urlscan.io logo urlscan.io
SecurityTrails logo

d11tu3mge9mtmy.cloudfront.net Open in urlscan Pro
2600:9000:26e8:c400:d:2058:2280:21  Public Scan

Go To Rescan Add Verdict Report
URL: https://d11tu3mge9mtmy.cloudfront.net/
Submission: On May 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 67 HTTP transactions. The main IP is 2600:9000:26e8:c400:d:2058:2280:21, located in United States and belongs to AMAZON-02, US. The main domain is d11tu3mge9mtmy.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on October 10th 2023. Valid for: a year.
This is the only time d11tu3mge9mtmy.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2600:9000:26e8:c400:d:2058:2280:21 (United States)

ASN16509 (AMAZON-02, US)
d11tu3mge9mtmy.cloudfront.net
9    2600:9000:235a:4e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
12    2600:9000:223f:d800:1b:89cb:7240:21 (United States)

ASN16509 (AMAZON-02, US)
dr2uev6l49ya1.cloudfront.net
3    2606:4700::6810:a091 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    54.228.206.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-206-60.eu-west-1.compute.amazonaws.com
dpm.demdex.net
bbg.demdex.net
2    2600:9000:2646:2400:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    18.244.18.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net
sb.scorecardresearch.com
3    34.194.114.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-114-132.compute-1.amazonaws.com
ping.chartbeat.net
2    63.140.62.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-17.data.adobedc.net
bbg.sc.omtrdc.net
ssc.krymr.com
1    52.18.190.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-190-199.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
31 cloudfront.net
d11tu3mge9mtmy.cloudfront.net
dr2uev6l49ya1.cloudfront.net
878 KB
9 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1304
81 KB
4 crazyegg.com
script.crazyegg.com — Cisco Umbrella Rank: 2400
56 KB
4 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
bbg.demdex.net — Cisco Umbrella Rank: 138452
2 KB
3 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1476
601 B
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 191
867 B
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1718
mab.chartbeat.com — Cisco Umbrella Rank: 2854
35 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4680
onesignal.com — Cisco Umbrella Rank: 1554
74 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
69 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
71 KB
1 krymr.com
ssc.krymr.com
372 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
273 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1317
517 B
1 omtrdc.net
bbg.sc.omtrdc.net — Cisco Umbrella Rank: 176640
277 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
97 KB
67 15
Domain Requested by
19 d11tu3mge9mtmy.cloudfront.net d11tu3mge9mtmy.cloudfront.net
12 dr2uev6l49ya1.cloudfront.net d11tu3mge9mtmy.cloudfront.net
9 tags.tiqcdn.com d11tu3mge9mtmy.cloudfront.net
tags.tiqcdn.com
4 script.crazyegg.com tags.tiqcdn.com
script.crazyegg.com
3 ping.chartbeat.net d11tu3mge9mtmy.cloudfront.net
3 sb.scorecardresearch.com 1 redirects d11tu3mge9mtmy.cloudfront.net
3 dpm.demdex.net 1 redirects d11tu3mge9mtmy.cloudfront.net
3 www.youtube.com d11tu3mge9mtmy.cloudfront.net
www.youtube.com
2 connect.facebook.net tags.tiqcdn.com
connect.facebook.net
2 static.chartbeat.com tags.tiqcdn.com
2 cdn.onesignal.com d11tu3mge9mtmy.cloudfront.net
cdn.onesignal.com
1 ssc.krymr.com d11tu3mge9mtmy.cloudfront.net
1 www.facebook.com d11tu3mge9mtmy.cloudfront.net
1 mab.chartbeat.com static.chartbeat.com
1 cm.everesttech.net 1 redirects
1 bbg.sc.omtrdc.net tags.tiqcdn.com
1 bbg.demdex.net tags.tiqcdn.com
1 onesignal.com cdn.onesignal.com
1 www.googletagmanager.com d11tu3mge9mtmy.cloudfront.net
67 19
Subject Issuer Validity Valid
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
onesignal.com
GTS CA 1P5		 2024-04-01 -
2024-06-30		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
script.crazyegg.com
E1		 2024-04-05 -
2024-07-04		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-15 -
2024-05-15		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh
ssc.krymr.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-11 -
2025-01-10		 a year crt.sh

This page contains 3 frames:

Primary Page: https://d11tu3mge9mtmy.cloudfront.net/
Frame ID: 9972FFD598F03CEBACA69C1F1B839205
Requests: 65 HTTP requests in this frame

Frame: https://www.youtube.com/embed/c7q_id4VuJU?&&list=UUTxc3zFdloSLhqPd6mfIMKA&fs=1&enablejsapi=1&rel=0
Frame ID: 0EF0B6A3194C0B376432A43F86BDAD83
Requests: 1 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: 7BF77549280CA6D17A6ADBAA1AD1DA23
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Крым.Реалии - krymr.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • script\.crazyegg\.com/pages/scripts/\d+/\d+\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Page Statistics

67
Requests

96 %
HTTPS

71 %
IPv6

15
Domains

19
Subdomains

16
IPs

3
Countries

1364 kB
Transfer

2581 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053
Request Chain 46
  • https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 53
  • https://cm.everesttech.net/cm/dd?d_uuid=48158463509435710003402203937438150206 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zjs-2gAAAENhwwOJ

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
d11tu3mge9mtmy.cloudfront.net/ 		86 KB
87 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bd3a50d0fa13497a81cb4b96a24ec75c3f4931e253e01d254884e29255701848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
must-revalidate, max-age=108
content-language
ru
content-type
text/html; charset=utf-8
date
Wed, 08 May 2024 09:03:20 GMT
expires
Wed, 08 May 2024 09:05:08 GMT
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
strict-transport-security
max-age=31536000
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-id
b-dNBVcQZUDuoaqt0wSK6GyAoLUBSKnXF3YzwZ1BzPTQ344iuih7xg==
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block
RFE-ru-CRI.css
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/ 		292 KB
293 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e5c1fa67aefe01ff23f4cd9ba4a37aba3386c46b50de51787e5cd018d8d268a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 23 May 2024 04:52:10 GMT
date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P10
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
content-type
text/css
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1280929
x-amz-cf-id
JLsJ8m8ViGcCsd-U2ysj8L_PyG9wZKK7Hwr4YBjg-1nLeUH1qZ0VwQ==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
utag.sync.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.sync.js
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8139ffa16062ae5b29c8fa1bf54a9ba2b85966a177e0d05e2c5ed306b49a942

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
i5E2bP5.4wjzuzQxDY7Wnog1a9GUvPBu
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 08:59:40 GMT
last-modified
Fri, 19 Jan 2024 21:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
237
x-amz-server-side-encryption
AES256
etag
W/"afa248bc911c32c37232844c84194760"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
86zi9AfPrLaoIyNLuVJlQahM-VM_kBeWfq2w-pXcGMOvonpBhgLffg==
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
36e47aa390f0c47833e70d8a14b57d84aee53202b5efd5a638823c58142d90a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 08 May 2024 09:03:21 GMT
infographics.b
d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=337
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P10
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=337
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1280898
x-amz-cf-id
V8axN_clUvBKXfx-k7CrIrz3QE3Ki2u25MDY-wUkUIyAZzs1M9mQpg==
content-length
3943
x-xss-protection
1; mode=block
expires
Thu, 23 May 2024 04:51:39 GMT
loader.b
d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/ 		86 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8dc4ac9872d0c3c05d4047054b450012e7728a18f35f351e896fb19fe971cf49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Thu, 23 May 2024 04:53:22 GMT
date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P10
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
content-type
application/javascript; charset=utf-8
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1281001
x-amz-cf-id
uk-UkYt98-C0ahD5M2-Cl7_xcKLXKkEW3llBAizJ4SrObLbeW3Rw1Q==
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
Skolar-Lt_Cyrl_v2.4.woff
d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Origin
https://d11tu3mge9mtmy.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
33340
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 04 Oct 2023 11:09:23 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/fonts/Skolar-Lt_Cyrl_v2.4.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
Q5VUMv4Y0BDSnf8dnE8w-_FBe0I0L1PygOeIMcjUxg8_yILGsmdsDg==
expires
Fri, 07 Jun 2024 09:03:21 GMT
logo-compact.svg
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/logo-compact.svg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0c345edf5eee1bc99ca2c7102855275a641293d273a5ee8faf8dd576a8503d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
3327
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 10 Jan 2024 14:21:47 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/ru-CRI/img/logo-compact.svg
content-type
image/svg+xml
cache-control
public, max-age=898811
x-amz-cf-id
grMEng1wWOVTI3bSNakGnWAc8iLuA_yywkQup_oyf06gzLd8hGKtaQ==
expires
Sat, 18 May 2024 18:43:32 GMT
logo.svg
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/logo.svg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8abff93ddd17fe15b04437e2ed09a0d20648c91db3d0b572bb214b65bb0e3622
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
3316
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 10 Jan 2024 14:21:47 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/ru-CRI/img/logo.svg
content-type
image/svg+xml
cache-control
public, max-age=1050840
x-amz-cf-id
f6gcQye6Ha8X4OAQgHa-McAUjuoWjAKr66-loHXdY3JzROZg1dheyg==
expires
Mon, 20 May 2024 12:57:21 GMT
logo-print.gif
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/logo-print.gif
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
efd17fda1546449ed383c1c794f192e7f3f4a82f3051c2c4228b3157ca093e90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P10
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/ru-CRI/img/logo-print.gif
content-type
image/gif
x-cache
Miss from cloudfront
cache-control
public, max-age=665987
accept-ranges
bytes
x-amz-cf-id
KffB_x-RQ3Rf9v_lopiMWnkRefv2Cc_CKIsrTIUJuBa3WPD93HzM2Q==
x-xss-protection
1; mode=block
expires
Thu, 16 May 2024 02:03:08 GMT
logo-print_color.png
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/img/logo-print_color.png
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8da9f1ca227ea86d1607f00d49c3946644c6d9b8163cc6af87a9dd144b6e97b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
5410
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Fri, 05 Jan 2024 12:20:18 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/ru-CRI/img/logo-print_color.png
content-type
image/png
cache-control
public, max-age=1050163
accept-ranges
bytes
x-amz-cf-id
tgeP1iKnT-WCcEwCOGZqZ_ec-gqDIkfAglU-UR0RjuSQXo1riuyMVA==
expires
Mon, 20 May 2024 12:46:04 GMT
37988D19-D05D-4391-9ECD-F91125459C08.jpg
dr2uev6l49ya1.cloudfront.net/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/37988D19-D05D-4391-9ECD-F91125459C08.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5c88d1294782a5dbc821a17a4fbfb3fd63e9101365190b425c4fa13d3290a737
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 May 2024 09:03:21 GMT
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
pangea-nodeid
ot5V64bS79gRek7I3ZQ6RQ==
etag
"36807"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
public, max-age=1135776
gdb-fall-back
false
x-amz-cf-id
hkrVINr_jdy6LOquZFmkNxLZqjWla2tEQTSgM16IU_30OpxHDEp_-Q==
content-length
36807
x-xss-protection
1; mode=block
expires
Tue, 21 May 2024 12:32:57 GMT
3a4754a2-cf99-45c8-8280-523b526aca00_w250.png
dr2uev6l49ya1.cloudfront.net/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/3a4754a2-cf99-45c8-8280-523b526aca00_w250.png
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
a96a9bf99aaf11d9e6a9317a049f8f9b8cd2505f7fa715583da6fdf39fb39f79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Fri, 15 Dec 2023 15:21:32 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA56-P5
etag
"18514"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
private, no-transform, max-age=1288007
content-length
18514
x-amz-cf-id
NTsbDDgpt3hplxPY0v-Tpagfs4d0JN0EPdu-SgclDE-csBZ5LROqwA==
expires
Thu, 23 May 2024 06:50:08 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1284
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
880846b14ba035ee-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 May 2024 09:03:21 GMT
serviceWorkerInstall.js
d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/serviceWorkerInstall.js?cb=337
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
49533254df88a258332aed0020e05629ab257339ab68111838250bcaa4b05cb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
1213
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 18 Apr 2024 11:43:25 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Scripts/responsive/serviceWorkerInstall.js?cb=337
content-type
application/javascript
cache-control
public, no-transform, max-age=1280955
x-amz-cf-id
5lkuhRwfMVQpWYk-vhNhOqSbc_dONBZ9fE8ekdCFad62EXBqnX2Jlw==
expires
Thu, 23 May 2024 04:52:36 GMT
conf.js
d11tu3mge9mtmy.cloudfront.net/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/conf.js?x=337
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a1ab0e848fb716e29b67dda383f1af4433ce2f99e5f18f06c2cf4d17190543a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
3671
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/conf.js?x=337
content-language
ru
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=1280948
x-amz-cf-id
qYoVC0ZJNm3cM-tG0V2kfSXLV5jBD2ZwT0WZ0Uk-AkdU3R263lw_mg==
expires
Thu, 23 May 2024 04:52:29 GMT
gtm.js
www.googletagmanager.com/ 		309 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e6c476d4a74cddf8633f45d7a5afbe01f8d17885ae4bd5efb32895b4f34c337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98845
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 May 2024 09:03:21 GMT
utag.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		107 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
274399d206a68dabc0ffd7a7e11dfdd29630bfc64c1a0a9236b82e3eb9432538

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
bamSCfxmRF3vI6jX4315zUOdBLBl_pG2
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 09:03:04 GMT
last-modified
Fri, 19 Jan 2024 21:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
18
x-amz-server-side-encryption
AES256
etag
W/"f0d4eb9e83a0b048303802cb80e642af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
xVakJVxIDaaOzlJMqo8kr6gR0q9Rllac3okWlJzOIqnkEpa_qQRJpQ==
SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Origin
https://d11tu3mge9mtmy.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
41216
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 04 Oct 2023 11:09:23 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
0oVH14792cVvBh9GY769qFefpfC2pkzjYHbtLGd9K6bRFvjniYzivg==
expires
Fri, 07 Jun 2024 09:03:21 GMT
icons-font-1708519736347.woff
d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/fonts/icons-font-1708519736347.woff
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
817e74f732fb9deb404582dd985dd879ee0efa6230941be29dd72e042ffc02ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Origin
https://d11tu3mge9mtmy.cloudfront.net
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
18628
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Thu, 18 Apr 2024 11:43:15 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/fonts/icons-font-1708519736347.woff
content-type
application/font-woff
cache-control
public, max-age=2592000
accept-ranges
bytes
x-amz-cf-id
vXHg4g4ZhMjACJf_GKeVOszqR_BgO5C38j90Oq5Gv-JBEG7bV869qw==
expires
Fri, 07 Jun 2024 09:03:21 GMT
www-widgetapi.js
www.youtube.com/s/player/edea0cc6/www-widgetapi.vflset/ 		215 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/edea0cc6/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6da8826764163d4aba5b51219bfc2c74d0d7013ac98c69547bc9b75e2615dbb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 08:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
873
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68182
x-xss-protection
0
last-modified
Thu, 02 May 2024 04:16:13 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 08 May 2025 08:48:48 GMT
image-placeholder.svg
d11tu3mge9mtmy.cloudfront.net/Content/responsive/img/ 		709 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/img/image-placeholder.svg?cb=0
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/ru-CRI/RFE-ru-CRI.css?&av=0.1.0.0&cb=337
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
709
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Mon, 08 Jan 2024 15:01:30 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/img/image-placeholder.svg?cb=0
content-type
image/svg+xml
cache-control
public, max-age=1027090
x-amz-cf-id
AaPeSi4MsUg2PlaS0znv4rlIBEs8XyWlET_ZTAG3AUsYbdTig53lgA==
expires
Mon, 20 May 2024 06:21:32 GMT
c7q_id4VuJU
www.youtube.com/embed/ Frame 0EF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/c7q_id4VuJU?&&list=UUTxc3zFdloSLhqPd6mfIMKA&fs=1&enablejsapi=1&rel=0
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 08 May 2024 09:03:22 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
58
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
880846b26cd535ee-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Sat, 11 May 2024 09:03:21 GMT
utag.53.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13f9beebce14dd0c98b6874ace03d693eb2bd98a037cbdb6607948a87ef8afab

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Wy8ah7CMl2MZgtsVJPcYpDYWMMUqrkcY
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 09:01:17 GMT
last-modified
Fri, 19 Jan 2024 21:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
126
x-amz-server-side-encryption
AES256
etag
W/"f61daa9eec03f52f778528a8b3463892"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
XC5SEeM7h5qVBGBGDlfjuZu-ksF_UhtASvMLrvfwelcE7B74oHpISw==
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053
  • https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053
362 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Server
54.228.206.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-206-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
227535c5e5a2934d989919b5d6d7b6e02c47b0c36a268dc00791d2b7566c57f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d11tu3mge9mtmy.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-025ec8c26.edge-irl1.demdex.com 7 ms
pragma
no-cache
date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
TJpxl1iiStw=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://d11tu3mge9mtmy.cloudfront.net
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
305
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v060-0ed00e470.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
X0hNW56VRUQ=
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1715159002053
access-control-allow-origin
https://d11tu3mge9mtmy.cloudfront.net
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
utag.72.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		85 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.72.js?utv=ut4.46.202401192134
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
688559e7efe600b8fd96b1980b11547ac634ad4b879edf96cc80658f5eb4be52

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
NDOzanPjdMpdhgzmVPMl8hUtneGbRkKL
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 08:59:35 GMT
last-modified
Fri, 19 Jan 2024 21:57:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
228
x-amz-server-side-encryption
AES256
etag
W/"d35972f8b33b8dd273c36aa5463912a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
f8BMR_rdHWPzHlXvf6Q-MSTziKKY9UqQFlx13qq1OBnBD2SP6kjepg==
utag.24.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8f2beed2266b03b90c53d8151bc3471bf97d91876489d6921e7b0ebb95aa2be5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
JNVe9MjrQbSgMDaTnIrvMqGjSDC8yF0U
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 09:01:11 GMT
last-modified
Fri, 19 Jan 2024 21:57:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
132
x-amz-server-side-encryption
AES256
etag
W/"97e0f6ac3a45c004deae2eed57747a52"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
l6XV1MgqaQmyiZaMLcFV-EmmG99XchtvchvKISYEdZgklHkdc36S_g==
utag.7.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		607 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c90245259e0041c2d31dae3d5f8ab2d2fddb23022677fe9180ec483c66d91e9c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
L3EEHxgrEIsxIxnW1F45LX5g0gRaNMCG
date
Wed, 08 May 2024 08:59:51 GMT
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
212
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
607
last-modified
Fri, 19 Jan 2024 21:57:54 GMT
server
AmazonS3
etag
"03e1195daa1a88a75acd5e87bafd0771"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=1296000
accept-ranges
bytes
x-amz-cf-id
6BZJ5rxIF_kCfkqGaEysVmFkUagQBtWeGh-vGcsF7DRKbk64AQwxUQ==
utag.4.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e22f0ff535719b549852bd0f21130f68a1d1ebf96fed84850cc1c3e12fd9fc57

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
WlmC6GtuyaE.CfzF1bNqm9e7Asbd.v7f
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 08:59:54 GMT
last-modified
Fri, 19 Jan 2024 21:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
209
x-amz-server-side-encryption
AES256
etag
W/"7d6006fafabba6379e197d37d5c47819"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
FvKJsZ8yKklLUv7ahKsXvTC-IHruhpu2grIW1doGG1tgEXyUqlcm8w==
utag.73.js
tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c3fc9a5f0c966ab70b7f91d2abb345147174b348e82a0c7b03729ec7bd522ad

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Evlt.WtInGkK6LKU4erBUJBOPvC0t2CV
content-encoding
br
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
date
Wed, 08 May 2024 08:58:32 GMT
last-modified
Fri, 19 Jan 2024 21:57:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P9
age
291
x-amz-server-side-encryption
AES256
etag
W/"0539ca46467eea48ec287bc35bf5a71a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1296000
x-amz-cf-id
LyvFGeIGQgYZwbfMI7zJa2qUYcBGeVS2TIJadk8ZEa1aGmDIM_u5fQ==
res
d11tu3mge9mtmy.cloudfront.net/ 		60 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=337&dependencies=prog_install_prompt,youtube_iframe,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_youtube,sticky_player_history_handler,sticky_player,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
675f4440f5706983cb40f55ab9163ecf7d98304f6c6752a501adea37c92608ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ua-compatible
IE=edge
date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
server
nginx/1.18.0 (Ubuntu)
x-amz-cf-pop
FRA56-P10
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/res?callback=_resourceLoaderReceiver_0&x=337&dependencies=prog_install_prompt,youtube_iframe,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,simple_captcha,analyticstag_event,back_to_top,whatsapp_share_button,sticky_player_youtube,sticky_player_history_handler,sticky_player,copy_to_clipboard,accordeon,transition_toggler,nav20,live_b_drop
content-type
application/javascript; charset=utf-8
content-language
ru
x-cache
Miss from cloudfront
cache-control
public, no-transform, max-age=1281911
x-amz-cf-id
HOuAzjdvdZHRDu8dTeaBHywKcD4v2sJJvf4Vk2cQwqTaySmcwVyVqA==
x-xss-protection
1; mode=block
expires
Thu, 23 May 2024 05:08:33 GMT
01000000-c0a8-0242-958d-08dc39dc55be_w650_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-c0a8-0242-958d-08dc39dc55be_w650_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
4d114a55b611af400a98804dd9eddd95be66fe8ce113fd3ac934108773dba9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2024 07:59:21 GMT
server
Akamai Image Manager
x-serial
21
x-amz-cf-pop
FRA56-P5
etag
"72750"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2588118
content-length
40295
x-amz-cf-id
IRA6swpBmE_wuVhzXlZAT_qQi8FvveHJAP4zK0Cl2jJ-KodeiAQtlg==
expires
Fri, 07 Jun 2024 07:58:40 GMT
fbeeaa53-0a57-4ba5-a6ad-c2624137f628_cx0_cy10_cw0_w256_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/fbeeaa53-0a57-4ba5-a6ad-c2624137f628_cx0_cy10_cw0_w256_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
bb5eab1bd0bcafffe9f2d0fbbe192ec38e54158cd58c31364d54fcc963dbf61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 09:46:40 GMT
server
Akamai Image Manager
x-serial
1162
x-amz-cf-pop
FRA56-P5
etag
"25491"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2508122
content-length
13634
x-amz-cf-id
rmdd-GGnyKa8PGUiyOe3IrLC8d0xBBo5CVZxuXBLDGJ__hD4QXOIHQ==
expires
Thu, 06 Jun 2024 09:45:24 GMT
01000000-0aff-0242-97f0-08dc6e7ba2bc_cx0_cy10_cw0_w256_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-0aff-0242-97f0-08dc6e7ba2bc_cx0_cy10_cw0_w256_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
8ff02d39285fce3daf40498d7ed303220c2608abaa7e256d740784eaf96e1e2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 10:02:44 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA56-P5
etag
"26113"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2509125
content-length
13899
x-amz-cf-id
4OI8yeAEjGESQPLrQutE7XYcA4JAZ6yWKbaVwLDZlG4k9P_yFVaVFQ==
expires
Thu, 06 Jun 2024 10:02:07 GMT
01000000-c0a8-0242-d34b-08dc6e842069_cx0_cy14_cw71_w256_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-c0a8-0242-d34b-08dc6e842069_cx0_cy14_cw71_w256_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
fd657005bb622117d8322955802296a533773513f795962eb2bcfb5290f8b80d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 11:45:36 GMT
server
Akamai Image Manager
x-serial
451
x-amz-cf-pop
FRA56-P5
etag
"21363"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2515321
content-length
12305
x-amz-cf-id
MQFcsm2MpUkdsuAyPNHF8nNGJmh6_fmGPBVk195GK1hAdBkL7E5oyQ==
expires
Thu, 06 Jun 2024 11:45:23 GMT
01000000-c0a8-0242-889f-08db4fae1e4c_w256_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-c0a8-0242-889f-08db4fae1e4c_w256_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
582ae641f67139ef812690f4a218dfe0fae500ecaf1d2370ac9c7163469b2437
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Mon, 06 May 2024 09:17:59 GMT
server
Akamai Image Manager
x-serial
1321
x-amz-cf-pop
FRA56-P5
etag
"28978"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2419945
content-length
16668
x-amz-cf-id
xnLlMpcUskWktFyHsaB-p6Fyixb2W01EnoKjxbkfaCfYLCZ-bGF8bQ==
expires
Wed, 05 Jun 2024 09:15:47 GMT
8D49EA26-56EC-4B59-8B78-33C29571F876_w408_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/8D49EA26-56EC-4B59-8B78-33C29571F876_w408_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
903083e650b19cfff14e3665fde911537cdd484817bd7f0f9b160ad8e3b284d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Wed, 21 Feb 2024 11:33:09 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA56-P5
etag
"56247"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=561555
content-length
30953
x-amz-cf-id
Clvyh5F2QHBzSUWYV3c_gNnk7HaermvuDJaMlLFyayTqxlegOpzNhA==
expires
Tue, 14 May 2024 21:02:37 GMT
01000000-0aff-0242-692a-08dc6e6a97b7_cx0_cy2_cw0_w408_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-0aff-0242-692a-08dc6e6a97b7_cx0_cy2_cw0_w408_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
09cb30317c844963df9e894f2d31a762e422c148b841336d14a6fbe382fdc2b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2024 06:40:24 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA56-P5
etag
"43598"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2583436
content-length
24781
x-amz-cf-id
YlLY3EeqQtLOSWp_OjS_n2YdMGnOUMC_eZ-gAeXRfiTr-hXgM4eg2A==
expires
Fri, 07 Jun 2024 06:40:38 GMT
01000000-0aff-0242-6792-08dc6d95761e_w144_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-0aff-0242-6792-08dc6d95761e_w144_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
c6d0545a59157df294e137955128d92507b9fef7ca00ef35ebba14a3902ba2cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Wed, 08 May 2024 06:44:16 GMT
server
Akamai Image Manager
x-serial
189
x-amz-cf-pop
FRA56-P5
etag
"11801"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2583599
content-length
6883
x-amz-cf-id
wCLXRMBgfLF19KiMCNcX1i4t48x2xdBBbp1796JGy2SRJUbDQVw5gQ==
expires
Fri, 07 Jun 2024 06:43:21 GMT
01000000-0aff-0242-2e57-08dc6c399dc1_w144_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-0aff-0242-2e57-08dc6c399dc1_w144_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
cc300d31d5eabbfa0c629af4e9d3a4862212af2f5ed87e5c0ea296fad407dd53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 18:03:48 GMT
server
Akamai Image Manager
x-serial
590
x-amz-cf-pop
FRA56-P5
etag
"6650"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2537947
content-length
4006
x-amz-cf-id
CoP_sVUo5HVNY4i3oopAwh-4r2727fh_HTZcjS8xDZehlXJHR--Oyg==
expires
Thu, 06 Jun 2024 18:02:29 GMT
01000000-c0a8-0242-be52-08dc6ac1043d_tv_w144_r1.jpg
dr2uev6l49ya1.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dr2uev6l49ya1.cloudfront.net/01000000-c0a8-0242-be52-08dc6ac1043d_tv_w144_r1.jpg
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:d800:1b:89cb:7240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
64fd3bba7c0d61935622140a4358077f96cd6bf66020a1e3a7fa5b4dbac70cc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
via
1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
last-modified
Tue, 07 May 2024 05:44:45 GMT
server
Akamai Image Manager
x-amz-cf-pop
FRA56-P5
etag
"3647"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
private, no-transform, max-age=2493667
content-length
2098
x-amz-cf-id
qayCVXece-vpgdtQVlDDGpd-5M1V11rZP-GL9eup_7YRiJVOxanPew==
expires
Thu, 06 Jun 2024 05:44:29 GMT
web
onesignal.com/api/v1/sync/bd3f3fbb-795b-4123-87de-5a6bbf77a4a4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/bd3f3fbb-795b-4123-87de-5a6bbf77a4a4/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:a091 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b644e99ce2ccec115132e8ec5a797a03585bd537a7675c0abe839a94f1b0642
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
716
cf-polished
origSize=5202
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
369b89f4-4baa-4f2e-871b-3985adfc2ade
x-runtime
0.030493
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"c28e5cea7f380ea12cd23363f7279269"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
880846b3ce3535ee-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 08 May 2024 10:03:22 GMT
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 18:33:16 GMT
content-encoding
gzip
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
52206
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
56cGdcN661idzchRZNsH4WgqKVCYr9FO-8-7qN63wef6ssj77F-KTQ==
expires
Wed, 08 May 2024 18:33:16 GMT
0255.js
script.crazyegg.com/pages/scripts/0026/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a4e5f8e2b74601aaaf80c3d318ddcead634cb65ff5bc40a94e53cb46cf81f8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
13585
cf-polished
origSize=6112
ce-version
11.5.202
cf-bgj
minify
last-modified
Wed, 08 May 2024 05:16:57 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
timing-allow-origin
*
cf-ray
880846b4287b18fb-FRA
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 09:03:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2801, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
7tWzRw/ogoMrdDn6jVOi+tmGPd8jwTt/EO8BdmtBHQtq9kbjlUnQTmvnJspTXslescOOyIlRgTRPZ9Zb7X+puw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.73.js?utv=ut4.46.202310162109
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:2400:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f36aafde93df40d6a9d227ebda4377534c246d1563ae694c0e59e4e7161e6647

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 07 May 2024 18:30:02 GMT
content-encoding
gzip
via
1.1 eb99f1f32a184a8c9c9c920381a7576a.cloudfront.net (CloudFront)
last-modified
Thu, 11 Apr 2024 00:24:56 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
52400
etag
W/"66172dd8-11d68"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
NkL9zV7Ucjh-ZWdzSK25BnOPrcCfIFkutfvsfTsiL_xOqKOex3EiFg==
expires
Wed, 08 May 2024 18:30:02 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035794/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d11tu3mge9mtmy.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Wed, 08 May 2024 02:52:38 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
22245
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
f1cRCjxOLaP0JV7KoeIqmw9wrWrNJd3P5-DA8Hh6HfDA9bydNbhiBw==

Redirect headers

date
Wed, 08 May 2024 09:03:22 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
HI-qedp007OiLONAmRQoW-bB9DHkZr-lSTlmSumfCZv5yyHz1OeVCg==
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
432 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202401192156&cb=1715159002249
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:235a:4e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date
Wed, 08 May 2024 09:02:53 GMT
via
1.1 c8faaa7d637dd73af72e1355a476ffc2.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P9
age
29
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
server
AmazonS3
etag
"7bc0ee636b3b83484fc3b9348863bd22"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
fE6wZYrMXZZDFjTcgKvfQkggiLu1MDJke2uxpPl8vJTplTX3tgJKRg==
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1715159002248&ns_c=UTF-8&c8=%D0%9A%D1%80%D1%8B%D0%BC.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8%20-%20krymr.com&c7=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&c9=
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-27.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
via
1.1 8614f084c2572336b13eed108c40e01e.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
Lw32Y2dxAwemYyUq8IqKerAmYb4gFmqUL4-tQKRHIGwxofCrwZIVbA==
x-cache
Miss from cloudfront
1143008952990439
connect.facebook.net/signals/config/ 		56 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1143008952990439?v=2.9.155&r=stable&domain=d11tu3mge9mtmy.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7e666bb0f09e33df8a47b1785a2542c9721539c0e80fbcf442e4cb2b71eb44b8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 May 2024 09:03:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=64, mss=1326, tbw=63344, tp=-1, tpl=-1, uplat=130, ullat=0
pragma
public
x-fb-debug
JSxHU9LofC2YXrxxKiHGr92/FMrT+9I4FZ+eDtaRfKdlZ3wLY3tL2dQVhdGIITx34QK4awbF7o6P89Jgg4WF5w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=rferl.crimea.russian&p=%2F&u=zHzFLDlPFz6BzdsGj&d=d11tu3mge9mtmy.cloudfront.net&g=62557&g0=%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3343&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&b=2193&t=DsL56WDU4Z89g8-tHB3uJ7QDX9cPg&V=145&i=%D0%9A%D1%80%D1%8B%D0%BC.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&tz=-120&sn=1&sv=V_e4qBWcMBssfwXGCGFp7rDkv-Lw&sr=external&sd=1&im=061b2ff3&_
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.114.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-114-132.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 May 2024 09:03:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dest5.html
bbg.demdex.net/ Frame 7BF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bbg.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.228.206.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-206-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 08 May 2024 09:03:22 GMT
dcs
dcs-prod-irl1-2-v060-0f8336d9f.edge-irl1.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 9 Apr 2024 12:54:49 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
Vl5LkJmJTaY=
id
bbg.sc.omtrdc.net/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=48172323247793896673402578988465705189&ts=1715159002392
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/bbg/rferl-pangea/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://d11tu3mge9mtmy.cloudfront.net
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=Zjs-2gAAAENhwwOJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=48158463509435710003402203937438150206
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zjs-2gAAAENhwwOJ
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zjs-2gAAAENhwwOJ
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Server
54.228.206.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-206-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://d11tu3mge9mtmy.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v060-03a0364c5.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
uWiJIbfpT/0=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zjs-2gAAAENhwwOJ
Date
Wed, 08 May 2024 09:03:22 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		180 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.crimea.russian&domain=d11tu3mge9mtmy.cloudfront.net&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
14601701e72b94354896c6db69ebdd4f49ff1d350446aa047d5dfae6a0187caa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Wed, 08 May 2024 09:03:22 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
149
x-served-by
cache-fra-etou8220050-FRA
x-timer
S1715159003.512795,VS0,VE103
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 06 May 2024 09:03:22 GMT
d11tu3mge9mtmy.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 		108 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d11tu3mge9mtmy.cloudfront.net.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bd868dd6122009c8ddf16d329df5ed809da7fe2564ec6837e552796bba10417

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 May 2024 09:03:22 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.202
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880846b588936ade-FRA
content-length
6552
hljson
d11tu3mge9mtmy.cloudfront.net/ 		481 B
996 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/hljson
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c5d4e1b1ee43c92cae7dbc6f2c5c3a517604b8230818c52d12a36c67fcbcf420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
481
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/hljson
content-language
ru
content-type
application/json; charset=utf-8
cache-control
max-age=2
x-amz-cf-id
nj40VyqmHNLzErGmeTfP4zdJcq74hw2Qxr-oOwDE5zYhEJV205bqMA==
expires
Wed, 08 May 2024 09:03:24 GMT
items
d11tu3mge9mtmy.cloudfront.net/api/header/ 		226 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/api/header/items
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/Scripts/responsive/loader.b?v=scB7WWwAqVaZYsayY3bl4xZZld0ovqLBxyx63vZ4Ofc1&av=0.1.0.0&cb=337
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6613f5ed3a753ce0883654a909c6f8edf4939a6dff4095c6e2ead111254093f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
226
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
pragma
no-cache
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/api/header/items
content-type
application/json; charset=utf-8
cache-control
max-age=46
x-amz-cf-id
iG9HcgWDhsvLeDnRjKddPuETITXdzq3NuabcnazLuXh8FVqbZ9AZPQ==
expires
Wed, 08 May 2024 09:04:08 GMT
/
www.facebook.com/tr/ 		0
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1143008952990439&ev=PageView&dl=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&rl=&if=false&ts=1715159002512&sw=1600&sh=1200&v=2.9.155&r=stable&a=tmtealium&ec=0&o=4126&fbp=fb.2.1715159002507.1981027333&ler=empty&cdl=API_unavailable&it=1715159002294&coo=false&rqm=GET
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 May 2024 09:03:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
s11494074224040
ssc.krymr.com/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssc.krymr.com/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s11494074224040?AQB=1&ndh=1&pf=1&t=8%2F4%2F2024%2011%3A3%3A22%203%20-120&sdid=2762ED451A9726B1-517DC45AC5B5465E&mid=48172323247793896673402578988465705189&aamlh=6&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Acri%3Ar%3Ahomepage%3A%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8%20-%20krymr.com&g=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&h.&architecture=x86&bitness=64&platformVersion=10.0.0&.h&cc=USD&ch=%2F&server=d11tu3mge9mtmy.cloudfront.net&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&v4=index&v5=%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&v6=%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8%20-%20krymr.com&v13=homepage-2021&v15=russian&v16=rferl%20crimea&v17=responsive&v20=yes&v21=homepage&v23=48172323247793896673402578988465705189&v24=018f57716b8900564fbf796199140506f002606700b08&v25=rfe&v27=Crimea%20RU%20Responsive&v29=d11tu3mge9mtmy.cloudfront.net&v30=507&v31=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&v32=rfe%3Acri%3Ar%3Ahomepage%3A%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8%20-%20krymr.com&v36=8.31.0.0.337&v38=homepage&v50=homepage%20view&v70=2.23.0&v72=prod&v75=2.23.0&v82=view&v85=homepage-2021&v100=2024-05-08%3A11.03%3A%2B02.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Ade-DE&v104=iq&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-17.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 08 May 2024 09:03:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 09 May 2024 09:03:22 GMT
server
jag
etag
3683275910978666496-4618579078042320660
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 07 May 2024 09:03:22 GMT
4f6dac1755531e013a53a30db644f2bf.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		138 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/4f6dac1755531e013a53a30db644f2bf.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8901d631807098b064427b81e553fa8ec75792751644075473f58366cc936c2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Apr 2024 08:41:16 GMT
server
cloudflare
age
53460
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880846b89d8e18fb-FRA
content-length
46362
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=video%40rferl.crimea.russian&g=62557&p=jm-uy8Qv-6g&i=%D0%94%D0%B5%D0%BD%D1%8C%20(%D0%BD%D0%B5)%D0%BF%D1%80%D0%B8%D0%BC%D0%B8%D1%80%D0%B5%D0%BD%D0%B8%D1%8F.%20%D0%94%D0%B2%D0%B5%20%D0%B4%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B4%D0%BD%D0%BE%D0%B9%20%D0%BA%D0%B0%D0%BF%D0%B8%D1%82%D1%83%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%7C%20%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%9A%D1%80%D1%8B%D0%BC.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&g0=%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&u=7LRLrt_ra0BkISzY&t=L-C1eEqqMT77866q_2kQCXwPm6&x=0&y=0&V=145&VS=YT&n=1&b=2894&r=&_vd=1261000&_vi=%D0%9A%D1%80%D1%8B%D0%BC.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&_vp=d11tu3mge9mtmy.cloudfront.net%2F&_vh=d11tu3mge9mtmy.cloudfront.net&_pu=zHzFLDlPFz6BzdsGj&_pt=DsL56WDU4Z89g8-tHB3uJ7QDX9cPg&_pr=&_vdd=rferl.crimea.russian&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.004&_vpt=0&_vtn=http%3A%2F%2Fimg.youtube.com%2Fvi%2Fjm-uy8Qv-6g%2Fdefault.jpg&_vaup=unkn&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Requested by
Host: d11tu3mge9mtmy.cloudfront.net
URL: https://d11tu3mge9mtmy.cloudfront.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.114.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-114-132.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 May 2024 09:03:23 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
d11tu3mge9mtmy.cloudfront.net.json
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d11tu3mge9mtmy.cloudfront.net.json?t=476433
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/4f6dac1755531e013a53a30db644f2bf.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97bed3a27ecbc1461bccd6cbc5f5519ae521fb2669dfaa6421a0cc25a8c40047

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:23 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Wed, 08 May 2024 09:03:23 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json
ce-version
11.5.202
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
timing-allow-origin
*
cf-ray
880846b92c156ade-FRA
content-length
1486
favicon.ico
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/img/webApp/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
4414
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Fri, 05 Jan 2024 12:20:18 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/img/webApp/favicon.ico
content-type
image/x-icon
cache-control
public, max-age=1049665
x-amz-cf-id
_iunuIL45umKHSgE635rjj_56asSpzSsTduSil54CZm014DgQGi1CA==
expires
Mon, 20 May 2024 12:37:48 GMT
favicon.svg
d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/img/webApp/ 		629 B
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d11tu3mge9mtmy.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:c400:d:2058:2280:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 08 May 2024 09:03:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 fb02145a1ed983434aacfc27d3e4a9a6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
Miss from cloudfront
content-length
629
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge
last-modified
Wed, 10 Jan 2024 14:21:47 GMT
server
nginx/1.18.0 (Ubuntu)
onion-location
https://ru.krymr37vzmjc3lzijeokiaaa5scwqdveyeljh6eri4aqjqhkviv446id.onion/Content/responsive/RFE/img/webApp/favicon.svg
content-type
image/svg+xml
cache-control
public, max-age=1051500
x-amz-cf-id
Li0IObuLUuOShaq6pKVj3VkRKa1x_6GOC55B7igG1uGr_LyuiD9-7Q==
expires
Mon, 20 May 2024 13:08:23 GMT
ping
ping.chartbeat.net/ 		43 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=rferl.crimea.russian&p=%2F&u=zHzFLDlPFz6BzdsGj&d=d11tu3mge9mtmy.cloudfront.net&g=62557&g0=%D0%BA%D1%80%D1%8B%D0%BC.%D1%80%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&g1=No%20Author&n=1&f=00001&c=0.03&x=0&m=0&y=3343&o=1600&w=1200&j=30&R=1&W=0&I=0&E=1&e=1&r=&PA=https%3A%2F%2Fd11tu3mge9mtmy.cloudfront.net%2F&b=2193&t=DsL56WDU4Z89g8-tHB3uJ7QDX9cPg&V=145&tz=-120&_vi=%D0%94%D0%B5%D0%BD%D1%8C%20(%D0%BD%D0%B5)%D0%BF%D1%80%D0%B8%D0%BC%D0%B8%D1%80%D0%B5%D0%BD%D0%B8%D1%8F.%20%D0%94%D0%B2%D0%B5%20%D0%B4%D0%B0%D1%82%D1%8B%20%D0%BE%D0%B4%D0%BD%D0%BE%D0%B9%20%D0%BA%D0%B0%D0%BF%D0%B8%D1%82%D1%83%D0%BB%D1%8F%D1%86%D0%B8%D0%B8%20%7C%20%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%20%D0%9A%D1%80%D1%8B%D0%BC.%D0%A0%D0%B5%D0%B0%D0%BB%D0%B8%D0%B8&_vp=jm-uy8Qv-6g&_vdd=video%40rferl.crimea.russian&_vs=s1&_vt=ct&_vap=&_vtn=http%3A%2F%2Fimg.youtube.com%2Fvi%2Fjm-uy8Qv-6g%2Fdefault.jpg&_vd=1261000&sn=2&sv=V_e4qBWcMBssfwXGCGFp7rDkv-Lw&sr=external&sd=1&im=061b2ff3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.114.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-114-132.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://d11tu3mge9mtmy.cloudfront.net/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 08 May 2024 09:03:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| AMPStrategy object| _cbv_strategies object| _cbv string| cacheBuster string| appBaseUrl object| imgEnhancerBreakpoints boolean| isLoggingEnabled boolean| isPreviewPage boolean| isLivePreviewPage boolean| pwaEnabled undefined| swCacheDisabled object| RFE function| initInfographics object| _RFE_module_app_code object| $dom function| webpackJsonp_RFE_module__name_ object| JSON3 function| setImmediate function| clearImmediate function| renderExternalContent function| loadScript function| createHTML function| isInsideCms function| ajaxGet function| ajaxPost function| root object| moduleManager function| FireAnalyticsTagEvent function| FireAnalyticsTagEventOnDownload function| FireAnalyticsTagEventOnSearch function| FireAnalyticsTagEventOnSearchResultItemClick function| FireAnalyticsTagEventQuiz function| FireTealiumEvent function| FireTealiumEventOnDownload string| renderGtm object| dataLayer object| utag_data undefined| utag_from undefined| utag_searchKeyword boolean| isEmbededPlayerOnSameDomain object| nav2In object| nav2Sec object| secStyle object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| Infographics number| __infographcisCount boolean| isPreview function| OneSignal number| numVisitsTrigger function| promptAndSubscribeUser undefined| bodyClass object| pangeaConfiguration object| bar_data boolean| utag_condload string| utag_lh object| platform string| url string| parent_domain object| utag function| loadLibrary function| utag_condloader function| toBytesUTF8 function| fromBytesUTF8 function| trunc100bytes boolean| __tealium_twc_switch object| utag_cfg_ovrd object| adobe function| Visitor object| s_c_il number| s_c_in object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| google_tag_manager object| google_tag_data object| defaultLoaderContext number| __oneSignalSdkLoadCount function| __jp0 number| _sf_startpt object| _sf_async_config number| _sf_endpt function| fbq function| _fbq object| s_bbg function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| ns_ object| ns_p function| udm_ function| ns_order function| ns_onclick object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_SITE_DATA_URL string| CE_USER_DATA_URL object| _RFE_module_prog_install_prompt object| _RFE_module_youtube_iframe object| _RFE_module_collapsible object| _RFE_module_highlights object| _RFE_module_hljson_loader object| _RFE_module_smooth_scroll object| _RFE_module_google_translate object| _RFE_module_simple_captcha object| _RFE_module_analyticstag_event object| _RFE_module_back_to_top object| _RFE_module_whatsapp_share_button object| _RFE_module_sticky_player_youtube object| _RFE_module_sticky_player_history_handler object| _RFE_module_sticky_player object| _RFE_module_copy_to_clipboard object| _RFE_module_accordeon object| _RFE_module_transition_toggler object| _RFE_module_nav20 object| _RFE_module_live_b_drop function| onYouTubeIframeAPIReady function| onYouTubeIframeAPIReadyRef function| YoutubeApi boolean| StickyPlayerGlobalEventsAttached boolean| StickyPlayerHistoryHandlerAttached object| _cbm object| s_i_bbgprod_bbgentityrferl string| CE_USER_COMMON_SCRIPT_URL string| CE_USER_THIRDPARTY_SCRIPT_URL object| webpackChunkCE2 object| CE2BH function| CE_URL_FINGERPRINT string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| CE_API

19 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: jg6dnDTPJ6c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QqJPJKCcCRg
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJERRIEEgAgYw%3D%3D
.demdex.net/ Name: demdex
Value: 48158463509435710003402203937438150206
.d11tu3mge9mtmy.cloudfront.net/ Name: _cb
Value: zHzFLDlPFz6BzdsGj
.d11tu3mge9mtmy.cloudfront.net/ Name: _chartbeat2
Value: .1715159002314.1715159002314.1.V_e4qBWcMBssfwXGCGFp7rDkv-Lw.1
.d11tu3mge9mtmy.cloudfront.net/ Name: _cb_svref
Value: external
.d11tu3mge9mtmy.cloudfront.net/ Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg
Value: 1
d11tu3mge9mtmy.cloudfront.net/ Name: clickCounter
Value: 0
.d11tu3mge9mtmy.cloudfront.net/ Name: _fbp
Value: fb.2.1715159002507.1981027333
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Zjs-2gAAAENhwwOJ
.dpm.demdex.net/ Name: dpm
Value: 48158463509435710003402203937438150206
.d11tu3mge9mtmy.cloudfront.net/ Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg
Value: 1176715910%7CMCIDTS%7C19852%7CMCMID%7C48172323247793896673402578988465705189%7CMCAAMLH-1715763802%7C6%7CMCAAMB-1715763802%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1715166202s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19859%7CvVersion%7C5.4.0
.d11tu3mge9mtmy.cloudfront.net/ Name: s_cc
Value: true
.d11tu3mge9mtmy.cloudfront.net/ Name: _v__chartbeat3
Value: 7LRLrt_ra0BkISzY
.d11tu3mge9mtmy.cloudfront.net/ Name: _ce.irv
Value: new
.d11tu3mge9mtmy.cloudfront.net/ Name: cebs
Value: 1
.d11tu3mge9mtmy.cloudfront.net/ Name: _ce.s
Value: v~9654b1df153c0acfb96f2cfa3fb84c529edf4a1d~lcw~1715159003238~lva~1715159003238~vpv~0~lcw~1715159003240
.onesignal.com/ Name: __cf_bm
Value: .YtQKPH_yLenPDEMW.rRQ5.HDc91YyNLWFU0vxy0FsQ-1715159003-1.0.1.1-H7iwzbJG1NlcILUWFKImwsqt4qMpekgKBa8_1FZdDQ3geRDQIbGs_yGp5584Lde7g10lhDz9bHIFzSSrhmvMdA

15 Console Messages

Source Level URL
Text
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/(Line 308)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/1143008952990439?v=2.9.155&r=stable&domain=d11tu3mge9mtmy.cloudfront.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://d11tu3mge9mtmy.cloudfront.net/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cm.everesttech.net
connect.facebook.net
d11tu3mge9mtmy.cloudfront.net
dpm.demdex.net
dr2uev6l49ya1.cloudfront.net
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
sb.scorecardresearch.com
script.crazyegg.com
ssc.krymr.com
static.chartbeat.com
tags.tiqcdn.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
18.244.18.27
2600:9000:223f:d800:1b:89cb:7240:21
2600:9000:235a:4e00:7:2bfb:7c00:93a1
2600:9000:2646:2400:18:1fcd:353:c61
2600:9000:26e8:c400:d:2058:2280:21
2606:4700::6810:a091
2606:4700::6813:9308
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:831::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:600::714
34.194.114.132
52.18.190.199
54.228.206.60
63.140.62.17
09cb30317c844963df9e894f2d31a762e422c148b841336d14a6fbe382fdc2b1
13f9beebce14dd0c98b6874ace03d693eb2bd98a037cbdb6607948a87ef8afab
14601701e72b94354896c6db69ebdd4f49ff1d350446aa047d5dfae6a0187caa
1c3fc9a5f0c966ab70b7f91d2abb345147174b348e82a0c7b03729ec7bd522ad
227535c5e5a2934d989919b5d6d7b6e02c47b0c36a268dc00791d2b7566c57f7
274399d206a68dabc0ffd7a7e11dfdd29630bfc64c1a0a9236b82e3eb9432538
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
36e47aa390f0c47833e70d8a14b57d84aee53202b5efd5a638823c58142d90a0
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49533254df88a258332aed0020e05629ab257339ab68111838250bcaa4b05cb3
4b644e99ce2ccec115132e8ec5a797a03585bd537a7675c0abe839a94f1b0642
4bd868dd6122009c8ddf16d329df5ed809da7fe2564ec6837e552796bba10417
4d114a55b611af400a98804dd9eddd95be66fe8ce113fd3ac934108773dba9e1
582ae641f67139ef812690f4a218dfe0fae500ecaf1d2370ac9c7163469b2437
5c88d1294782a5dbc821a17a4fbfb3fd63e9101365190b425c4fa13d3290a737
64a4e5f8e2b74601aaaf80c3d318ddcead634cb65ff5bc40a94e53cb46cf81f8
64fd3bba7c0d61935622140a4358077f96cd6bf66020a1e3a7fa5b4dbac70cc8
6613f5ed3a753ce0883654a909c6f8edf4939a6dff4095c6e2ead111254093f9
675f4440f5706983cb40f55ab9163ecf7d98304f6c6752a501adea37c92608ad
688559e7efe600b8fd96b1980b11547ac634ad4b879edf96cc80658f5eb4be52
6da8826764163d4aba5b51219bfc2c74d0d7013ac98c69547bc9b75e2615dbb6
6e6c476d4a74cddf8633f45d7a5afbe01f8d17885ae4bd5efb32895b4f34c337
7e666bb0f09e33df8a47b1785a2542c9721539c0e80fbcf442e4cb2b71eb44b8
817e74f732fb9deb404582dd985dd879ee0efa6230941be29dd72e042ffc02ce
8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7
8abff93ddd17fe15b04437e2ed09a0d20648c91db3d0b572bb214b65bb0e3622
8da9f1ca227ea86d1607f00d49c3946644c6d9b8163cc6af87a9dd144b6e97b2
8dc4ac9872d0c3c05d4047054b450012e7728a18f35f351e896fb19fe971cf49
8f2beed2266b03b90c53d8151bc3471bf97d91876489d6921e7b0ebb95aa2be5
8ff02d39285fce3daf40498d7ed303220c2608abaa7e256d740784eaf96e1e2d
903083e650b19cfff14e3665fde911537cdd484817bd7f0f9b160ad8e3b284d0
97bed3a27ecbc1461bccd6cbc5f5519ae521fb2669dfaa6421a0cc25a8c40047
a1ab0e848fb716e29b67dda383f1af4433ce2f99e5f18f06c2cf4d17190543a3
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22
a96a9bf99aaf11d9e6a9317a049f8f9b8cd2505f7fa715583da6fdf39fb39f79
b0c345edf5eee1bc99ca2c7102855275a641293d273a5ee8faf8dd576a8503d4
b8901d631807098b064427b81e553fa8ec75792751644075473f58366cc936c2
bb5eab1bd0bcafffe9f2d0fbbe192ec38e54158cd58c31364d54fcc963dbf61f
bd3a50d0fa13497a81cb4b96a24ec75c3f4931e253e01d254884e29255701848
c5d4e1b1ee43c92cae7dbc6f2c5c3a517604b8230818c52d12a36c67fcbcf420
c6d0545a59157df294e137955128d92507b9fef7ca00ef35ebba14a3902ba2cf
c90245259e0041c2d31dae3d5f8ab2d2fddb23022677fe9180ec483c66d91e9c
cc300d31d5eabbfa0c629af4e9d3a4862212af2f5ed87e5c0ea296fad407dd53
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e
d8139ffa16062ae5b29c8fa1bf54a9ba2b85966a177e0d05e2c5ed306b49a942
e22f0ff535719b549852bd0f21130f68a1d1ebf96fed84850cc1c3e12fd9fc57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c1fa67aefe01ff23f4cd9ba4a37aba3386c46b50de51787e5cd018d8d268a9
e7a97bb5f1c1ddc0282fa8bc765c4fa8da321d3a2937fc1a5febc173f76d54df
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd17fda1546449ed383c1c794f192e7f3f4a82f3051c2c4228b3157ca093e90
f36aafde93df40d6a9d227ebda4377534c246d1563ae694c0e59e4e7161e6647
f589b180c1064f697c91ac117fafda9aff1c66123a099e82da0b976a09011510
fd657005bb622117d8322955802296a533773513f795962eb2bcfb5290f8b80d
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5