www.rferl.org Open in urlscan Pro
2a02:26f0:6c00:285::1317 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Submission: On November 14 via api (November 14th 2021, 6:09:36 am UTC) from GB — Scanned from GB

Summary HTTP 108 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 26 domains to perform 108 HTTP transactions. The main IP is 2a02:26f0:6c00:285::1317, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.rferl.org.
TLS certificate: Issued by R3 on September 9th 2021. Valid for: 3 months.

This is the only time www.rferl.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	2a02:26f0:6c0... 2a02:26f0:6c00:285::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
15	104.75.88.194 104.75.88.194	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1 3	63.32.159.255 63.32.159.255	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	94.100.180.55 94.100.180.55	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	217.20.152.207 217.20.152.207	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
2	87.240.190.67 87.240.190.67	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:215... 2600:9000:2156:f400:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3 7	143.204.98.82 143.204.98.82	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.208.127.56 52.208.127.56	16509 (AMAZON-02) (AMAZON-02)
1 4	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.194.191.134 54.194.191.134	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.217.170.200 52.217.170.200	16509 (AMAZON-02) (AMAZON-02)
1	52.206.207.49 52.206.207.49	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.57 143.204.98.57	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.43 143.204.98.43	16509 (AMAZON-02) (AMAZON-02)
1	54.73.172.176 54.73.172.176	16509 (AMAZON-02) (AMAZON-02)
108	30

30 2a02:26f0:6c00:285::1317 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gdb.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
livetracker.rfe.pangea-cms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 104.75.88.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
02179913.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 63.32.159.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.55 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.152.207 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: ip207.152.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.190.67 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-190-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b2::1317 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

livetracker.rfe.pangea-cms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:f400:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.82 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-82.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.127.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.36.218.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.191.134 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-191-134.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.170.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.206.207.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-207-49.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-57.fra50.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-43.fra50.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.172.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	rferl.org 1 redirects www.rferl.org gdb.rferl.org	566 KB
15	tiqcdn.com tags.tiqcdn.com	145 KB
7	scorecardresearch.com 3 redirects sb.scorecardresearch.com	2 KB
7	crazyegg.com script.crazyegg.com pagestates-tracking.crazyegg.com assets-tracking.crazyegg.com tracking.crazyegg.com	31 KB
6	facebook.net connect.facebook.net	310 KB
5	facebook.com www.facebook.com	538 B
4	omtrdc.net 1 redirects bbg.sc.omtrdc.net	3 KB
4	demdex.net 1 redirects dpm.demdex.net bbg.demdex.net	6 KB
4	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	103 KB
4	youtube.com www.youtube.com	94 KB
3	google-analytics.com www.google-analytics.com	20 KB
3	onesignal.com cdn.onesignal.com onesignal.com	73 KB
2	akstat.io 02179913.akstat.io	402 B
2	chartbeat.com static.chartbeat.com	47 KB
2	pangea-cms.com livetracker.rfe.pangea-cms.com	1 KB
2	vk.com vk.com	875 B
2	ok.ru connect.ok.ru	4 KB
2	pinterest.com api.pinterest.com	776 B
2	mail.ru connect.mail.ru	1 KB
2	googletagmanager.com www.googletagmanager.com	104 KB
1	google.co.uk www.google.co.uk	376 B
1	google.com www.google.com	376 B
1	doubleclick.net stats.g.doubleclick.net	319 B
1	chartbeat.net ping.chartbeat.net	201 B
1	amazonaws.com s3.amazonaws.com	140 KB
1	everesttech.net 1 redirects cm.everesttech.net	517 B
108	26

	Domain	Requested by
24	www.rferl.org	1 redirects www.rferl.org
15	tags.tiqcdn.com	www.rferl.org tags.tiqcdn.com
7	sb.scorecardresearch.com	3 redirects www.rferl.org
6	connect.facebook.net	www.rferl.org tags.tiqcdn.com connect.facebook.net
5	www.facebook.com	connect.facebook.net www.rferl.org
5	gdb.rferl.org	www.rferl.org
4	bbg.sc.omtrdc.net	1 redirects tags.tiqcdn.com www.rferl.org
4	script.crazyegg.com	tags.tiqcdn.com script.crazyegg.com
4	www.youtube.com	www.rferl.org www.youtube.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	dpm.demdex.net	1 redirects www.rferl.org
2	02179913.akstat.io	s.go-mpulse.net
2	c.go-mpulse.net	s.go-mpulse.net
2	static.chartbeat.com	tags.tiqcdn.com
2	livetracker.rfe.pangea-cms.com	www.rferl.org
2	vk.com	www.rferl.org
2	connect.ok.ru	www.rferl.org
2	api.pinterest.com	www.rferl.org
2	connect.mail.ru	www.rferl.org
2	www.googletagmanager.com	www.rferl.org www.googletagmanager.com
2	s.go-mpulse.net	www.rferl.org
2	cdn.onesignal.com	www.rferl.org cdn.onesignal.com
1	tracking.crazyegg.com	script.crazyegg.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	www.google.co.uk	www.rferl.org
1	www.google.com	www.rferl.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	ping.chartbeat.net	www.rferl.org
1	s3.amazonaws.com	www.rferl.org
1	onesignal.com	cdn.onesignal.com
1	cm.everesttech.net	1 redirects
1	bbg.demdex.net	tags.tiqcdn.com
108	33

This site contains links to these domains. Also see Links.

Domain
gandhara.rferl.org
en.currenttime.tv
pressroom.rferl.org
facebook.com
twitter.com
www.youtube.com
www.instagram.com
t.me
vkontakte.ru
www.linkedin.com
briefcase.company
www.rferl.mobi
www.usagm.gov

Subject Issuer	Validity	Valid
www.rferl.org R3	`2021-09-09` - `2021-12-08`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2021-02-18` - `2022-03-21`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-06-09` - `2022-06-10`	2 years	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-10-29` - `2021-11-29`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.crazyegg.com DigiCert SHA2 Secure Server CA	`2020-07-26` - `2022-07-23`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Frame ID: 2A46AC03E0448F82C73E89D4974EC0F2
Requests: 78 HTTP requests in this frame

Frame: https://www.rferl.org/a/31157751.html?layout=1
Frame ID: 2250060B739271B638667B384FA928BB
Requests: 28 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: E7D7D684F0AF2A3E69E16C92DDACF0C4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6C733CAB0D349CDE8DE3DF3F1D473241
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Netherlands Detains Russian Sought By U.S. Over 'Ryuk' Ransomware

Page Statistics

108
Requests

93 %
HTTPS

50 %
IPv6

26
Domains

33
Subdomains

30
IPs

6
Countries

1650 kB
Transfer

4771 kB
Size

31
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://gandhara.rferl.org/
Title: Gandhara

Search URL Search Domain Scan URL

URL: https://en.currenttime.tv/
Title: Current Time

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6091.html
Title: About

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/
Title: Pressroom

Search URL Search Domain Scan URL

URL: https://facebook.com/rferl

Search URL Search Domain Scan URL

URL: https://twitter.com/RFERL

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/rferlonline

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rfe.rl/

Search URL Search Domain Scan URL

URL: https://t.me/rferl

Search URL Search Domain Scan URL

URL: https://facebook.com/sharer.php?u=https%3a%2f%2fwww.rferl.org%2fa%2frussia-ryuk-ransomeware-dubnikov%2f31559567.html

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3a%2f%2fwww.rferl.org%2fa%2frussia-ryuk-ransomeware-dubnikov%2f31559567.html&text=Netherlands+Detains+Russian+Sought+By+U.S.+Over+%27Ryuk%27+Ransomware

Search URL Search Domain Scan URL

URL: https://vkontakte.ru/share.php?url=https%3a%2f%2fwww.rferl.org%2fa%2frussia-ryuk-ransomeware-dubnikov%2f31559567.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3a%2f%2fwww.rferl.org%2fa%2frussia-ryuk-ransomeware-dubnikov%2f31559567.html&title=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware

Search URL Search Domain Scan URL

URL: https://briefcase.company/
Title: Briefcase

Search URL Search Domain Scan URL

URL: https://briefcase.company/novosti/obshee/o-zaderjanii-dybnikova-dm
Title: statement

Search URL Search Domain Scan URL

URL: https://twitter.com/toddprincetv
Title: FOLLOW

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6085.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://pressroom.rferl.org/p/6116.html
Title: Terms Of Use

Search URL Search Domain Scan URL

URL: https://www.rferl.mobi/jobs.html
Title: Jobs and Internships

Search URL Search Domain Scan URL

URL: https://www.usagm.gov/
Title: U.S. Agency For Global Media

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570

Request Chain 42

https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31157751.html?layout=1 HTTP 301
https://www.rferl.org/a/31157751.html?layout=1

Request Chain 49

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 50

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&c9=

Request Chain 57

https://cm.everesttech.net/cm/dd?d_uuid=24741822988735125932205527890095067708 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZCoGgAAALA9OQQp

Request Chain 97

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 99

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C62E146DA-1A43E6843B21BB2A&ce=UTF-8&ns=bbg&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&c1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&c4=snippet&v4=snippet&c5=snippet&v5=snippet&c6=week%20in%20russia%20region%20widget-gr-1878&v6=week%20in%20russia%20region%20widget-gr-1878&c14=31157751&v14=31157751&c15=english&v15=english&c16=rferl%20english&v16=rferl%20english&c17=responsive&v17=responsive&c21=iframe&v21=iframe&c23=24751175413615319782203656689097256167&v23=24751175413615319782203656689097256167&c24=017d1d10a7c100661044392b2df803072004606a00b08&v24=017d1d10a7c100661044392b2df803072004606a00b08&c25=rfe&v25=rfe&c27=RFERL%20English%20Responsive&v27=RFERL%20English%20Responsive&c29=www.rferl.org&v29=www.rferl.org&c30=420&v30=420&c31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&c38=snippet&v38=snippet&c50=iframe&v50=iframe&c62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c65=week%20in%20russia%20region%20widget-gr-1878&v65=week%20in%20russia%20region%20widget-gr-1878&v70=2.6.0&v71=bbgprod-bbgentityrferl&c72=prod&v72=prod&c75=rfe%20profile%20updates&v75=rfe%20profile%20updates&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=681&AQE=1 HTTP 302
https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&pccr=true&vidn=30C8540D889D1576-40000FBD537FC3CC&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C62E146DA-1A43E6843B21BB2A&ce=UTF-8&ns=bbg&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&c1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&c4=snippet&v4=snippet&c5=snippet&v5=snippet&c6=week%20in%20russia%20region%20widget-gr-1878&v6=week%20in%20russia%20region%20widget-gr-1878&c14=31157751&v14=31157751&c15=english&v15=english&c16=rferl%20english&v16=rferl%20english&c17=responsive&v17=responsive&c21=iframe&v21=iframe&c23=24751175413615319782203656689097256167&v23=24751175413615319782203656689097256167&c24=017d1d10a7c100661044392b2df803072004606a00b08&v24=017d1d10a7c100661044392b2df803072004606a00b08&c25=rfe&v25=rfe&c27=RFERL%20English%20Responsive&v27=RFERL%20English%20Responsive&c29=www.rferl.org&v29=www.rferl.org&c30=420&v30=420&c31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&c38=snippet&v38=snippet&c50=iframe&v50=iframe&c62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c65=week%20in%20russia%20region%20widget-gr-1878&v65=week%20in%20russia%20region%20widget-gr-1878&v70=2.6.0&v71=bbgprod-bbgentityrferl&c72=prod&v72=prod&c75=rfe%20profile%20updates&v75=rfe%20profile%20updates&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=681&AQE=1

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 31559567.html Show response
www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/ 73 KB
18 KB 260ms
86ms Document
text/html 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ba2647f1760f08df792a571274de671f5fdc097ede7079d28e96f0b314c0f97b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

pragma: no-cache
content-type: text/html; charset=utf-8
content-language: en
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-akamai-transformed: 9 16359 0 pmb=mRUM,2
cache-control: must-revalidate, max-age=118
expires: Sun, 14 Nov 2021 06:11:28 GMT
date: Sun, 14 Nov 2021 06:09:30 GMT
content-length: 18521
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT edge; dur=25
strict-transport-security: max-age=31536000

GET
H2 200 RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ 355 KB
56 KB 64ms
63ms Stylesheet
text/css 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3cc2173e51ca90f5e17fe65e90f506dfcdbed5d9d6496aad1bc1bf714f7f73ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Oct 2021 11:34:23 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, no-transform, max-age=1730463
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 57276
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:50:33 GMT

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 3 KB
1 KB 132ms
36ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 50bc4fb7484a533e88993d7fd10ed959c7e6627501d8d095927294ccde65b65e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:15 GMT
server: AkamaiNetStorage
etag: "a5035324ea4ad992dbbd61c03df4292f:1618971915.131914"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1045
expires: Sun, 14 Nov 2021 06:14:30 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
1 KB 114ms
45ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Sun, 14 Nov 2021 06:09:30 GMT

GET
H2 200 infographics.b Show response
www.rferl.org/Scripts/responsive/ 4 KB
2 KB 112ms
111ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 04 Dec 2021 06:49:08 GMT
cache-control: max-age=1730378
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
content-length: 1471
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 loader.b Show response
www.rferl.org/Scripts/responsive/ 85 KB
24 KB 115ms
114ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/loader.b?v=8ZtvHmfe3Ps9JLb-yJj5UXVMNPtQ7-BNqIjeTWwjYjM1&av=0.1.0.0&cb=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dc624740b2376ebabb39c63c10377e01b75988a506d8a238f9f53093cdb974f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 04 Dec 2021 06:47:35 GMT
cache-control: max-age=1730285
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
content-length: 24694
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Merriweather-Light_v2.woff
www.rferl.org/Content/responsive/fonts/ 60 KB
61 KB 137ms
136ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Origin: https://www.rferl.org
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 61544
x-xss-protection: 1; mode=block
expires: Tue, 14 Dec 2021 06:09:30 GMT

GET
H2 200 player-spinner.png
www.rferl.org/Content/responsive/img/ 978 B
1 KB 60ms
57ms Image
image/png 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/img/player-spinner.png

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=506739
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 978
x-xss-protection: 1; mode=block
expires: Sat, 20 Nov 2021 02:55:09 GMT

GET
H2 200 logo-compact.svg
www.rferl.org/Content/responsive/RFE/en-US/img/ 10 KB
4 KB 65ms
63ms Image
image/svg+xml 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-compact.svg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f741f1f1d5d51b19ebdb2a93212e766850bf6bfcf3a606c75821317f17121ea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=449393
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 3464
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 10:59:23 GMT

GET
H2 200 logo.svg
www.rferl.org/Content/responsive/RFE/en-US/img/ 13 KB
4 KB 73ms
71ms Image
image/svg+xml 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo.svg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c981a854c0a757f362b7c398a239fc51c8b42102ab6c3af7ef016cd3766ab1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 11:02:03 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=452117
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 4000
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 11:44:47 GMT

GET
H2 200 logo-print.gif
www.rferl.org/Content/responsive/RFE/en-US/img/ 4 KB
4 KB 79ms
76ms Image
image/gif 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print.gif

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: public, max-age=442506
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3762
x-xss-protection: 1; mode=block
expires: Fri, 19 Nov 2021 09:04:36 GMT

GET
H2 200 logo-print_color.png
www.rferl.org/Content/responsive/RFE/en-US/img/ 7 KB
8 KB 86ms
84ms Image
image/png 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/img/logo-print_color.png

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:07 GMT
strict-transport-security: max-age=31536000
content-type: image/png
cache-control: public, max-age=953320
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 7663
x-xss-protection: 1; mode=block
expires: Thu, 25 Nov 2021 06:58:10 GMT

GET
H2 200 67a03c2f-d736-4fb2-8b35-7ef3168c3ea4_w250_r1_s.jpg
gdb.rferl.org/ 11 KB
11 KB 148ms
121ms Image
image/webp 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/67a03c2f-d736-4fb2-8b35-7ef3168c3ea4_w250_r1_s.jpg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

71ced75a6c62524ddffd93498484506e9108f4e74488a5562c1243a08f2202d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
last-modified: Wed, 13 Oct 2021 09:19:22 GMT
server: Akamai Image Manager
etag: "22389"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2171584
content-length: 11246
expires: Thu, 09 Dec 2021 09:22:34 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 172ms
58ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1562
etag: W/"d24a6d0ec1286eeadae131b33275a983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ade12465bcc0f6a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 17 Nov 2021 06:09:30 GMT

GET
H2 200 conf.js Show response
www.rferl.org/ 8 KB
2 KB 58ms
58ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/conf.js?x=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b0432a6120e0a89c00ef4a17344e70cddb858ae2ce200ddbc9fa00f1d4d966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=1730348
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: application/javascript; charset=utf-8
content-length: 1900
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:48:38 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/ 140 KB
46 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46909
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 05:54:35 GMT

GET
H2 200 KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8 Show response
s.go-mpulse.net/boomerang/ 202 KB
51 KB 168ms
53ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
last-modified: Fri, 03 Sep 2021 01:12:09 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 149 KB
44 KB 107ms
37ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

408f7a2e5b23e86484b0d5dbe09fa97874ef8d3c6e75c56aecb74f3cb3bfcebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 44402
x-xss-protection: 0
expires: Sun, 14 Nov 2021 06:09:30 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 84 KB
27 KB 35ms
34ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f9cfedb1d5b9684ff8026bcbe96a168a3446dd8424a53f9bb90b661078098b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:13 GMT
server: AkamaiNetStorage
etag: "8fb4823483483d3f0f27346a9824ca90:1618971913.316699"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 27000
expires: Sun, 14 Nov 2021 06:14:30 GMT

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
www.rferl.org/Content/responsive/fonts/ 40 KB
41 KB 87ms
87ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254
Origin: https://www.rferl.org
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=6
accept-ranges: bytes
content-length: 41216
x-xss-protection: 1; mode=block
expires: Tue, 14 Dec 2021 06:09:30 GMT

GET
H2 200 icons-1602750059534.woff
www.rferl.org/Content/responsive/fonts/ 20 KB
20 KB 94ms
94ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/icons-1602750059534.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b0baf52e6911831b998923d8ac3f0347802ce76e0ba571b1e09330a263c76bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254
Origin: https://www.rferl.org
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=6
accept-ranges: bytes
content-length: 20268
x-xss-protection: 1; mode=block
expires: Tue, 14 Dec 2021 06:09:30 GMT

GET
H2 200 image-placeholder.svg
www.rferl.org/Content/responsive/img/ 709 B
767 B 80ms
80ms Image
image/svg+xml 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rferl.org/Content/responsive/img/image-placeholder.svg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css?&av=0.1.0.0&cb=254
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=597895
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 461
x-xss-protection: 1; mode=block
expires: Sun, 21 Nov 2021 04:14:25 GMT

GET
H2 200 res Show response
www.rferl.org/ 106 KB
25 KB 63ms
62ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=254&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,lt,tree_walker,typo_reporter,image_expander,accordeon,share_link,sharing_open,transition_toggler,nav20,sticky_sharing20

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=8ZtvHmfe3Ps9JLb-yJj5UXVMNPtQ7-BNqIjeTWwjYjM1&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6e3b6aa232f14db21b75d3c5308d8ba2744f6c230ccf963cdc980af8c3f8c1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: public, no-transform, max-age=1730412
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-type: application/javascript; charset=utf-8
content-length: 25325
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:49:42 GMT

GET
H2 200 67a03c2f-d736-4fb2-8b35-7ef3168c3ea4_w1023_r1_s.jpg
gdb.rferl.org/ 120 KB
121 KB 167ms
165ms Image
image/webp 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/67a03c2f-d736-4fb2-8b35-7ef3168c3ea4_w1023_r1_s.jpg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

a1863289cd8836d6052876731599911bac2253f00e18a92f421a3b05a4642883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-check-cacheable: YES
x-serial: 1556
etag: "259489"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=624992
last-modified: Fri, 24 Sep 2021 14:02:53 GMT
content-length: 123232
server: Akamai Image Manager
expires: Sun, 21 Nov 2021 11:46:02 GMT

GET
H2 200 0ff40000-0aff-0242-493f-08d9a476d33c_w144_r1.jpg
gdb.rferl.org/ 5 KB
6 KB 97ms
97ms Image
image/webp 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/0ff40000-0aff-0242-493f-08d9a476d33c_w144_r1.jpg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6d6520019c54d3725b0fda9a6f7c19e1d28430a9a38ff78c21f4d564be367cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-check-cacheable: YES
x-serial: 566
etag: "12205"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2336021
last-modified: Thu, 11 Nov 2021 07:02:21 GMT
content-length: 5538
server: Akamai Image Manager
expires: Sat, 11 Dec 2021 07:03:11 GMT

GET
H2 200 0ff60000-0aff-0242-f579-08d9a5c0f322_w144_r1.jpg
gdb.rferl.org/ 3 KB
3 KB 74ms
74ms Image
image/webp 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/0ff60000-0aff-0242-f579-08d9a5c0f322_w144_r1.jpg

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

183439061ad9b3465bd6b78619eebd0e1b815328ebaccb39493da0b3993f4eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-check-cacheable: YES
x-serial: 582
etag: "6016"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=2459465
last-modified: Fri, 12 Nov 2021 17:19:24 GMT
content-length: 2768
server: Akamai Image Manager
expires: Sun, 12 Dec 2021 17:20:35 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570
https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570

362 B
1 KB

31ms
31ms

XHR
application/json

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

HTTP/1.1

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

71d3a6c3ecf29f0aff1b2693354bcee7b2a7392a016b8894ed2f1297b9619fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-090b1e384.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 1TWDpCr4T2w=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.rferl.org
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 307
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v019-003e67e75.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.rferl.org
X-TID: 1qMrbdEMQYE=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1636870170570
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 utag.17.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 78 KB
22 KB 36ms
35ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202104210225
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 70d01f64506f0ee9616cc3cea6c0bd8295edec2b3f57168c8c681f7533d71f4e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:14 GMT
server: AkamaiNetStorage
etag: "27a53ea683e9cd62632d35aa4fe69043:1618971914.425587"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 21827
expires: Mon, 29 Nov 2021 06:09:30 GMT

GET
H2 200 utag.24.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 10 KB
4 KB 34ms
33ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202008191613
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 610330771e510eab126ae47bd60fadd4c84d4be769c616e8085d62401586a4bb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 16:13:20 GMT
server: AkamaiNetStorage
etag: "1ab162c9e089e5a5744bf3e2362ee310:1597853600.735526"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3533
expires: Mon, 29 Nov 2021 06:09:30 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 607 B
816 B 30ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
last-modified: Mon, 18 Nov 2019 20:48:23 GMT
server: AkamaiNetStorage
etag: "d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 607
expires: Mon, 29 Nov 2021 06:09:30 GMT

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 55 KB
17 KB 41ms
40ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:48:34 GMT
server: AkamaiNetStorage
etag: "4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 17297
expires: Mon, 29 Nov 2021 06:09:30 GMT

GET
H2 200 utag.36.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 2 KB
1 KB 34ms
33ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac1c460fd2f93f6dd792aca2ae7d4443539863658d19ab41c5b1686c388262b6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 18:26:11 GMT
server: AkamaiNetStorage
etag: "80c62d702b7674d27c1d5a5c0b0e5d21:1594232771.932712"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1089
expires: Mon, 29 Nov 2021 06:09:30 GMT

GET
H2 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 5 KB
2 KB 177ms
56ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 740a40cf8f5e27a964775206ea48d7e70904cb2b857e5173dada2952ac321007

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 140557
cf-polished: origSize=4899
cf-ray: 6ade12473a2f5a07-MXP
ce-version: 11.1.358
last-modified: Fri, 12 Nov 2021 15:06:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-bgj: minify

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 88ms
29ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/res?callback=_resourceLoaderReceiver_0&x=254&dependencies=prog_install_prompt,facebook_api,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,content_sharing,share_counter,load_more,simple_captcha,analyticstag_event,flexible_iframe,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,slide_in_widget,lt,tree_walker,typo_reporter,image_expander,accordeon,share_link,sharing_open,transition_toggler,nav20,sticky_sharing20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55aaa08f90f696a3606e3bca701cebb488a631561f7923ab5cd7292e76a5201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 91Mo6W4Co4w6uxd83iXeow==
cross-origin-resource-policy: cross-origin
expires: Sun, 14 Nov 2021 06:25:18 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: JsXTcJdYhMYPY3u7Vf5Gj+ncZ9oYyUJXcPfYJatYvB9yICXU4XbMy12hbFekNNWJ+Yj9gXHYcRg4qw/nEz0KJg==
x-fb-trip-id: 2050670934
x-fb-content-md5: 00d3f3fc5d60d9ceda7f53dad2ac8e73
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e6305db9eb0e5a7f8c296f74fe6b8cda"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET FacebookCount
www.rferl.org/api/SocialMedia/ 0
0

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ 132 B
720 B 314ms
73ms Script
text/javascript 94.100.180.55
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?url_list=https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html&callback=1&func=RFE.Shares.MM.count

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

a9602b90c8a49e8bf5ce0a2dd6435e8364780d237dd796d75b9553cbb2867772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 06:09:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 132
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 118 B
411 B 238ms
120ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html&callback=RFE.Shares.Pinterest.count

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

b94b5c95c61c827d46d81de7238445cff951ace283cc7a290fba1f4cf1b88cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.896656b8.1636870170.df6e94
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1620824423207438
content-length: 118
expires: Sun, 14 Nov 2021 06:24:30 GMT

GET
H2 200 dk Show response
connect.ok.ru/ 25 B
2 KB 375ms
74ms Script
application/javascript 217.20.152.207
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=/a/russia-ryuk-ransomeware-dubnikov/31559567.html&ref=https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.152.207 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip207.152.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ 84 B
671 B 330ms
81ms Script
text/javascript 94.100.180.55
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?url_list=https://www.rferl.orgnull&callback=1&func=RFE.Shares.MM.count

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

2c79a0d38895bc9f3321a34507d6b94d2b19fad84ee7a0706a0a91a51e0a880f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 06:09:30 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 84
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ 73 B
365 B 236ms
120ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?url=https://www.rferl.orgnull&callback=RFE.Shares.Pinterest.count

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

90201b31b5f5348819cf3e546ff62071f8d3d18cad7659be062e5e2a328707ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.896656b8.1636870170.df6e95
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2938166412125082
content-length: 73
expires: Sun, 14 Nov 2021 06:24:30 GMT

GET
H2 200 dk Show response
connect.ok.ru/ 25 B
2 KB 373ms
73ms Script
application/javascript 217.20.152.207
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=null&ref=https://www.rferl.orgnull

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.152.207 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

ip207.152.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adsafeprotected.com .serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com; worker-src blob: 'self'; connect-src wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adsafeprotected.com *.serving-sys.com https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 21 B
479 B 200ms
69ms Script
text/html 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.109289

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-frontend: front220006
server: kittenx
x-powered-by: KPHP/7.4.109289
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 hljson Show response
www.rferl.org/ 87 B
371 B 72ms
72ms XHR
application/json 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/hljson

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=8ZtvHmfe3Ps9JLb-yJj5UXVMNPtQ7-BNqIjeTWwjYjM1&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
X-Requested-With: XMLHttpRequest
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=147
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=13
content-type: application/json; charset=utf-8
content-length: 77
x-xss-protection: 1; mode=block
expires: Sun, 14 Nov 2021 06:11:57 GMT

GET
H2

200

31157751.html Show response
www.rferl.org/a/ Frame 2250
Redirect Chain

https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31157751.html?layout=1
https://www.rferl.org/a/31157751.html?layout=1

19 KB
8 KB

75ms
75ms

Document
text/html

2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/a/31157751.html?layout=1

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=8ZtvHmfe3Ps9JLb-yJj5UXVMNPtQ7-BNqIjeTWwjYjM1&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4d5b1954d1237cde4e114c92f0d5cd82fea8ec549021ad3c0083e2d348da4a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Response headers

content-type: text/html; charset=utf-8
content-language: en
x-sticky-incompatible: 1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-encoding: gzip
x-akamai-transformed: 9 5294 0 pmb=mRUM,2
cache-control: public, max-age=71
expires: Sun, 14 Nov 2021 06:10:41 GMT
date: Sun, 14 Nov 2021 06:09:30 GMT
content-length: 7342
vary: Accept-Encoding
server-timing: cdn-cache; desc=HIT edge; dur=15
strict-transport-security: max-age=31536000

Redirect headers

pragma: no-cache
content-type: text/html; charset=utf-8
content-language: en
location: /a/31157751.html?layout=1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-length: 142
cache-control: max-age=290
expires: Sun, 14 Nov 2021 06:14:20 GMT
date: Sun, 14 Nov 2021 06:09:30 GMT
server-timing: cdn-cache; desc=REVALIDATE edge; dur=16 origin; dur=75
strict-transport-security: max-age=31536000

GET
H2 204 ref Show response
livetracker.rfe.pangea-cms.com/api/lt/ 0
514 B 245ms
77ms XHR
text/plain 2a02:26f0:6c00:2b2::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://livetracker.rfe.pangea-cms.com/api/lt/ref?itemType=Content&recordId=31559567&siteId=8&url=unknown

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2b2::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 Nov 2021 06:09:30 GMT
cache-control: no-cache
strict-transport-security: max-age=31536000
expires: -1

GET
H2 200 counter.lt
livetracker.rfe.pangea-cms.com/ 43 B
560 B 77ms
75ms Image
image/gif 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://livetracker.rfe.pangea-cms.com/counter.lt?PageType=1&RecordId=31559567&SiteId=8&r=1973474036&it=0&pd=20211113093543

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

68bc8832bd65c93f2895a61ae297bc5c67bd7512982f8755c4daa33aea25e37e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
cache-control: private
content-length: 43
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 30ms
28ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ECyL/hKBEWIG85hFwYAOIOrwhbmKFPFB3ihkiTv1K1XD/ZTrpYw2OM7RwNQHRpbsYCzbNX24jzo95uGkyOfzgg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 134ms
35ms Script
application/x-javascript 2600:9000:2156:f400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:32:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 5818
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jqVPrwdRWR4Ew4TuiDjJnJgfnl-o4S0FPhX7NMjuMrBNY8hHYoipQw==
expires: Sun, 14 Nov 2021 06:32:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0f3cda294d4d1bf2ba5cc52d71b6dfa4c5a8a9e4fe29ae581ac0ab0ac2cda96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: clear
content-length: 61664
x-xss-protection: 0
expires: Sun, 14 Nov 2021 06:09:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 96ms
29ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 504
date: Sun, 14 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 08:01:06 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
351 B

29ms
28ms

Script
application/javascript

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:01:49 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 466
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: kXa3XaglHISUYxqDndBhbuFWZazfU3r2WvXXaQKaY_QVIKdz80VW7A==

Redirect headers

date: Sun, 14 Nov 2021 06:09:30 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: nd3iP3CR6o5NiFIVWQrj9vxYg3F89vlaKGK0kxxjlVLQ1nInwIW2rA==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&c7=https%3A%2F%2Fwww.rferl...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&c7=https%3A%2F%2Fwww.rfer...

64 B
329 B

32ms
32ms

Image
image/gif

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&c9=
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: uLlmCwGGAAIcokJQy0Yeagn6cKtRudJrSW5nSAFjM1-85W03d27E5Q==

Redirect headers

date: Sun, 14 Nov 2021 06:09:30 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035794&ns__t=1636870170676&ns_c=UTF-8&c8=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20'Ryuk'%20Ransomware&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&c9=
content-length: 279
x-amz-cf-id: eWXit94se7ghLvqdzkgBWU8gXGBkBuZSwGOvXBfx7lE3eXAT8fzbRQ==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 29ms
28ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202104210225&cb=1636870170684
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Sun, 14 Nov 2021 06:19:30 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 68ms
68ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 1382
etag: W/"f5b476c39d3850a1e9c745df927a7adc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6ade1246ec370f6a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Wed, 17 Nov 2021 06:09:30 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 285 KB
82 KB 89ms
30ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=7aeced5f8a3714fab839721b7680b221

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea4293ef45472342ee1bc4d0b26ca52262401e0f8672bff0b150db4e130f1797

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.rferl.org/
Origin: https://www.rferl.org
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: CL2EqAxQflr1AWKp9Dgnxg==
cross-origin-resource-policy: cross-origin
expires: Mon, 14 Nov 2022 05:45:17 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82917
x-fb-rlafr: 0
x-fb-debug: cfFLUEGgvfwR59y9NCHFrVKYU4ZLWT1hN/2pQ7DENJUzYsRkprJqi6/67ha0BZ/fT6YJ9l2khd+vXXHZf/3vBg==
x-fb-trip-id: 686109401
x-fb-content-md5: 9d952751454f99b9ce92b0bedbc36124
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:30 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ab8ed498b46bb6e934115ccf6f9a8a33"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 1 KB
910 B 227ms
110ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8&d=www.rferl.org&t=5456234&v=1.632.0&sl=0&si=v05lj4cufa-r2jt3u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=211610
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 41ea8f38c5375816162d8fc5038c631fb75fafa34f6c895b8a7a9e3c140dedbf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 06:09:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 590

GET
H/1.1 200
OK dest5.html Show response
bbg.demdex.net/ Frame E7D7 7 KB
3 KB 130ms
31ms Document
text/html 52.208.127.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.208.127.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-208-127-56.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 14 Nov 2021 06:09:30 GMT
DCS: dcs-prod-irl1-2-v019-0dabc80c8.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 14 Oct 2021 11:09:05 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: N2Yp/uWTRtY=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
315 B 86ms
26ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=24751175413615319782203656689097256167&ts=1636870170740

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-6988cccb6f-srf42
vary: Origin
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YZCoGgAAALA9OQQp
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=24741822988735125932205527890095067708
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZCoGgAAALA9OQQp

42 B
945 B

31ms
31ms

Image
image/gif

63.32.159.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZCoGgAAALA9OQQp

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

HTTP/1.1

Server

63.32.159.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-32-159-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v019-0f4b0dfcb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1a7SJu0HQn8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZCoGgAAALA9OQQp
Date: Sun, 14 Nov 2021 06:09:30 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H2 204 collect
www.google-analytics.com/g/ 0
170 B 37ms
36ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-M4LGVTBXXT&gtm=2oeba1&_p=494625776&sr=1600x1200&ul=en-us&cid=1758175639.1636870171&_s=1&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&dt=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&sid=1636870170&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M4LGVTBXXT&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1949494258686877 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 318ms
317ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1949494258686877?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc3b7b7be6d3d90bf6db195268314a0eb5bdce8c40892a6f8e4ffc6bf672c021

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 7NrWT8NSXRsnw2L5h9mnfdyxnUfxmFIyLCPcNkTBWFuJvIBRR4qD1N3LeTh/mPesZpQqFldx2xWXkWlMwwy0LA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 0255.json Show response
script.crazyegg.com/pages/data-scripts/0026/ 97 KB
4 KB 156ms
57ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8841760918e0125ee8a020e37c63e19ef58704786268a1de2b512f6c9b634e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 140557
ce-version: 11.1.358
content-length: 3963
timing-allow-origin: *
last-modified: Fri, 12 Nov 2021 15:06:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ade12482cb2e903-MXP

GET
H2 200 web Show response
onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/ 5 KB
2 KB 67ms
58ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/dcba9732-9d59-46ec-aea0-e487e980e249/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151509

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f32948fbb59f52674fd75177453ae9db1e3a8c1513b37b51126849917be86618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1354
cf-polished: origSize=5101
status: 200 OK
x-envoy-upstream-service-time: 25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: d08f59d3-3a1a-494a-ae9e-88ba6cb27165
x-runtime: 0.023626
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"58c2daad62eb907b7924e943b2c5d729"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6ade12480d1b0f6a-MXP
access-control-allow-headers: SDK-Version
expires: Sun, 14 Nov 2021 07:09:30 GMT

POST
H2 200 s28150944580228 Show response
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/ 43 B
436 B 79ms
27ms XHR
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28150944580228

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202104210225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 15 Nov 2021 06:09:30 GMT
server: jag
xserver: anedge-6988cccb6f-6slbt
etag: 3515151925155168256-4619382914755304270
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sat, 13 Nov 2021 06:09:30 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 107ms
48ms Fetch
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=953446944667626&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=7aeced5f8a3714fab839721b7680b221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net *.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: T2dpuyimMzHpSwAYY5pxAMYR0xawxjGCufcB6JXjMaHiBZ5uyimSHWAWI8pcpYMyTzMCU3NtAoHRyh+QFZSYhg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Sun, 14 Nov 2021 06:09:30 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.rferl.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 share.php Show response
vk.com/ 21 B
396 B 70ms
67ms Script
text/html 87.240.190.67
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&url=https://www.rferl.orgnull

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.190.67 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv67-190-240-87.vk.com

Software

kittenx / KPHP/7.4.109289

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-frontend: front220006
server: kittenx
x-powered-by: KPHP/7.4.109289
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 41

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 3 KB
1 KB 30ms
27ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 50bc4fb7484a533e88993d7fd10ed959c7e6627501d8d095927294ccde65b65e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:15 GMT
server: AkamaiNetStorage
etag: "a5035324ea4ad992dbbd61c03df4292f:1618971915.131914"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 1045
expires: Sun, 14 Nov 2021 06:14:30 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 2250 980 B
687 B 49ms
46ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires: Sun, 14 Nov 2021 06:09:30 GMT

GET
H2 200 infographics.b Show response
www.rferl.org/Scripts/responsive/ Frame 2250 4 KB
2 KB 61ms
59ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/31157751.html?layout=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
expires: Sat, 04 Dec 2021 06:49:08 GMT
cache-control: max-age=1730378
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
content-length: 1471
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Merriweather-Light_v2.woff
www.rferl.org/Content/responsive/fonts/ Frame 2250 60 KB
61 KB 69ms
67ms Font
application/font-woff 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/fonts/Merriweather-Light_v2.woff

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.rferl.org/a/31157751.html?layout=1
Origin: https://www.rferl.org
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:08 GMT
strict-transport-security: max-age=31536000
content-type: application/font-woff
cache-control: public, max-age=2592000
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 61544
x-xss-protection: 1; mode=block
expires: Tue, 14 Dec 2021 06:09:30 GMT

GET
H2 200 ifg-blank.css
www.rferl.org/Content/ Frame 2250 284 B
530 B 81ms
79ms Stylesheet
text/css 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/ifg-blank.css?av=0.1.0.0&cb=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/31157751.html?layout=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 11 Jan 2021 13:10:18 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, no-transform, max-age=1730559
server-timing: cdn-cache; desc=HIT, edge; dur=6
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 220
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:52:09 GMT

GET
H2 200 RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ Frame 2250 355 KB
56 KB 83ms
81ms Stylesheet
text/css 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7b0cbae420afb654f52c53bf33d27086beb3fb7fa46d8cde0b1c9d05bb084275

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/31157751.html?layout=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 22 Sep 2021 13:39:56 GMT
vary: Accept-Encoding
content-type: text/css
cache-control: public, no-transform, max-age=258286
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-ua-compatible: IE=edge
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 57219
x-xss-protection: 1; mode=block
expires: Wed, 17 Nov 2021 05:54:16 GMT

GET
H2 200 fdf2c905-d3a8-4afe-83f2-9753658dc776_w256.png
gdb.rferl.org/ Frame 2250 22 KB
22 KB 96ms
95ms Image
image/webp 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gdb.rferl.org/fdf2c905-d3a8-4afe-83f2-9753658dc776_w256.png

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

54a0538719f9c2c8c99e9fb70ba47188da11ec8e6978d8fda62731ae7c193fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
last-modified: Mon, 08 Mar 2021 06:40:46 GMT
server: Akamai Image Manager
etag: "75828"
strict-transport-security: max-age=31536000
content-type: image/webp
cache-control: private, no-transform, max-age=1725725
content-length: 22464
expires: Sat, 04 Dec 2021 05:31:36 GMT

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ Frame 2250 140 KB
140 KB 419ms
115ms Script
application/javascript 52.217.170.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.170.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 06:09:32 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: V5J2KVGAJCQFHSVF
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: A2UuF996KCghhH5zcweETrYcqR+Wd9+CKi/6uF4ivOLkEZuOaNP5iRPq7iEd8rwLJ6cP9AJxgnE=

GET
H2 200 conf.js Show response
www.rferl.org/ Frame 2250 8 KB
2 KB 60ms
59ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/conf.js?x=254

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1b0432a6120e0a89c00ef4a17344e70cddb858ae2ce200ddbc9fa00f1d4d966c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/31157751.html?layout=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: max-age=1730348
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: application/javascript; charset=utf-8
content-length: 1900
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:48:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 36ms
36ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=494625776&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&ul=en-us&de=UTF-8&dt=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1104000216&gjid=1770640937&cid=1758175639.1636870171&tid=UA-75913661-40&_gid=1048601115.1636870171&_r=1&gtm=2wgba1WXZBPZ&z=934840846

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 281ms
90ms Image
image/gif 52.206.207.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.english&p=%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&u=CumYL6puYXECE8yH2&d=rferl.org&g=62557&g0=rferl.org&g1=Russian%20Service%2C%20RFE%2FRL%27s%3BPrince%2C%20Todd&n=1&f=00001&c=0&x=0&m=0&y=4103&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=884&t=k6FV3BtEo3vDlyVTCCIpwAqDS6hpH&V=129&i=Netherlands%20Detains%20Russian%20Sought%20By%20U.S.%20Over%20%27Ryuk%27%20Ransomware&tz=0&sn=1&sv=CQqgCwBKDF5LpiclxDjQjosBirLzj&sd=1&im=061b2ff3&_
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.206.207.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-206-207-49.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
319 B 74ms
24ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-75913661-40&cid=1758175639.1636870171&jid=1104000216&gjid=1770640937&_gid=1048601115.1636870171&_u=YADAAAAAAAAAAC~&z=453283942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Nov 2021 06:09:31 GMT
content-type: text/plain
access-control-allow-origin: https://www.rferl.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/ Frame 2250 140 KB
46 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/8d287e4d/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:54:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 895
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46909
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 18:33:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 05:54:35 GMT

GET
H2 200 11.1.358.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 69 KB
22 KB 55ms
55ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 01 Nov 2021 19:35:50 GMT
server: cloudflare
age: 319020
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
cf-ray: 6ade12489bd65a07-MXP
content-length: 22857

GET
H2 200 KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8 Show response
s.go-mpulse.net/boomerang/ Frame 2250 202 KB
51 KB 57ms
56ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: br
last-modified: Fri, 03 Sep 2021 01:12:09 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 84 KB
27 KB 33ms
32ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f9cfedb1d5b9684ff8026bcbe96a168a3446dd8424a53f9bb90b661078098b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:30 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:13 GMT
server: AkamaiNetStorage
etag: "8fb4823483483d3f0f27346a9824ca90:1618971913.316699"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 27000
expires: Sun, 14 Nov 2021 06:14:30 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
376 B 105ms
38ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-75913661-40&cid=1758175639.1636870171&jid=1104000216&_u=YADAAAAAAAAAAC~&z=1798594611

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
376 B 109ms
42ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-75913661-40&cid=1758175639.1636870171&jid=1104000216&_u=YADAAAAAAAAAAC~&z=1798594611

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0255.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0026/ 7 KB
2 KB 56ms
56ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0026/0255.json?t=454686
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f9d55e0ded28efe00980162dec6f7428295035c93ea005fc5a4f0b38f4c7f4d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 42258
ce-version: 11.1.358
content-length: 1469
timing-allow-origin: *
last-modified: Sat, 13 Nov 2021 18:25:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6ade12491daae903-MXP

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 2250 1 KB
910 B 77ms
77ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8&d=www.rferl.org&t=5456234&v=1.632.0&sl=0&si=b9ubahw63o6-r2jt3u&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=211610
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5ab44c2474dfd6bd17cf0f9196a68b0d7cee9bf12b2958bbc4fd376598408022

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 06:09:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 590

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
419 B 100ms
29ms XHR
binary/octet-stream 143.204.98.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-57.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2849276
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: T7af3jGuzmn_ykA7R6Qg_Ig4QoycGHEeKkTbneg2cbOQzJSiwZFzTQ==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
418 B 100ms
29ms XHR
binary/octet-stream 143.204.98.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-43.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 06:41:36 GMT
via: 1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
last-modified: Tue, 05 Oct 2021 13:53:30 GMT
server: AmazonS3
age: 2849276
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 19
x-amz-cf-id: SsYsf7xob97qmIAqoNbJoQF3Foh9yH-P2p2VnTi6U7Sr5guUfVhyNA==

GET
BLOB 200
OK d4564082-9f9a-4ee8-a5bb-510364a3aea2
https://www.rferl.org/ 53 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.rferl.org/d4564082-9f9a-4ee8-a5bb-510364a3aea2
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 53
Content-Type: text/javascript

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 330ms
28ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&rl=&if=false&ts=1636870171170&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1636870171169.1018254248&it=1636870170762&coo=false&rqm=GET

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 14 Nov 2021 06:09:31 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 28 B
135 B 111ms
41ms XHR
text/plain 54.73.172.176
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1636870171252
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.358.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.172.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-172-176.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: eff34b21b2c2ba89c7f8dc0d380f03b0ef3e9d28e672182a2baba4485d439652

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 Nov 2021 06:09:31 GMT
cache-control: no-store
server: awselb/2.0
content-length: 28
content-type: text/plain

GET
H2 200 utag.17.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 78 KB
22 KB 34ms
34ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.17.js?utv=ut4.46.202104210225
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 70d01f64506f0ee9616cc3cea6c0bd8295edec2b3f57168c8c681f7533d71f4e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
last-modified: Wed, 21 Apr 2021 02:25:14 GMT
server: AkamaiNetStorage
etag: "27a53ea683e9cd62632d35aa4fe69043:1618971914.425587"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 21827
expires: Mon, 29 Nov 2021 06:09:31 GMT

GET
H2 200 utag.24.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 10 KB
4 KB 32ms
31ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202008191613
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 610330771e510eab126ae47bd60fadd4c84d4be769c616e8085d62401586a4bb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
last-modified: Wed, 19 Aug 2020 16:13:20 GMT
server: AkamaiNetStorage
etag: "1ab162c9e089e5a5744bf3e2362ee310:1597853600.735526"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 3533
expires: Mon, 29 Nov 2021 06:09:31 GMT

GET
H2 200 utag.7.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 607 B
816 B 30ms
29ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
last-modified: Mon, 18 Nov 2019 20:48:23 GMT
server: AkamaiNetStorage
etag: "d385ea0409326a5bfc8c086bb3863fed:1574110103.546202"
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 607
expires: Mon, 29 Nov 2021 06:09:31 GMT

GET
H2 200 utag.4.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 55 KB
17 KB 36ms
36ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
last-modified: Mon, 18 Nov 2019 20:48:34 GMT
server: AkamaiNetStorage
etag: "4028c9d6e91f586f7dbde717e52241ff:1574110114.066746"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 17297
expires: Mon, 29 Nov 2021 06:09:31 GMT

GET
H2 200 utag.36.js Show response
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 2250 2 KB
1 KB 32ms
32ms Script
application/x-javascript 104.75.88.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac1c460fd2f93f6dd792aca2ae7d4443539863658d19ab41c5b1686c388262b6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
last-modified: Wed, 08 Jul 2020 18:26:11 GMT
server: AkamaiNetStorage
etag: "80c62d702b7674d27c1d5a5c0b0e5d21:1594232771.932712"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1089
expires: Mon, 29 Nov 2021 06:09:31 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 6C73 0
39 B 29ms
29ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.rferl.org
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.rferl.org
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Sun, 14 Nov 2021 06:09:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2250 98 KB
25 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: ECyL/hKBEWIG85hFwYAOIOrwhbmKFPFB3ihkiTv1K1XD/ZTrpYw2OM7RwNQHRpbsYCzbNX24jzo95uGkyOfzgg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/ Frame 2250
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
351 B

29ms
28ms

Script
application/javascript

143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: H2
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:01:49 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 467
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: hg18vqowDC6GPgKqMl8T9V-aQREVxJMMU9XHslbhtCyNT8vybwErNA==

Redirect headers

date: Sun, 14 Nov 2021 06:09:31 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: UHFB08RfZ1lzErcNQp_GEc3QdTyr2XYkKYb_-AdWqHQGgsy1ZevdNw==

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ Frame 2250 69 KB
23 KB 33ms
33ms Script
application/x-javascript 2600:9000:2156:f400:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.36.js?utv=ut4.46.201907311621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:f400:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:32:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:28:27 GMT
server: nginx
age: 5819
etag: W/"6179eeab-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ca-e4L0GNk9uPUtUTjqheJRe5o5c4EkkDK5LKrXdqvEBWg36Hh1naA==
expires: Sun, 14 Nov 2021 06:32:32 GMT

GET
H2

200

s28713581396699
bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/ Frame 2250
Redirect Chain

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C62E146DA-1A43E6843B21BB2A&ce=UTF-8&ns=bbg&pageNam...
https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&pccr=true&vidn=30C8540D889D1576-40000FBD537FC3CC&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C...

43 B
289 B

27ms
27ms

Image
image/gif

13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&pccr=true&vidn=30C8540D889D1576-40000FBD537FC3CC&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C62E146DA-1A43E6843B21BB2A&ce=UTF-8&ns=bbg&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&c1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&c4=snippet&v4=snippet&c5=snippet&v5=snippet&c6=week%20in%20russia%20region%20widget-gr-1878&v6=week%20in%20russia%20region%20widget-gr-1878&c14=31157751&v14=31157751&c15=english&v15=english&c16=rferl%20english&v16=rferl%20english&c17=responsive&v17=responsive&c21=iframe&v21=iframe&c23=24751175413615319782203656689097256167&v23=24751175413615319782203656689097256167&c24=017d1d10a7c100661044392b2df803072004606a00b08&v24=017d1d10a7c100661044392b2df803072004606a00b08&c25=rfe&v25=rfe&c27=RFERL%20English%20Responsive&v27=RFERL%20English%20Responsive&c29=www.rferl.org&v29=www.rferl.org&c30=420&v30=420&c31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&c38=snippet&v38=snippet&c50=iframe&v50=iframe&c62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c65=week%20in%20russia%20region%20widget-gr-1878&v65=week%20in%20russia%20region%20widget-gr-1878&v70=2.6.0&v71=bbgprod-bbgentityrferl&c72=prod&v72=prod&c75=rfe%20profile%20updates&v75=rfe%20profile%20updates&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=681&AQE=1

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
x-content-type-options: nosniff
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 15 Nov 2021 06:09:31 GMT
server: jag
xserver: anedge-6988cccb6f-v5t47
etag: 3515151926318170112-4619628955714777653
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Sat, 13 Nov 2021 06:09:31 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
x-content-type-options: nosniff
last-modified: Mon, 15 Nov 2021 06:09:31 GMT
server: jag
access-control-allow-origin: *
xserver: anedge-6988cccb6f-tgxtd
x-c: main-1542.If2e2aa.M0-523
p3p: CP="This is not a P3P policy"
location: https://bbg.sc.omtrdc.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.6.0/s28713581396699?AQB=1&pccr=true&vidn=30C8540D889D1576-40000FBD537FC3CC&ndh=1&pf=1&t=14%2F10%2F2021%206%3A9%3A31%200%200&fid=05E5B30C62E146DA-1A43E6843B21BB2A&ce=UTF-8&ns=bbg&pageName=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&g=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=www.rferl.org&events=event2%2Cevent80&c1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&v1=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html&c4=snippet&v4=snippet&c5=snippet&v5=snippet&c6=week%20in%20russia%20region%20widget-gr-1878&v6=week%20in%20russia%20region%20widget-gr-1878&c14=31157751&v14=31157751&c15=english&v15=english&c16=rferl%20english&v16=rferl%20english&c17=responsive&v17=responsive&c21=iframe&v21=iframe&c23=24751175413615319782203656689097256167&v23=24751175413615319782203656689097256167&c24=017d1d10a7c100661044392b2df803072004606a00b08&v24=017d1d10a7c100661044392b2df803072004606a00b08&c25=rfe&v25=rfe&c27=RFERL%20English%20Responsive&v27=RFERL%20English%20Responsive&c29=www.rferl.org&v29=www.rferl.org&c30=420&v30=420&c31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v31=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&v32=rfe%3Aeng%3Ar%3Aiframe%3Aweek%20in%20russia%20region%20widget-gr-1878&c38=snippet&v38=snippet&c50=iframe&v50=iframe&c62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&v62=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c65=week%20in%20russia%20region%20widget-gr-1878&v65=week%20in%20russia%20region%20widget-gr-1878&v70=2.6.0&v71=bbgprod-bbgentityrferl&c72=prod&v72=prod&c75=rfe%20profile%20updates&v75=rfe%20profile%20updates&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=681&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-type: text/plain;charset=utf-8
content-length: 0
x-xss-protection: 1; mode=block
expires: Sat, 13 Nov 2021 06:09:31 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 2250 0
337 B 31ms
31ms Image
text/plain 143.204.98.82
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns_type=hidden&ns__t=1636870171699&ns_c=UTF-8&c8=Week%20in%20Russia%20Region%20Widget-GR-1878&c7=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&c9=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html
Requested by: Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-82.fra50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: Sr1VDJMLncvdneeItu9lOEm8a2unUbndfpiAlvnt7GHRAXhEM8Kb_w==
x-cache: Miss from cloudfront

GET
H2 200 1949494258686877 Show response
connect.facebook.net/signals/config/ Frame 2250 305 KB
87 KB 29ms
29ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1949494258686877?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fc3b7b7be6d3d90bf6db195268314a0eb5bdce8c40892a6f8e4ffc6bf672c021

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88891
x-xss-protection: 0
pragma: public
x-fb-debug: 7NrWT8NSXRsnw2L5h9mnfdyxnUfxmFIyLCPcNkTBWFuJvIBRR4qD1N3LeTh/mPesZpQqFldx2xWXkWlMwwy0LA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 14 Nov 2021 06:09:31 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2250 44 B
101 B 29ms
29ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=PageView&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&rl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&if=true&ts=1636870171793&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=0&o=30&fbp=fb.1.1636870171169.1018254248&it=1636870171737&coo=false&exp=p0&rqm=GET

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/a/31157751.html?layout=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 14 Nov 2021 06:09:31 GMT

GET
H2 200 res Show response
www.rferl.org/ 4 KB
2 KB 60ms
60ms Script
application/javascript 2a02:26f0:6c00:285::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/res?callback=_resourceLoaderReceiver_1&x=254&dependencies=custom_print

Requested by

Host: www.rferl.org
URL: https://www.rferl.org/Scripts/responsive/loader.b?v=8ZtvHmfe3Ps9JLb-yJj5UXVMNPtQ7-BNqIjeTWwjYjM1&av=0.1.0.0&cb=254

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:285::1317 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

69f902cac2f94d46bedcd37eac9986d503ba6416018a90ba9b46ec0f0c20ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
strict-transport-security: max-age=31536000
content-language: en
cache-control: public, no-transform, max-age=1730554
x-ua-compatible: IE=edge
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-type: application/javascript; charset=utf-8
content-length: 1555
x-xss-protection: 1; mode=block
expires: Sat, 04 Dec 2021 06:52:05 GMT

POST
H2 204 /
02179913.akstat.io/ Frame 2250 0
201 B 130ms
114ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179913.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
content-type: image/gif
access-control-allow-origin: https://www.rferl.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 14 Nov 2021 06:09:31 GMT

POST
H2 204 /
02179913.akstat.io/ 0
201 B 115ms
102ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://02179913.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/KY3Z7-Z27WB-Q4HRJ-PYULD-D44Q8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.rferl.org/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 06:09:31 GMT
content-type: image/gif
access-control-allow-origin: https://www.rferl.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 14 Nov 2021 06:09:31 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2250 44 B
147 B 29ms
29ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1949494258686877&ev=Microdata&dl=https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%3Flayout%3D1&rl=https%3A%2F%2Fwww.rferl.org%2Fa%2Frussia-ryuk-ransomeware-dubnikov%2F31559567.html&if=true&ts=1636870172294&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Week%20in%20Russia%20Region%20Widget-GR-1878%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22RFERL%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Week%20in%20Russia%20Region%20Widget-GR-1878%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rferl.org%2Fa%2F31157751.html%22%2C%22og%3Asite_name%22%3A%22RadioFreeEurope%2FRadioLiberty%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Frferl%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rferl.org%2FContent%2Fresponsive%2FRFE%2Fen-US%2Fimg%2Ftop_logo_news.png%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22675%22%2C%22og%3Aimage%3Aalt%22%3A%22site%20logo%22%2C%22twitter%3Acard%22%3A%22summary%22%2C%22twitter%3Asite%22%3A%22%40RFERL%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmtealium&ec=1&o=30&fbp=fb.1.1636870171169.1018254248&it=1636870171737&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.rferl.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 06:09:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 14 Nov 2021 06:09:32 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.rferl.org
URL: https://www.rferl.org/api/SocialMedia/FacebookCount?pageUrl=https://www.rferl.org/a/russia-ryuk-ransomeware-dubnikov/31559567.html

Verdicts & Comments Add Verdict or Comment

173 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: srkvdWuWt1g
.youtube.com/	1970-01-20 03:00:22	Name: VISITOR_INFO1_LIVE Value: kSWmR7oOQZY
www.rferl.org/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.demdex.net/	1970-01-20 03:00:22	Name: demdex Value: 24741822988735125932205527890095067708
.rferl.org/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.rferl.org/	1970-01-20 16:12:22	Name: _ga_M4LGVTBXXT Value: GS1.1.1636870170.1.0.1636870170.0
www.rferl.org/	1970-01-20 00:21:10	Name: .ASPXANONYMOUS Value: n70RZ38Kn3kvHl7yGbMNW21gvVm21pVJt4f0kgr7TJxy0lMCGYv25sZc2HpJQzJ67BOXmH9nE7fb0PCL5q0JZlcpD6mgEXNkcK9_Qya0CBu9M_htIIK1B3rdS9BPD524VAmxuw2
www.rferl.org/	1970-01-20 07:26:46	Name: PangeaEnvironment Value: 1
www.rferl.org/	1970-01-20 07:26:46	Name: Pangea-NodeId Value: ZVMybKrtgK4LkMpugAqESA==
www.rferl.org/	1969-12-31 23:59:59	Name: SessionID Value: 2712670636.47873.0000
livetracker.rfe.pangea-cms.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: mywfn4r2eqdobfruau5nsv4u
livetracker.rfe.pangea-cms.com/	1970-01-20 07:26:46	Name: Pangea-NodeId Value: ss4QDT4/hToF0Dpq4+I+PQ==
.rferl.org/	1969-12-31 23:59:59	Name: s_cc Value: true
.vk.com/	1970-01-20 07:21:17	Name: remixlang Value: 3
.scorecardresearch.com/	1970-01-20 15:57:58	Name: UID Value: 1EWXIT94SE7GHLVQDZKGBWg1636870171
.rferl.org/	1970-01-20 16:12:22	Name: _ga Value: GA1.2.1758175639.1636870171
.rferl.org/	1970-01-19 22:42:36	Name: _gid Value: GA1.2.1048601115.1636870171
.rferl.org/	1970-01-19 22:41:10	Name: _gat_UA-75913661-40 Value: 1
www.rferl.org/	1970-01-20 08:09:58	Name: _cb_ls Value: 1
www.rferl.org/	1970-01-20 08:09:58	Name: _cb Value: CumYL6puYXECE8yH2
www.rferl.org/	1970-01-19 22:41:11	Name: _cb_svref Value: null
.everesttech.net/	1970-01-20 07:26:46	Name: everest_g_v2 Value: g_surferid~YZCoGgAAALA9OQQp
.dpm.demdex.net/	1970-01-20 03:00:22	Name: dpm Value: 24741822988735125932205527890095067708
.rferl.org/	1970-01-20 16:12:22	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1406116232%7CMCIDTS%7C18946%7CMCMID%7C24751175413615319782203656689097256167%7CMCAAMLH-1637474970%7C6%7CMCAAMB-1637474970%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1636877370s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18953%7CvVersion%7C2.5.0
.rferl.org/	1970-01-20 07:26:46	Name: utag_main Value: v_id:017d1d10a7c100661044392b2df803072004606a00b08$_sn:1$_se:2$_ss:0$_st:1636871971013$ses_id:1636870170562%3Bexp-session$_pn:2%3Bexp-session$vapi_domain:rferl.org
.rferl.org/	1970-01-19 22:51:14	Name: RT Value: "z=1&dm=rferl.org&si=b9ubahw63o6&ss=kvyu8ius&sl=0&tt=0"
.rferl.org/	1970-01-20 00:50:46	Name: _fbp Value: fb.1.1636870171169.1018254248
.rferl.org/	1970-01-21 18:30:36	Name: s_fid Value: 05E5B30C62E146DA-1A43E6843B21BB2A
.bbg.sc.omtrdc.net/	1970-01-20 16:12:22	Name: s_vi Value: [CS]v1\|30C8540D889D1576-40000FBD537FC3CC[CE]
www.rferl.org/	1970-01-20 08:09:58	Name: _chartbeat2 Value: .1636870170919.1636870171744.1.CQqgCwBKDF5LpiclxDjQjosBirLzj.2
.www.rferl.org/	1970-01-19 22:51:14	Name: RT Value: "z=1&dm=www.rferl.org&si=a5c9e6b6-0b4f-4195-9916-fa334f6e3e00&ss=kvyu8ij1&sl=1&tt=1dg&bcn=%2F%2F02179913.akstat.io%2F"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

02179913.akstat.io
api.pinterest.com
assets-tracking.crazyegg.com
bbg.demdex.net
bbg.sc.omtrdc.net
c.go-mpulse.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
connect.mail.ru
connect.ok.ru
dpm.demdex.net
gdb.rferl.org
livetracker.rfe.pangea-cms.com
onesignal.com
pagestates-tracking.crazyegg.com
ping.chartbeat.net
s.go-mpulse.net
s3.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
static.chartbeat.com
stats.g.doubleclick.net
tags.tiqcdn.com
tracking.crazyegg.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.rferl.org
www.youtube.com
www.rferl.org
104.75.88.194
104.75.88.209
13.36.218.177
143.204.98.43
143.204.98.57
143.204.98.82
217.20.152.207
2600:9000:2156:f400:18:1fcd:34f:cdc1
2606:4700::6812:e134
2606:4700::6813:9308
2a00:1450:4001:827::200e
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:285::1317
2a02:26f0:6c00:2b2::1317
2a02:26f0:6c00:2b9::11a6
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
52.206.207.49
52.208.127.56
52.217.170.200
54.194.191.134
54.73.172.176
63.32.159.255
87.240.190.67
94.100.180.55
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0f9cfedb1d5b9684ff8026bcbe96a168a3446dd8424a53f9bb90b661078098b8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
183439061ad9b3465bd6b78619eebd0e1b815328ebaccb39493da0b3993f4eb2
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
1b0432a6120e0a89c00ef4a17344e70cddb858ae2ce200ddbc9fa00f1d4d966c
262fd74571b20241b0506bdb49bccddce8305437ce67b136556cca4694bc2a58
2c79a0d38895bc9f3321a34507d6b94d2b19fad84ee7a0706a0a91a51e0a880f
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2f119c5a81d3458d77822efde4bfee76382f77dfc861991743888ffa28b7195f
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3cc2173e51ca90f5e17fe65e90f506dfcdbed5d9d6496aad1bc1bf714f7f73ed
3f9d55e0ded28efe00980162dec6f7428295035c93ea005fc5a4f0b38f4c7f4d
408f7a2e5b23e86484b0d5dbe09fa97874ef8d3c6e75c56aecb74f3cb3bfcebf
41ea8f38c5375816162d8fc5038c631fb75fafa34f6c895b8a7a9e3c140dedbf
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4814af27d827b7c3da987d0c7c50df5a1eb76cf3c43046156c753ba7d2e75e6f
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4c8841760918e0125ee8a020e37c63e19ef58704786268a1de2b512f6c9b634e
4d5b1954d1237cde4e114c92f0d5cd82fea8ec549021ad3c0083e2d348da4a2b
50bc4fb7484a533e88993d7fd10ed959c7e6627501d8d095927294ccde65b65e
54a0538719f9c2c8c99e9fb70ba47188da11ec8e6978d8fda62731ae7c193fdd
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5ab44c2474dfd6bd17cf0f9196a68b0d7cee9bf12b2958bbc4fd376598408022
610330771e510eab126ae47bd60fadd4c84d4be769c616e8085d62401586a4bb
627f5ebeeb414647d5026a5808a109098535d2f8e2f0c646b17c99f2e2ea0327
68bc8832bd65c93f2895a61ae297bc5c67bd7512982f8755c4daa33aea25e37e
68c3532442a503d298666c3642cf13b54a841f302565ea0c8939771a9375497a
69f902cac2f94d46bedcd37eac9986d503ba6416018a90ba9b46ec0f0c20ff76
6d6520019c54d3725b0fda9a6f7c19e1d28430a9a38ff78c21f4d564be367cb0
6e3b6aa232f14db21b75d3c5308d8ba2744f6c230ccf963cdc980af8c3f8c1af
70d01f64506f0ee9616cc3cea6c0bd8295edec2b3f57168c8c681f7533d71f4e
71ced75a6c62524ddffd93498484506e9108f4e74488a5562c1243a08f2202d4
71d3a6c3ecf29f0aff1b2693354bcee7b2a7392a016b8894ed2f1297b9619fce
740a40cf8f5e27a964775206ea48d7e70904cb2b857e5173dada2952ac321007
7aa6e60341ffcdf060a3bfb3ed2eaf5e9770313258b8c9c07e3e9482afa9475c
7b0cbae420afb654f52c53bf33d27086beb3fb7fa46d8cde0b1c9d05bb084275
7b2071f68561ae4bdc79b12306f86e720218b01a0f58354069efb16ad68cab94
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
82418a754bd9cc42d97ac2934d53d81df236cca29eb5fa6913316da74d383bdc
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8c3d5407ca07a772620d1fe4396d7ea0012ef3dca32a4f733fd2b990fc2fa442
90201b31b5f5348819cf3e546ff62071f8d3d18cad7659be062e5e2a328707ac
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
a0be76c911338a04a147d23494fe0bba1e96cb78a4c6efce737b072466c8a346
a1863289cd8836d6052876731599911bac2253f00e18a92f421a3b05a4642883
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a9602b90c8a49e8bf5ce0a2dd6435e8364780d237dd796d75b9553cbb2867772
aa081436fdbf78060847f4dbd6cc95f88a435c2f995e03aedf16cae94bb48762
ac1c460fd2f93f6dd792aca2ae7d4443539863658d19ab41c5b1686c388262b6
b0baf52e6911831b998923d8ac3f0347802ce76e0ba571b1e09330a263c76bf3
b0f3cda294d4d1bf2ba5cc52d71b6dfa4c5a8a9e4fe29ae581ac0ab0ac2cda96
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b94b5c95c61c827d46d81de7238445cff951ace283cc7a290fba1f4cf1b88cd8
ba2647f1760f08df792a571274de671f5fdc097ede7079d28e96f0b314c0f97b
c55aaa08f90f696a3606e3bca701cebb488a631561f7923ab5cd7292e76a5201
c981a854c0a757f362b7c398a239fc51c8b42102ab6c3af7ef016cd3766ab1c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dc624740b2376ebabb39c63c10377e01b75988a506d8a238f9f53093cdb974f0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e469222c02a3574f92109c93c9ccdeda5e20a54b9df12a83b51bcc9169cd3fcc
e916d6f3c9c316368f99463951a426d09d4ddd223e961652728b519efb11e772
ea4293ef45472342ee1bc4d0b26ca52262401e0f8672bff0b150db4e130f1797
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff34b21b2c2ba89c7f8dc0d380f03b0ef3e9d28e672182a2baba4485d439652
f32948fbb59f52674fd75177453ae9db1e3a8c1513b37b51126849917be86618
f741f1f1d5d51b19ebdb2a93212e766850bf6bfcf3a606c75821317f17121ea6
fc3b7b7be6d3d90bf6db195268314a0eb5bdce8c40892a6f8e4ffc6bf672c021
fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

www.rferl.org Open in urlscan Pro 2a02:26f0:6c00:285::1317 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

108 Requests

93 %HTTPS

50 %IPv6

26 Domains

33 Subdomains

30 IPs

6 Countries

1650 kBTransfer

4771 kBSize

31 Cookies

20 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.rferl.org Open in urlscan Pro
2a02:26f0:6c00:285::1317 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

93 %
HTTPS

50 %
IPv6

26
Domains

33
Subdomains

30
IPs

6
Countries

1650 kB
Transfer

4771 kB
Size

31
Cookies

108 HTTP transactions
0 data transactions