d2bhpehymydh2o.cloudfront.net
Open in
urlscan Pro
2600:9000:2761:3800:4:6fdc:6c00:21
Public Scan
URL:
https://d2bhpehymydh2o.cloudfront.net/a/vazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-/3285669...
Submission: On March 11 via api from US — Scanned from DE
Submission: On March 11 via api from US — Scanned from DE
Summary
This website contacted 21 IPs
in 4 countries
across 19 domains to perform 89 HTTP transactions.
The main IP is 2600:9000:2761:3800:4:6fdc:6c00:21, located in
United States and
belongs to AMAZON-02, US.
The main domain is d2bhpehymydh2o.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d2bhpehymydh2o.cloudfront.net was scanned on urlscan.io!
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d2bhpehymydh2o.cloudfront.net was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
27
2600:9000:2761:3800:4:6fdc:6c00:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d2bhpehymydh2o.cloudfront.net |
4
2600:9000:225d:9200:7:aaa:2480:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d3f06yfj614k9e.cloudfront.net |
1
2600:9000:2359:7a00:1f:a869:b140:21
(United States)
ASN16509 (AMAZON-02, US)
ASN16509 (AMAZON-02, US)
| d1xwyh7joz8vyd.cloudfront.net |
3
18.245.46.9
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-9.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-9.fra56.r.cloudfront.net
| thetruestory.news |
1
2a00:1450:4001:812::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
4
63.34.206.49
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-206-49.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-206-49.eu-west-1.compute.amazonaws.com
| dpm.demdex.net | |
| bbg.demdex.net |
6
2a03:2880:f084:105:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
6
18.244.18.27
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net
| sb.scorecardresearch.com |
1
63.140.62.222
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-222.data.adobedc.net
| bbg.sc.omtrdc.net |
1
34.245.245.200
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-245-200.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-245-245-200.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
34.233.212.69
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-212-69.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-212-69.compute-1.amazonaws.com
| ping.chartbeat.net |
3
63.140.62.17
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
| ssc.sibreal.org |
2
87.240.132.67
(Russian Federation)
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-132-240-87.vk.com
ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv67-132-240-87.vk.com
| vk.com |
3
2a03:2880:f177:83:face:b00c:0:25de
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| www.facebook.com |
1
54.231.224.200
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
cloudfront.net
1 redirects
d2bhpehymydh2o.cloudfront.net d3f06yfj614k9e.cloudfront.net d1xwyh7joz8vyd.cloudfront.net |
932 KB |
| 16 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1234 |
165 KB |
| 6 |
scorecardresearch.com
2 redirects
sb.scorecardresearch.com — Cisco Umbrella Rank: 176 |
2 KB |
| 6 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180 |
223 KB |
| 4 |
crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2330 |
55 KB |
| 4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 246 bbg.demdex.net — Cisco Umbrella Rank: 142217 |
5 KB |
| 4 |
youtube.com
www.youtube.com — Cisco Umbrella Rank: 66 |
136 KB |
| 3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 100 |
292 B |
| 3 |
sibreal.org
1 redirects
ssc.sibreal.org |
2 KB |
| 3 |
onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4722 onesignal.com — Cisco Umbrella Rank: 1455 |
74 KB |
| 3 |
thetruestory.news
thetruestory.news — Cisco Umbrella Rank: 363926 |
15 KB |
| 2 |
vk.com
vk.com — Cisco Umbrella Rank: 7136 |
1 KB |
| 2 |
chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1743 |
48 KB |
| 1 |
amazonaws.com
s3.amazonaws.com |
140 KB |
| 1 |
rferl.org
www.rferl.org — Cisco Umbrella Rank: 248781 |
49 KB |
| 1 |
chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1475 |
201 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1345 |
517 B |
| 1 |
omtrdc.net
bbg.sc.omtrdc.net — Cisco Umbrella Rank: 186575 |
277 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40 |
94 KB |
| 89 | 19 |
| Domain | Requested by | |
|---|---|---|
| 27 | d2bhpehymydh2o.cloudfront.net |
1 redirects
d2bhpehymydh2o.cloudfront.net
|
| 16 | tags.tiqcdn.com |
d2bhpehymydh2o.cloudfront.net
tags.tiqcdn.com |
| 6 | sb.scorecardresearch.com |
2 redirects
d2bhpehymydh2o.cloudfront.net
|
| 6 | connect.facebook.net |
tags.tiqcdn.com
connect.facebook.net d2bhpehymydh2o.cloudfront.net |
| 4 | script.crazyegg.com |
tags.tiqcdn.com
script.crazyegg.com |
| 4 | d3f06yfj614k9e.cloudfront.net |
d2bhpehymydh2o.cloudfront.net
|
| 4 | www.youtube.com |
d2bhpehymydh2o.cloudfront.net
www.youtube.com |
| 3 | www.facebook.com |
d2bhpehymydh2o.cloudfront.net
connect.facebook.net |
| 3 | ssc.sibreal.org |
1 redirects
tags.tiqcdn.com
d2bhpehymydh2o.cloudfront.net |
| 3 | dpm.demdex.net |
1 redirects
d2bhpehymydh2o.cloudfront.net
|
| 3 | thetruestory.news |
d2bhpehymydh2o.cloudfront.net
thetruestory.news |
| 2 | vk.com |
d2bhpehymydh2o.cloudfront.net
|
| 2 | static.chartbeat.com |
tags.tiqcdn.com
|
| 2 | cdn.onesignal.com |
d2bhpehymydh2o.cloudfront.net
cdn.onesignal.com |
| 1 | s3.amazonaws.com |
d2bhpehymydh2o.cloudfront.net
|
| 1 | www.rferl.org |
d2bhpehymydh2o.cloudfront.net
www.rferl.org |
| 1 | ping.chartbeat.net |
d2bhpehymydh2o.cloudfront.net
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | bbg.sc.omtrdc.net |
tags.tiqcdn.com
|
| 1 | bbg.demdex.net |
tags.tiqcdn.com
|
| 1 | onesignal.com |
cdn.onesignal.com
|
| 1 | www.googletagmanager.com |
d2bhpehymydh2o.cloudfront.net
|
| 1 | d1xwyh7joz8vyd.cloudfront.net |
d2bhpehymydh2o.cloudfront.net
|
| 89 | 23 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.cloudfront.net Amazon RSA 2048 M01 |
2023-10-10 - 2024-09-19 |
a year | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-17 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
| thetruestory.news Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-16 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-03 - 2024-05-02 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2024-02-19 - 2024-05-13 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-12-19 - 2024-03-18 |
3 months | crt.sh |
| script.crazyegg.com E1 |
2024-02-06 - 2024-05-06 |
3 months | crt.sh |
| *.chartbeat.com Thawte TLS RSA CA G1 |
2023-05-16 - 2024-06-06 |
a year | crt.sh |
| *.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA |
2023-12-11 - 2024-12-10 |
a year | crt.sh |
| *.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
| *.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-02-07 - 2025-03-09 |
a year | crt.sh |
| *.chartbeat.net Thawte TLS RSA CA G1 |
2023-11-20 - 2024-12-20 |
a year | crt.sh |
| ssc.sibreal.org DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-12-11 - 2025-01-10 |
a year | crt.sh |
| *.vk.com GlobalSign ECC OV SSL CA 2018 |
2024-02-14 - 2025-03-02 |
a year | crt.sh |
| www.rferl.org R3 |
2024-01-02 - 2024-04-01 |
3 months | crt.sh |
| s3.amazonaws.com Amazon RSA 2048 M01 |
2024-02-08 - 2025-01-11 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://d2bhpehymydh2o.cloudfront.net/a/vazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-/32856698.html?utm_source=lentach
Frame ID: 4FC8B6BA7A79889AF372CBD66DCE24B2
Requests: 64 HTTP requests in this frame
Frame:
https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 372DD054E7BB575755A19CAF116DB9E5
Requests: 1 HTTP requests in this frame
Frame:
https://d2bhpehymydh2o.cloudfront.net/a/32573919.html?layout=1
Frame ID: 12E1AB00DF855479EF70F0BFFC460203
Requests: 27 HTTP requests in this frame
Screenshot
Page Title
"Важные истории": налог на доходы физических лиц хотят повысить до 20%, на прибыль — до 25%,Detected technologies
AMP
(JavaScript frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link rel="amphtml"
Crazy Egg
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/ns\.html[^>]+></iframe>
- googletagmanager\.com/gtm\.js
MailChimp
(Marketing Automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
OneSignal
(Marketing automation)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cdn\.onesignal\.com
Page Statistics
19 Outgoing links
These are links going to different origins than the main page.
URL: https://www.svoboda.org/
Title: Радио Свобода
Title: Радио Свобода
Search URL Search Domain Scan URL
URL: https://www.severreal.org/
Title: Север.Реалии
Title: Север.Реалии
Search URL Search Domain Scan URL
URL: https://t.me/sibrealii
Search URL Search Domain Scan URL
URL: https://www.youtube.com/channel/UCXbY7Lu7rj1ZwpkzDjJDFIw/?sub_confirmation=1
Search URL Search Domain Scan URL
URL: https://twitter.com/sibrealii
Search URL Search Domain Scan URL
URL: https://www.facebook.com/sibrealii
Search URL Search Domain Scan URL
URL: https://www.instagram.com/sibrealii/
Search URL Search Domain Scan URL
URL: https://www.sibreal.org/
Search URL Search Domain Scan URL
URL: https://telegram.me/share/url?url=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html
Search URL Search Domain Scan URL
URL: https://facebook.com/sharer.php?u=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html
Search URL Search Domain Scan URL
URL: https://twitter.com/share?url=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html&text=%22%d0%92%d0%b0%d0%b6%d0%bd%d1%8b%d0%b5+%d0%b8%d1%81%d1%82%d0%be%d1%80%d0%b8%d0%b8%22%3a+%d0%b2+%d0%a0%d0%be%d1%81%d1%81%d0%b8%d0%b8+%d0%b7%d0%bd%d0%b0%d1%87%d0%b8%d1%82%d0%b5%d0%bb%d1%8c%d0%bd%d0%be+%d0%b2%d1%8b%d1%80%d0%b0%d1%81%d1%82%d1%83%d1%82+%d0%bd%d0%b0%d0%bb%d0%be%d0%b3%d0%b8
Search URL Search Domain Scan URL
URL: https://connect.mail.ru/share?url=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html
Search URL Search Domain Scan URL
URL: https://web.whatsapp.com/send?text=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3a%2f%2fwww.sibreal.org%2fa%2fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2f32856698.html&title=%22%D0%92%D0%B0%D0%B6%D0%BD%D1%8B%D0%B5%20%D0%B8%D1%81%D1%82%D0%BE%D1%80%D0%B8%D0%B8%22:%20%D0%B2%20%D0%A0%D0%BE%D1%81%D1%81%D0%B8%D0%B8%20%D0%B7%D0%BD%D0%B0%D1%87%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D0%BE%20%D0%B2%D1%8B%D1%80%D0%B0%D1%81%D1%82%D1%83%D1%82%20%D0%BD%D0%B0%D0%BB%D0%BE%D0%B3%D0%B8
Search URL Search Domain Scan URL
URL: https://storage.googleapis.com/istories/news/2024/03/11/nalogovaya-mobilizatsiya/index.html
Title: сообщают
Title: сообщают
Search URL Search Domain Scan URL
URL: http://kremlin.ru/events/president/news/73585
Title: поручил
Title: поручил
Search URL Search Domain Scan URL
URL: https://rus.azathabar.com/a/31133465.html?int_cid=banner:avoid-blocking-gr-1872:rferl-russian:1col-reg
Title: читать >
Title: читать >
Search URL Search Domain Scan URL
URL: https://rferl.us10.list-manage.com/subscribe?u=3de062b009896941d3ae1c478&id=9ea651fb24
Title: <img src="https://d3f06yfj614k9e.cloudfront.net/01000000-0aff-0242-1f4d-08dba96f4174_cx0_cy43_cw0_w100_r1.jpg" alt=" " />
Title: <img src="https://d3f06yfj614k9e.cloudfront.net/01000000-0aff-0242-1f4d-08dba96f4174_cx0_cy43_cw0_w100_r1.jpg" alt=" " />
Search URL Search Domain Scan URL
URL: http://www.svoboda.org/
Title: Радио Свобода
Title: Радио Свобода
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1710167492858 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1710167492858
- https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/default/cs.js
- https://cm.everesttech.net/cm/dd?d_uuid=58795829705602702102779836363484729217 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ze8VxQAAANyy3gN-
- https://d2bhpehymydh2o.cloudfront.net/a/vazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-/32573919.html?layout=1 HTTP 301
- https://d2bhpehymydh2o.cloudfront.net/a/32573919.html?layout=1
- https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
- https://sb.scorecardresearch.com/internal-c2/default/cs.js
- https://ssc.sibreal.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s83663937759011?AQB=1&ndh=1&pf=1&t=11%2F2%2F2024%2015%3A31%3A36%201%20-60&fid=372C20B6FA983303-31B16613C7F28A4F&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Aru%3Ar%3Aiframe%3Areali%20weekly%20right%20region&g=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=d2bhpehymydh2o.cloudfront.net&events=event2%2Cevent80&v1=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html&v4=snippet&v5=snippet&v6=reali%20weekly%20right%20region&v14=32573919&v15=russian&v16=rferl%20russian&v17=responsive&v21=iframe&v25=rfe&v27=RFERL%20Sibreal%20Responsive&v29=d2bhpehymydh2o.cloudfront.net&v30=543&v31=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&v32=rfe%3Aru%3Ar%3Aiframe%3Areali%20weekly%20right%20region&v38=snippet&v50=iframe&v62=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&v65=reali%20weekly%20right%20region&v66=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2Fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2F32856698.html%3Futm_source%3Dlentach&v67=d2bhpehymydh2o.cloudfront.net&v72=prod&v82=link&v100=2024-03-11%3A15.31%3A%2B01.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=842&AQE=1 HTTP 302
- https://ssc.sibreal.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s83663937759011?AQB=1&pccr=true&vidn=32F78AE4218BEA4B-40000C9E21899DB8&ndh=1&pf=1&t=11%2F2%2F2024%2015%3A31%3A36%201%20-60&fid=372C20B6FA983303-31B16613C7F28A4F&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Aru%3Ar%3Aiframe%3Areali%20weekly%20right%20region&g=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&cc=USD&ch=%2Fa&server=d2bhpehymydh2o.cloudfront.net&events=event2%2Cevent80&v1=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html&v4=snippet&v5=snippet&v6=reali%20weekly%20right%20region&v14=32573919&v15=russian&v16=rferl%20russian&v17=responsive&v21=iframe&v25=rfe&v27=RFERL%20Sibreal%20Responsive&v29=d2bhpehymydh2o.cloudfront.net&v30=543&v31=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&v32=rfe%3Aru%3Ar%3Aiframe%3Areali%20weekly%20right%20region&v38=snippet&v50=iframe&v62=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2F32573919.html%3Flayout%3D1&v65=reali%20weekly%20right%20region&v66=https%3A%2F%2Fd2bhpehymydh2o.cloudfront.net%2Fa%2Fvazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-%2F32856698.html%3Futm_source%3Dlentach&v67=d2bhpehymydh2o.cloudfront.net&v72=prod&v82=link&v100=2024-03-11%3A15.31%3A%2B01.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Aen-US&v104=iq&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=325&bh=842&AQE=1
89 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
32856698.html
d2bhpehymydh2o.cloudfront.net/a/vazhnye-istorii-nalog-na-dohody-fizicheskih-lits-hotyat-povysit-do-20-na-pribyl-do-25-/ |
59 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RFE-ru-RU-X-SIB.css
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/ |
291 KB 292 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
993 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
infographics.b
d2bhpehymydh2o.cloudfront.net/Scripts/responsive/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
loader.b
d2bhpehymydh2o.cloudfront.net/Scripts/responsive/ |
86 KB 87 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Skolar-Lt_Cyrl_v2.4.woff
d2bhpehymydh2o.cloudfront.net/Content/responsive/fonts/ |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
player-spinner.png
d2bhpehymydh2o.cloudfront.net/Content/responsive/img/ |
978 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-compact.svg
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.svg
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
4 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-print.gif
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
3 KB 3 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-print_color.png
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6FFE48EE-566C-47B1-A39F-262234DDC9A8_w250_r1_s.jpg
d3f06yfj614k9e.cloudfront.net/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
banners-styles.css
d1xwyh7joz8vyd.cloudfront.net/branding/cdn/html_banners/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f1e41247-1727-471d-848b-83cfb61e83fe_w200.png
d3f06yfj614k9e.cloudfront.net/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget-top.iife.js
thetruestory.news/ |
30 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serviceWorkerInstall.js
d2bhpehymydh2o.cloudfront.net/Scripts/responsive/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conf.js
d2bhpehymydh2o.cloudfront.net/ |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
300 KB 94 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d2bhpehymydh2o.cloudfront.net/Content/responsive/fonts/ |
40 KB 41 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons-font-1698069833780.woff
d2bhpehymydh2o.cloudfront.net/Content/responsive/fonts/ |
18 KB 19 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons-custom.woff
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
2 KB 2 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
image-placeholder.svg
d2bhpehymydh2o.cloudfront.net/Content/responsive/img/ |
709 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
362 B 920 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sibreal
thetruestory.news/api/widget/ |
5 KB 2 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main
thetruestory.news/api/widget/ |
7 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/c48a9559/www-widgetapi.vflset/ |
215 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
284 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.72.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
85 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.24.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.7.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
607 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.4.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.73.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
res
d2bhpehymydh2o.cloudfront.net/ |
79 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
6FFE48EE-566C-47B1-A39F-262234DDC9A8_w1023_r1_s.jpg
d3f06yfj614k9e.cloudfront.net/ |
110 KB 111 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
215 KB 58 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
0255.js
script.crazyegg.com/pages/scripts/0026/ |
6 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ |
71 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/default/ Redirect Chain
|
0 384 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 433 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b
sb.scorecardresearch.com/ |
0 226 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
596 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
290 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
924 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
web
onesignal.com/api/v1/sync/e51c9bb9-e3e7-4a2a-83ee-77c609f40faa/ |
5 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dest5.html
bbg.demdex.net/ Frame 372D |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
bbg.sc.omtrdc.net/ |
2 B 277 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ibs:dpid=411&dpuuid=Ze8VxQAAANyy3gN-
dpm.demdex.net/ Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ping
ping.chartbeat.net/ |
43 B 201 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d2bhpehymydh2o.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/site/ |
104 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
414531540699990
connect.facebook.net/signals/config/ |
53 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
s837864204802
ssc.sibreal.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ |
43 B 426 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.js
connect.facebook.net/en_US/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
share.php
vk.com/ |
21 B 663 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hljson
d2bhpehymydh2o.cloudfront.net/ |
87 B 602 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
32573919.html
d2bhpehymydh2o.cloudfront.net/a/ Frame 12E1 Redirect Chain
|
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-compact.svg
d2bhpehymydh2o.cloudfront.net/Content/responsive/RFE/ru-RU-X-SIB/img/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
0 274 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
all.js
connect.facebook.net/en_US/ |
300 KB 85 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7b3610a62d87d9f1bc9f3d09b2fa9421.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ |
138 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
d2bhpehymydh2o.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ |
8 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
status
www.facebook.com/x/oauth/ |
0 0 |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
share.php
vk.com/ |
21 B 450 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
iframe_api
www.youtube.com/ Frame 12E1 |
993 B 515 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
infographics.b
d2bhpehymydh2o.cloudfront.net/Scripts/responsive/ Frame 12E1 |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Skolar-Lt_Cyrl_v2.4.woff
d2bhpehymydh2o.cloudfront.net/Content/responsive/fonts/ Frame 12E1 |
33 KB 33 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ifg-blank.css
d2bhpehymydh2o.cloudfront.net/Content/ Frame 12E1 |
284 B 792 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ Frame 12E1 |
291 KB 49 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
01000000-0aff-0242-ce4b-08dba96f4173.jpg
d3f06yfj614k9e.cloudfront.net/ Frame 12E1 |
83 KB 84 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ Frame 12E1 |
140 KB 140 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serviceWorkerInstall.js
d2bhpehymydh2o.cloudfront.net/Scripts/responsive/ Frame 12E1 |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conf.js
d2bhpehymydh2o.cloudfront.net/ Frame 12E1 |
5 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
www-widgetapi.js
www.youtube.com/s/player/c48a9559/www-widgetapi.vflset/ Frame 12E1 |
215 KB 67 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
107 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
Skolar-Lt_Latin_v2.woff
www.rferl.org/Content/responsive/fonts/ Frame 12E1 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.72.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
85 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.24.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.7.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
607 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.4.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
55 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.73.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ Frame 12E1 |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Frame 12E1 |
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fbevents.js
connect.facebook.net/en_US/ Frame 12E1 |
215 KB 56 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
cs.js
sb.scorecardresearch.com/internal-c2/default/ Frame 12E1 Redirect Chain
|
0 384 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chartbeat_video.js
static.chartbeat.com/js/ Frame 12E1 |
71 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b
sb.scorecardresearch.com/ Frame 12E1 |
0 225 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
414531540699990
connect.facebook.net/signals/config/ Frame 12E1 |
53 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s83663937759011
ssc.sibreal.org/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ Frame 12E1 Redirect Chain
|
43 B 230 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
www.facebook.com/tr/ Frame 12E1 |
0 18 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
res
d2bhpehymydh2o.cloudfront.net/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.rferl.org
- URL
- https://www.rferl.org/Content/responsive/fonts/Skolar-Lt_Latin_v2.woff
Verdicts & Comments Add Verdict or Comment
169 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 function| AMPStrategy object| _cbv_strategies object| _cbv string| cacheBuster string| appBaseUrl object| imgEnhancerBreakpoints boolean| isLoggingEnabled boolean| isPreviewPage boolean| isLivePreviewPage boolean| pwaEnabled undefined| swCacheDisabled object| RFE function| initInfographics object| _RFE_module_app_code object| $dom function| webpackJsonp_RFE_module__name_ object| JSON3 function| setImmediate function| clearImmediate function| renderExternalContent function| loadScript function| createHTML function| isInsideCms function| ajaxGet function| ajaxPost function| root object| moduleManager function| FireAnalyticsTagEvent function| FireAnalyticsTagEventOnDownload function| FireAnalyticsTagEventOnSearch function| FireAnalyticsTagEventOnSearchResultItemClick function| FireAnalyticsTagEventQuiz function| FireTealiumEvent function| FireTealiumEventOnDownload string| renderGtm object| dataLayer object| utag_data undefined| utag_from undefined| utag_searchKeyword boolean| isEmbededPlayerOnSameDomain object| nav2In object| nav2Sec object| secStyle object| Infographics number| __infographcisCount boolean| isPreview function| OneSignal number| numVisitsTrigger function| promptAndSubscribeUser undefined| bodyClass boolean| utag_condload string| utag_lh object| platform string| url string| parent_domain object| utag function| loadLibrary function| utag_condloader function| toBytesUTF8 function| fromBytesUTF8 function| trunc100bytes boolean| __tealium_twc_switch object| utag_cfg_ovrd object| adobe function| Visitor object| s_c_il number| s_c_in object| pangeaConfiguration object| ThetruestoryWidgetTop object| reactiveElementVersions object| litHtmlVersions object| litElementVersions object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| defaultLoaderContext object| s_bbg function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| fbq function| _fbq number| _sf_startpt object| _sf_async_config number| _sf_endpt object| google_tag_manager object| google_tag_data object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick number| __oneSignalSdkLoadCount function| __jp0 object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| s_i_bbgprod_bbgentityrferl object| _RFE_module_prog_install_prompt object| _RFE_module_facebook_api object| _RFE_module_collapsible object| _RFE_module_highlights object| _RFE_module_hljson_loader object| _RFE_module_smooth_scroll object| _RFE_module_google_translate object| _RFE_module_content_sharing object| _RFE_module_share_counter object| _RFE_module_load_more object| _RFE_module_simple_captcha object| _RFE_module_analyticstag_event object| _RFE_module_flexible_iframe object| _RFE_module_back_to_top object| _RFE_module_whatsapp_share_button object| _RFE_module_sticky_player_history_handler object| _RFE_module_copy_to_clipboard object| _RFE_module_slide_in_widget object| _RFE_module_image_expander object| _RFE_module_accordeon object| _RFE_module_share_link object| _RFE_module_sharing_open object| _RFE_module_transition_toggler object| _RFE_module_nav20 object| _RFE_module_sticky_sharing20 function| fbAsyncInit object| VK boolean| StickyPlayerHistoryHandlerAttached object| FB string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API object| __buffer object| _RFE_module_custom_print21 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .youtube.com/ | Name: YSC Value: Ufrq8kDkUqA |
|
| .youtube.com/ | Name: VISITOR_INFO1_LIVE Value: ktOtyGSvFj8 |
|
| .youtube.com/ | Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgHA%3D%3D |
|
| .onesignal.com/ | Name: __cf_bm Value: UEH_zIjaHZZu7plbTL6u4Ed9wI9nrYtzMS.uOiA_5xE-1710167492-1.0.1.1-vdK5T6YhoVp0NyelIPkyh76VxtwdYEFNBskqqYd0B_iIgEN04rau_tWwSJ43ToomOjc6_r.3IDT3TCUG7mJkzQ |
|
| .demdex.net/ | Name: demdex Value: 58795829705602702102779836363484729217 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _cb Value: DMfj6TCNBFjeD_ArM0 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _cb_svref Value: external |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: s_cc Value: true |
|
| d2bhpehymydh2o.cloudfront.net/ | Name: clickCounter Value: 0 |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Ze8VxQAAANyy3gN- |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _fbp Value: fb.2.1710167493401.1592143285 |
|
| .dpm.demdex.net/ | Name: dpm Value: 58795829705602702102779836363484729217 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19794%7CMCMID%7C58791903274816761212782269689716535642%7CMCAAMLH-1710772293%7C6%7CMCAAMB-1710772293%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1710174693s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19801%7CvVersion%7C5.4.0 |
|
| .vk.com/ | Name: remixlang Value: 6 |
|
| .vk.com/ | Name: remixstlid Value: 9113342037253476121_fxMYiJnJiTB2TR1EA964dLr1ZpSIecV2aMUYkU3bAJP |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _ce.irv Value: new |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: cebs Value: 1 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _ce.s Value: v~b7758fece9dacd9c95ba1e39d05249a6d7bef3fa~lcw~1710167493645~lva~1710167493645~vpv~0~lcw~1710167493645 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: _chartbeat2 Value: .1710167493204.1710167496455.1.DXpQkdfSejPDO7xFjBixiBBYJb9a.2 |
|
| .d2bhpehymydh2o.cloudfront.net/ | Name: s_fid Value: 372C20B6FA983303-31B16613C7F28A4F |
36 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000 |
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
d1xwyh7joz8vyd.cloudfront.net
d2bhpehymydh2o.cloudfront.net
d3f06yfj614k9e.cloudfront.net
dpm.demdex.net
onesignal.com
ping.chartbeat.net
s3.amazonaws.com
sb.scorecardresearch.com
script.crazyegg.com
ssc.sibreal.org
static.chartbeat.com
tags.tiqcdn.com
thetruestory.news
vk.com
www.facebook.com
www.googletagmanager.com
www.rferl.org
www.youtube.com
www.rferl.org
18.244.18.27
18.245.46.9
2600:9000:225d:9200:7:aaa:2480:21
2600:9000:2359:7a00:1f:a869:b140:21
2600:9000:235a:2600:7:2bfb:7c00:93a1
2600:9000:2646:5e00:18:1fcd:353:c61
2600:9000:2761:3800:4:6fdc:6c00:21
2606:4700::6812:d73b
2606:4700::6813:9408
2a00:1450:4001:812::2008
2a00:1450:4001:827::200e
2a02:26f0:3500:2a4::1317
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.233.212.69
34.245.245.200
54.231.224.200
63.140.62.17
63.140.62.222
63.34.206.49
87.240.132.67
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0baa96183650c6213f52f7c9c2afdedbd8601206c11ce3c240701064aeeac2aa
0d3d135b6e478d910470742d901ffe33a2ab153733d100626324a89a9b666bdb
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
1a8a4feb5ca1239b7a631127d8379e83fb87b992d2cf037b31f9724fe9d0e337
1c3fc9a5f0c966ab70b7f91d2abb345147174b348e82a0c7b03729ec7bd522ad
2494a0b7280ad6f9459eb1425844ec1fc19149c1a31f913f22fcdd29d8a665d5
274399d206a68dabc0ffd7a7e11dfdd29630bfc64c1a0a9236b82e3eb9432538
2d4659cb969cba192db8170ad97bd9e967761384c5ce07cf6bb196fd04c3dda1
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
324b8b4f94b9365f318306aeeec4e4f5eca75626c72b44a4d4e3c39b17e8ca73
32b74431d36e51b4b5ea939f103468436f80093f66ec93ffb3b4bc4fcadc17f7
3f9ca26bc28acf553632c8c74eec9c58c754cb900dcb3134765616b7e8772304
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
50b6e67cfcfe4ac8fe9cee705b681f696065306ee42bcd4e6b37a17dba333ac5
50e1b3ccbb1e277be5d30370f8243ab8aead71a517d946c6942625e94c4a2870
53337188b182a4b6503e2793c5f1a9e12b80d54493d8f26c190257075b943ed0
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
54bdfaed17752dfe51c53441c280a31196a4a668aec68ff59bc339a571d8c68f
54e2f964ce1124ae44ce10037eed6b855fc2469eb821b5679cb5277947f1ad2f
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
6071a6c63d5d8ba2d73412b26b0a35425af43b11db85d3a2e85c5bb0bed4a186
624d6bd05ffeec9a4f5d7fa6db3c217b6703e448ac53542984e6ceaf89fd286d
64a4e5f8e2b74601aaaf80c3d318ddcead634cb65ff5bc40a94e53cb46cf81f8
66b36c2187179d6f753725c4c7510163de950d5e3aaeef2c8fbb34653f4b4a56
688559e7efe600b8fd96b1980b11547ac634ad4b879edf96cc80658f5eb4be52
6a962daa060c606453f8f7816c596a1124dadd4f6cc824c462c4da63810db6e7
6b223d68d728e5b1cc240f54dbad3419fb4bf91c6a27da5457061dee2da38d9e
6dee2be2561997a0f75ae3d01d11319086cb62763d88074eaedfac8258fd5ec5
70dd0bb01cce76c8ca2f57838fae7f5cf5365e78bb330ecf2cb385793cfe6920
75a688c2e750593bef807e82acb9008c70d35d4f1be47358fc502adbdc650440
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
89715990df415942d969461e09fda2b4e5281bfa89c4d6120cac4eb939a3c45f
8f2beed2266b03b90c53d8151bc3471bf97d91876489d6921e7b0ebb95aa2be5
9e407fb5bd2b9e460b37f6acc3ad65c5fb753f1ea6aecbaef61f534309e493be
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2bf334da782f24c62883e71810dde3683a18d688a8c13dee6d22adb4b9f8899
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a802e051099577c43e269f1286bafbdadbb752b37cba14bf0842bce9d21af1a8
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
bcaf8eb1ac854a6815f4c893871479aeff90312eb364e8eb2ee8cc96c2bf6d8f
c0c58cab8c08b76745f4b78f5468b7e79488d84e3a441a20c27f64be499064d1
c8d7afdb71e9de781c706eacda302dd7dfb7b4114b27727da8b6db80b3d2d516
c90245259e0041c2d31dae3d5f8ab2d2fddb23022677fe9180ec483c66d91e9c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e
d8139ffa16062ae5b29c8fa1bf54a9ba2b85966a177e0d05e2c5ed306b49a942
d942dc55dedbc4b50b067be0254a2998e5a83e35e715e71eda72b4cc8e75343f
dc055917bb20b6042962d6e972655061a178db6b161b02c217406b62fd85c0e4
df76d30157aebb855060b6bb81a74c7e697eda9314e4f6b7d427973eb949cc53
e22f0ff535719b549852bd0f21130f68a1d1ebf96fed84850cc1c3e12fd9fc57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e459168133d8df738f0e95825f9f68c0f64e29b02cc3df13a3f7698c2e1d64d2
e4ea9553279a7ad0238e8ca173bf631f62216e3e9879db6709b7340be7c8c3dd
e561e6389b90513e73be5adae452ec36886c998f8b642f56d95a464728d522e1
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
e7b51140480701d80c5bad1930b96ec740cf5055684faa6ea13c5f3a8b29a855
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
eee6035e3226a06aac04b5d11150e7c87173efceef8f57e2955df538a8fe73b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9dc944239e3ffd07a462da2e101f537e2a76bad4b9b69c519708141a166f3f5
fd3af47a984c78e3046f21904bfaf151ff713eac502df2a8a32dcd3374fedeac
fda31a7513c15976e457edc6546a333baa5734ba98fa855eb29d26c1213510a9
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5