1004 B 1239ms
65ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Requested by

Host: compensate.cyou
URL: http://compensate.cyou/rrn6782080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://compensate.cyou/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Jun 2024 15:54:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Jun 2024 15:34:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jun 2024 15:54:01 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 288149b76f4d0c028e52d746c37bd09ed683cafbed0ae16eaf751d42383fbe1c

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://compensate.cyou/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H3 200 FR-18-06_rrn_-2 Show response
cheekss.click/ 4 KB
2 KB 277ms
171ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cheekss.click/FR-18-06_rrn_-2?return=js.client&&se_referrer=&default_keyword=for%20melons%20associated&landing_url=compensate.cyou%2Frrn6782080&name=_Q2FfKmtryFH92yrc&host=https%3A%2F%2Fcheekss.click%2FFR-18-06_rrn_-2
Requested by: Host: puuatk.ambatukam45.shop
URL: https://puuatk.ambatukam45.shop/xvggc8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 580939be2ad1bd1577ae771e2b1689e706a859462fcc33976c1dc2053586594b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://compensate.cyou/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:02 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v2pKXKQaYF6sew9jJbpM36bFxwm3ZMmFJ8UnVoP5umtqiQB%2BokeZ7XsHzDbBXtBoAHpXxwuzpInflyjDV5ZM6rs8icYERN5iFDRGEuKjJ3U7wLhVWVQ60%2BMsh5wZRjvgLJuk9jOmDfGgutfm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-ray: 89752cc31c86532f-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1660
expires: Fri, 21 Jun 2024 15:54:02 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 187ms
40ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: http://compensate.cyou
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:43:51 GMT
x-content-type-options: nosniff
age: 263411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:43:51 GMT

GET
H3 200 Primary Request / Show response
rrn.media/fr/week-end-touristique-de-zelensky/ 55 KB
12 KB 924ms
808ms Document
text/html 172.67.176.60

General

Check archive.org

Show headers Download Go to

Full URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: b91f8f7d86980e2fe8c32526d0c73a26506ad54f41f9deeb3b5abe93809009a0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 89752cc4f8a69443-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 21 Jun 2024 15:54:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
link: <https://rrn.media/wp-json/>; rel="https://api.w.org/" <https://rrn.media/wp-json/wp/v2/posts/192003>; rel="alternate"; type="application/json" <https://rrn.media/?p=192003>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dXjd0Ahevqd8waGM%2BK%2FRxe6xL6tRIkO4ZkB4PSysbsg%2B2uCkJGeviNFeUPNN2K2hC6tX5WrjWMHrXUsXT6Ols%2FJKrK5EjXbx8caZV%2B%2BOhr68to1wOXXwocfbVuQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 style.css
rrn.media/wp-content/themes/exp/dist/ 49 KB
8 KB 42ms
41ms Stylesheet
text/css 172.67.176.60

General

Check archive.org

Show headers Download Go to

Full URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5ea482e43609af05c9e86f935267e1c24b75f5a280c91b59e5a89c1e44478a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
alt-svc: h3=":443"; ma=86400
content-length: 7755
last-modified: Mon, 08 Apr 2024 16:36:02 GMT
server: cloudflare
etag: "c410-6159866aba080-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0meXHN592d5FjNjvnZVUIfQYqPRhtCtk7FXzaLR80J2S%2B2jI%2BypslhyTJoMtLewZlZfVFUBo%2B7Ygby0SHfvVk1SCs5zFtRgq89a6jpqz1K9oJh1aFSOhkphI5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca08b89443-LHR

GET
H3 200 script.js Show response
rrn.media/wp-content/themes/exp/dist/ 151 KB
49 KB 42ms
41ms Script
text/javascript 172.67.176.60

General

Check archive.org

Show headers Download Go to

Full URL: https://rrn.media/wp-content/themes/exp/dist/script.js?=553446305.34833
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a8c9d48bdf5240279348f38d2d046bc8c89232ff91c9386a1b0e80003e29b453

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 123
alt-svc: h3=":443"; ma=86400
content-length: 49307
last-modified: Wed, 17 Aug 2022 16:00:01 GMT
server: cloudflare
etag: "25bbe-5e671f5146240-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q5SC%2FMlO59HvRZ1IYpWEfMLrZtRPGIdLHlQXH5BuHdes0FDZp8nkY1R3n4tkeIo9JZ6tYjggBx9%2FXf3ktrWWLswDcnUKzlkzqnaDOXu9cgBdGs7uJ%2FNXfJKFndA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca08b99443-LHR

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
103 KB 271ms
90ms Script
application/javascript 2a00:1450:4001:82b::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9XV905XLDW

Requested by

Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

739843fa5fc42f96aa155462f3e5326e0d850dddb540c88e779f32d6000c1ebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104686
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 21 Jun 2024 15:54:03 GMT

GET
H3 200 logo-white.svg
rrn.media/wp-content/themes/exp/img/ 9 KB
4 KB 94ms
94ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/logo-white.svg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 724e246dd4c4446aa6431ccd3f090d8d0e6b3ec7b30157e9f1fdf5b5b0e39b07

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 16:00:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"2548-5e671f532e6c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4oSDgj4wehlN97IOKgHR2AJqCSfyho%2FOqf3ukMPkxTSPFbufNKwiTdkozuXk9hRbtDfDIxHiP%2FF007TKw5SR4%2Fdpv15FcTnOQfBoB%2BjmDu3lFRI2tokmk%2F1PQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca08bd9443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 flag_fr.svg
rrn.media/wp-content/themes/exp/img/flags/ 536 B
729 B 97ms
97ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/flags/flag_fr.svg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0832c1cbed05c1d6b320bf6b24f21465ba9932e8ba8fb94caeadad3740016b05

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 24
etag: W/"218-5e675e0c32200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KLcWY5VVCt9yh0E3%2FLnQ1WTs9wvVzj%2FMqelFntUOS8O2QbjazYGfkaf0wWepNPj1IvMZRTx%2FmiNGs2shtPiREgXC7hjj20eehqomTQ2pxoWRSAkMzGriCRTBUvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca08c19443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 1-253.jpg
rrn.media/wp-content/uploads/2024/06/ 110 KB
111 KB 53ms
52ms Image
image/jpeg 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/uploads/2024/06/1-253.jpg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d408a5c64ec68b93cb99baf3a1d4317304729da94c41e3df71284d0fa36d88c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 04:29:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14
etag: "1b86c-61b0e68bbc616"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sqDSfmIqJC6kpEgr5OZi7SdrspAUeU7nkcA11NKdUan5zGha0P6TDQKLZhimxmZVdL3dfmCP0qHqx0FpakTl7oVbmXQvhPHwUe9d9lpOBFRFdBfQaxKbGYcZ0oQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca59289443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 112748

GET
H3 200 1-254.jpg
rrn.media/wp-content/uploads/2024/06/ 217 KB
217 KB 110ms
108ms Image
image/jpeg 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/uploads/2024/06/1-254.jpg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b2ca2adaf69bb6683be01a550ce119d63e81032a0b0629581bdee1a4fa9bccb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 04:29:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14
etag: "3626f-61b0e6b0a790d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xR6MFuA61N0FUHJw5kIOorjtS7%2FBmBGr0yLPXXmqSPQ%2B%2BLC9SW6KZO9o2NFjEdmUlKf9PFWyif7HKAILXgxuhYc7iuEXJ49BMMRv2h1U%2BcEUkyo9AvxqpBP9X0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca592a9443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 221807

GET
H3 200 1-255.jpg
rrn.media/wp-content/uploads/2024/06/ 198 KB
198 KB 162ms
161ms Image
image/jpeg 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/uploads/2024/06/1-255.jpg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: febfcae5fc5c8f4c4ea816c52e048c12ffd9fcfba30271fda8d6bb78e3ab837d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 04:30:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14
etag: "3178b-61b0e6d0e099c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=djuq%2FDP0nCKSiaJw%2FkBfJQlcR309jkz6WGp3QBXTma57%2FP311%2FDlJOjPZyTcZPDEaYiDRymZNcicxGYu6N%2ByoTzdumg%2B3%2Fh8G3uftHt5Tx3oW7cUlYmyiXkZDvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca592b9443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 202635

GET
H3 200 1-256.jpg
rrn.media/wp-content/uploads/2024/06/ 140 KB
140 KB 201ms
200ms Image
image/jpeg 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/uploads/2024/06/1-256.jpg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 91834807e905f578f7b584b770dcd07a3cf6932bf54d36adc755941adf9faf47

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 04:30:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14
etag: "22fa9-61b0e6e8e1240"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBeJvdCawEKMtaoN3uuT5JL1Wspk4%2FcpJ%2FgfsyBhYUTTLRsRIGsOToyhQSN4ljs6%2FQtJ4CnHQW8mCnUTKDFiGZ8ML%2BdBF9VKAOam9q6H8QGFZaNwpIPLvKTOMoM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca592d9443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 143273

GET
H3 200 1-257.jpg
rrn.media/wp-content/uploads/2024/06/ 66 KB
66 KB 207ms
206ms Image
image/jpeg 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/uploads/2024/06/1-257.jpg
Requested by: Host: rrn.media
URL: https://rrn.media/fr/week-end-touristique-de-zelensky/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: d4c30cbd600f1a0eeb12ffbc48c046f42b492ef0d92bf3b1780fe9a689cfd6f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Mon, 17 Jun 2024 04:35:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 14
etag: "10667-61b0e8023b9c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfEnGuM%2FwUEclG%2FeRE0rZQMr3fuYE4kK43G4DIVdfF2d%2BiWLvpDAk9DI2o55zQQ5AdbQqAaIrZcIrYLjuFWVYnLPDU18m4DrwGc3C1RvW8Lx%2BTzLz8SaOB0NVg0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752cca592e9443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 67175

GET
H3 200 search.svg
rrn.media/wp-content/themes/exp/img/icons/ 617 B
797 B 234ms
234ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/icons/search.svg
Requested by: Host: rrn.media
URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0732e27592b7f4b1b265ae0e6fa8548afe026ecf767866b01fe9fd655621412a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: W/"269-5e675e0d26440"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fv%2FB%2Fvga22pnwdPbO4HF%2Bpo%2FiqvIGdZNFFvXkhhj4PUFicNpnuWBfBmo9dOhAW7hx0O8Qh9ZUORvl9tD9xdJYaXTMIscz%2BYZ5fpCbuQx7crp2DCqqmMYoGDhUaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca59309443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-facebook.svg
rrn.media/wp-content/themes/exp/img/icons/ 498 B
771 B 234ms
233ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/icons/share-facebook.svg
Requested by: Host: rrn.media
URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9af3d1d6f4e85bd9c85921084ef0dd9fbfb24aa66b04380ea2f08cfe4deb67

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3680
etag: W/"1f2-5e675e0e1a680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZs04S0OT%2BqPerg%2FSO%2BqsCkCtvhhMYLhylE97pnIpyS6%2FYZ0OndeDn%2BdRS3T1ZVoXFJmxSfqEZRsg4Fwhv4ZMtXY7YcYKg0Wto%2FVXiDEETN40uSflCeARl74YJI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca59319443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-twitter.svg
rrn.media/wp-content/themes/exp/img/icons/ 966 B
1004 B 234ms
233ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/icons/share-twitter.svg
Requested by: Host: rrn.media
URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 51f9bcab81693e017c3e3a834fd06b65abb2423917739c1bab139e9ddd8d535a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3680
etag: W/"3c6-5e675e0e1a680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qLuRuQaZI1xoE%2F31TXGDraojYPCRXu%2BYzgU75EsvPT7EcTuYHQ2JUL%2BAISK%2FUROfOGsukbzqDcTyltcMVMHcpmytafHqScptP87vv%2FIS8cEE0iyEPvHfqIojEmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca59329443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-telegram.svg
rrn.media/wp-content/themes/exp/img/icons/ 583 B
824 B 234ms
233ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/icons/share-telegram.svg
Requested by: Host: rrn.media
URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 131ef9958dd64b002854e7d4d6562b47b0a0c00743c04304af528c00d55a3dc3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3680
etag: W/"247-5e675e0e1a680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fk%2FidPp7Gayk7JAgioI1nMbdVBtF7Rsn3ecoXeeKc%2FGNDN4gOxLLbg1eTDFrSa4bgDm83Oi6Ot1Cxyxc25eoMWutd4%2B9L6%2FIMoWWbcKL5fdq4jw1lrSAnajHy6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca69339443-LHR
alt-svc: h3=":443"; ma=86400

GET
H3 200 share-whatsapp.svg
rrn.media/wp-content/themes/exp/img/icons/ 1 KB
1 KB 234ms
233ms Image
image/svg+xml 172.67.176.60

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rrn.media/wp-content/themes/exp/img/icons/share-whatsapp.svg
Requested by: Host: rrn.media
URL: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a3b6a8a2b544123f60b612ed71e2d2f94824d95071749ab43885e1b4d40257f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/wp-content/themes/exp/dist/style.css?=553446305.34833
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 20:40:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 3680
etag: W/"5cf-5e675e0e1a680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNOB4r33tBjMZIjLAarXXw5ySXm0NWXjGKgklExJpl%2F95VSL8AG%2F6Jl6sQ%2FTkMvBGe6yzr6gqSNms5yy1oiqLHdRRzzmCoOhdOzixuGlAgLu0ySoJRP3X0CYesM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 89752cca69349443-LHR
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 229ms
66ms Fetch
text/plain 2a00:1450:4001:82a::200e

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9XV905XLDW&gtm=45je46j0v9163990164za200&_p=1718985243243&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1091002539.1718985244&ul=en-gb&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718985243&sct=1&seg=0&dl=https%3A%2F%2Frrn.media%2Ffr%2Fweek-end-touristique-de-zelensky%2F&dt=Week-end%20touristique%20de%20Zelensky%20-%20D%C3%A9cryptage&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1340&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9XV905XLDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 21 Jun 2024 15:54:03 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rrn.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 favicon-32x32.png
rrn.media/wp-content/themes/exp/favicons/ 1 KB
2 KB 55ms
55ms Other
image/png 172.67.176.60

General

Check archive.org

Show headers Download Go to

Full URL: https://rrn.media/wp-content/themes/exp/favicons/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.176.60 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 00a2c61a53ad6f450671d844b7442e611f065edd6bfdadba1560d0565a2b3617

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://rrn.media/fr/week-end-touristique-de-zelensky/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 21 Jun 2024 15:54:03 GMT
cf-cache-status: HIT
last-modified: Wed, 17 Aug 2022 16:00:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 123
etag: "50c-5e671f523a480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j3dm%2F%2FMuvfTHOamr7jL7a4e6axb6m50MpXYIWYgrdefqhZYXpOVHih26%2Foa2HV4dDPkdZIiCOkBrGLodfSL%2Fj%2B1GB%2FrHWYO4TbOiDeSBuG2PwPgawrknTt%2Bcyi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89752ccc9c729443-LHR
alt-svc: h3=":443"; ma=86400
content-length: 1292

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://puuatk.ambatukam45.shop/favicon.ico Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cheekss.click
compensate.cyou
fonts.googleapis.com
fonts.gstatic.com
puuatk.ambatukam45.shop
rrn.media
www.google-analytics.com
www.googletagmanager.com
172.67.176.60
185.172.128.161
195.85.115.36
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a06:98c1:3120::3
00a2c61a53ad6f450671d844b7442e611f065edd6bfdadba1560d0565a2b3617
0732e27592b7f4b1b265ae0e6fa8548afe026ecf767866b01fe9fd655621412a
0832c1cbed05c1d6b320bf6b24f21465ba9932e8ba8fb94caeadad3740016b05
0e1327f05e9925146ef3cb880a82cb62a0430bb7a91af52beed3c18aab098e6b
131ef9958dd64b002854e7d4d6562b47b0a0c00743c04304af528c00d55a3dc3
288149b76f4d0c028e52d746c37bd09ed683cafbed0ae16eaf751d42383fbe1c
2d408a5c64ec68b93cb99baf3a1d4317304729da94c41e3df71284d0fa36d88c
51f9bcab81693e017c3e3a834fd06b65abb2423917739c1bab139e9ddd8d535a
580939be2ad1bd1577ae771e2b1689e706a859462fcc33976c1dc2053586594b
5a3b6a8a2b544123f60b612ed71e2d2f94824d95071749ab43885e1b4d40257f
5b2ca2adaf69bb6683be01a550ce119d63e81032a0b0629581bdee1a4fa9bccb
71d19de475f47ead7cfd15a9ec597993c34185f087860e1d052582bf6c6650eb
724e246dd4c4446aa6431ccd3f090d8d0e6b3ec7b30157e9f1fdf5b5b0e39b07
739843fa5fc42f96aa155462f3e5326e0d850dddb540c88e779f32d6000c1ebe
91834807e905f578f7b584b770dcd07a3cf6932bf54d36adc755941adf9faf47
a8c9d48bdf5240279348f38d2d046bc8c89232ff91c9386a1b0e80003e29b453
ad26ac49f179b50254d7ff0e94733c71dea4df8c1c30660e004f8cb68292dd6b
b91f8f7d86980e2fe8c32526d0c73a26506ad54f41f9deeb3b5abe93809009a0
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
ca5ea482e43609af05c9e86f935267e1c24b75f5a280c91b59e5a89c1e44478a
d4c30cbd600f1a0eeb12ffbc48c046f42b492ef0d92bf3b1780fe9a689cfd6f0
fb9af3d1d6f4e85bd9c85921084ef0dd9fbfb24aa66b04380ea2f08cfe4deb67
febfcae5fc5c8f4c4ea816c52e048c12ffd9fcfba30271fda8d6bb78e3ab837d

rrn.media Open in urlscan Pro 172.67.176.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

88 %HTTPS

63 %IPv6

8 Domains

8 Subdomains

9 IPs

4 Countries

960 kBTransfer

1368 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

rrn.media Open in urlscan Pro
172.67.176.60 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

88 %
HTTPS

63 %
IPv6

8
Domains

8
Subdomains

9
IPs

4
Countries

960 kB
Transfer

1368 kB
Size

0
Cookies

24 HTTP transactions
1 data transactions