d1tk677tabtete.cloudfront.net Open in urlscan Pro
2600:9000:206f:3c00:7:4434:d080:21 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://d1tk677tabtete.cloudfront.net/
Submission: On August 29 via api (August 29th 2024, 12:27:49 pm UTC) from US — Scanned from DE

Summary HTTP 104 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 20 domains to perform 104 HTTP transactions. The main IP is 2600:9000:206f:3c00:7:4434:d080:21, located in United States and belongs to AMAZON-02, US. The main domain is d1tk677tabtete.cloudfront.net.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 30th 2024. Valid for: a year.

This is the only time d1tk677tabtete.cloudfront.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2600:9000:206... 2600:9000:206f:3c00:7:4434:d080:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:20a... 2600:9000:20ab:9800:6:5ea4:a580:21	16509 (AMAZON-02) (AMAZON-02)
8	2600:9000:20a... 2600:9000:20a0:d600:17:ca9d:c640:21	16509 (AMAZON-02) (AMAZON-02)
3	104.17.111.223 104.17.111.223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:e::210:f107	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:235... 2600:9000:235a:e00:7:2bfb:7c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	63.34.48.44 63.34.48.44	16509 (AMAZON-02) (AMAZON-02)
1 1	2a02:26f0:710... 2a02:26f0:7100::213:c691	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a02:26f0:e30... 2a02:26f0:e300:18f::1317	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2600:9000:264... 2600:9000:2646:ae00:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
4	104.19.148.8 104.19.148.8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2 6	18.244.18.32 18.244.18.32	16509 (AMAZON-02) (AMAZON-02)
1	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
1	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
1 1	52.210.212.240 52.210.212.240	16509 (AMAZON-02) (AMAZON-02)
3	3.231.196.82 3.231.196.82	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
104	21

42 2600:9000:206f:3c00:7:4434:d080:21 (United States)

ASN16509 (AMAZON-02, US)

d1tk677tabtete.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20ab:9800:6:5ea4:a580:21 (United States)

ASN16509 (AMAZON-02, US)

dlo17u0f71hna.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20a0:d600:17:ca9d:c640:21 (United States)

ASN16509 (AMAZON-02, US)

d17u43zxf1emmx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.111.223 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:e::210:f107 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ds-aksb-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:235a:e00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 63.34.48.44 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-48-44.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bbg.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100::213:c691 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

rfe-video-ns.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:e300:18f::1317 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)

rfe-video.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
docs.rferl.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2646:ae00:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.19.148.8 (None, )

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.244.18.32 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

bbg.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.212.240 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-212-240.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.231.196.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-196-82.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sheets.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	cloudfront.net d1tk677tabtete.cloudfront.net dlo17u0f71hna.cloudfront.net d17u43zxf1emmx.cloudfront.net	1 MB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 278	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	4 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	70 KB
4	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 4547	67 KB
4	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 319 bbg.demdex.net — Cisco Umbrella Rank: 141601	2 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1751	2 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	13 KB
3	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1859	601 B
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2461 mab.chartbeat.com Failed	34 KB
3	rferl.org rfe-video.rferl.org www.rferl.org — Cisco Umbrella Rank: 440645 docs.rferl.org — Cisco Umbrella Rank: 714245	89 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 5708 onesignal.com — Cisco Umbrella Rank: 1415	66 KB
2	akamaihd.net ds-aksb-a.akamaihd.net — Cisco Umbrella Rank: 11247	5 KB
1	googleapis.com sheets.googleapis.com — Cisco Umbrella Rank: 57592	497 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 2184	490 B
1	omtrdc.net bbg.sc.omtrdc.net — Cisco Umbrella Rank: 194138	276 B
1	akamaized.net 1 redirects rfe-video-ns.akamaized.net — Cisco Umbrella Rank: 921010	475 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	104 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	25 KB
0	windows.net Failed stdatavisualpublic001.blob.core.windows.net Failed
104	20

	Domain	Requested by
42	d1tk677tabtete.cloudfront.net	d1tk677tabtete.cloudfront.net
8	d17u43zxf1emmx.cloudfront.net	d1tk677tabtete.cloudfront.net
6	sb.scorecardresearch.com	2 redirects d1tk677tabtete.cloudfront.net
4	www.facebook.com	d1tk677tabtete.cloudfront.net
4	connect.facebook.net	d1tk677tabtete.cloudfront.net connect.facebook.net
4	script.crazyegg.com	d1tk677tabtete.cloudfront.net script.crazyegg.com
4	tags.tiqcdn.com	d1tk677tabtete.cloudfront.net
4	www.youtube.com	d1tk677tabtete.cloudfront.net www.youtube.com
3	ping.chartbeat.net	d1tk677tabtete.cloudfront.net
3	static.chartbeat.com	d1tk677tabtete.cloudfront.net
3	dpm.demdex.net	1 redirects d1tk677tabtete.cloudfront.net
3	dlo17u0f71hna.cloudfront.net	d1tk677tabtete.cloudfront.net
2	ds-aksb-a.akamaihd.net	d1tk677tabtete.cloudfront.net
2	cdn.onesignal.com	d1tk677tabtete.cloudfront.net cdn.onesignal.com
1	sheets.googleapis.com	d1tk677tabtete.cloudfront.net
1	docs.rferl.org	dlo17u0f71hna.cloudfront.net
1	cm.everesttech.net	1 redirects
1	bbg.sc.omtrdc.net	d1tk677tabtete.cloudfront.net
1	bbg.demdex.net	d1tk677tabtete.cloudfront.net
1	www.rferl.org	d1tk677tabtete.cloudfront.net www.rferl.org
1	rfe-video.rferl.org	d1tk677tabtete.cloudfront.net
1	rfe-video-ns.akamaized.net	1 redirects
1	onesignal.com	cdn.onesignal.com
1	www.googletagmanager.com	d1tk677tabtete.cloudfront.net
1	cdnjs.cloudflare.com	d1tk677tabtete.cloudfront.net
0	stdatavisualpublic001.blob.core.windows.net Failed	d1tk677tabtete.cloudfront.net
0	mab.chartbeat.com Failed	static.chartbeat.com
104	27

This site contains links to these domains. Also see Links.

Domain
www.idelreal.org
www.facebook.com
vk.com
www.youtube.com
www.instagram.com
telegram.me
www.azatliq.mobi

Subject Issuer	Validity	Valid
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
onesignal.com WE1	`2024-07-29` - `2024-10-27`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2024-04-18` - `2025-04-19`	a year	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M02	`2024-03-19` - `2025-04-17`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
script.crazyegg.com Cloudflare Inc ECC CA-3	`2024-08-02` - `2024-12-31`	5 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-07` - `2024-09-05`	3 months	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
www.rferl.org R10	`2024-08-22` - `2024-11-20`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2024-10-26`	a year	crt.sh
*.sc.omtrdc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-07` - `2025-03-09`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://d1tk677tabtete.cloudfront.net/
Frame ID: 786E23909DEA149F8E8F5E2117D61B5C
Requests: 69 HTTP requests in this frame

Frame: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Frame ID: 41F4B0777882A850CB249F4D250AE9B4
Requests: 36 HTTP requests in this frame

Frame: https://bbg.demdex.net/dest5.html?d_nsid=0
Frame ID: BD91D2EC1F57F012C133CED86883D0DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Азатлык Радиосы – ничек бар, шулай

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

Page Statistics

104
Requests

89 %
HTTPS

55 %
IPv6

20
Domains

27
Subdomains

21
IPs

5
Countries

1730 kB
Transfer

3740 kB
Size

19
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.idelreal.org/
Title: IDEL.РЕАЛИИ

Search URL Search Domain Scan URL

URL: https://www.facebook.com/azatliq

Search URL Search Domain Scan URL

URL: https://vk.com/azatliq_radiosi

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/azatliqradiosi

Search URL Search Domain Scan URL

URL: https://www.instagram.com/azatliq/

Search URL Search Domain Scan URL

URL: https://telegram.me/joinchat/CxW5dz9ILszGJNLz9gk_RQ

Search URL Search Domain Scan URL

URL: http://www.azatliq.mobi/subscribe.html
Title: Азатлык хәбәрләре

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674

Request Chain 39

https://rfe-video-ns.akamaized.net/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4 HTTP 301
https://rfe-video.rferl.org/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4

Request Chain 49

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 67

https://cm.everesttech.net/cm/dd?d_uuid=21886152457365277700756791272709185766 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtBpOQAAAFX1gwO5

Request Chain 89

https://sb.scorecardresearch.com/c2/6035794/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

104 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
d1tk677tabtete.cloudfront.net/ 107 KB
107 KB 939ms
664ms Document
text/html 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d351296943c7a7389ed59dd92745ed0f2e7a660ae2ed8234cfa405816c40ad8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: must-revalidate, max-age=120
content-language: tt
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:27:33 GMT
expires: Thu, 29 Aug 2024 12:29:33 GMT
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-akamai-transformed: 9 21273 0 pmb=mRUM,1
x-amz-cf-id: rfYJe-N8iEOCZrRQREFjAb4q_yH5FbvvXywbmeIa26BaqfCZ6O9yGQ==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 RFE-tt-BA.css
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/ 291 KB
292 KB 740ms
728ms Stylesheet
text/css 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

cefccb03ad22a124428d0988abbacbec6d48931fe2c19df99048a08fb186c4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 29 Aug 2024 12:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342
content-type: text/css
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1701777
x-amz-cf-id: rQnI95l3uwhebtgUXBlqNpz6D6qK5K0oeY83TgvJndLig2Y4BAOMxg==
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 05:10:30 GMT

GET
H2 200 utag.sync.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 3 KB
4 KB 553ms
542ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.sync.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85fe6eeeb55398b89866f0a057c7fbb97f4167a69144c65f57f3c49e3bf195a8

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:33 GMT
via: 1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 83
etag: "bd2576c2f6468be92e3ce1b78b8f439d:1723232398.454595"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: t3nnBWjq0Ian7WfiRhmLDWsWpf2kbBtO2XBczrs6r_blRQ9X52Pz4A==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 311ms
33ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0d048257dfd2554ec4c5fe578dc03703f7d6011bee5899143eb9ca9db9491e2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script'
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 29 Aug 2024 12:27:34 GMT

GET
H2 200 infographics.b Show response
d1tk677tabtete.cloudfront.net/Scripts/responsive/ 4 KB
4 KB 555ms
543ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 15:22:38 GMT
date: Thu, 29 Aug 2024 12:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: pzGsPN9lIj-FtChYyj_37T9bpybjTP7_XqL1W5SqxgzcaHcH89Vi2g==
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=342
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1738505
content-length: 3943
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 loader.b Show response
d1tk677tabtete.cloudfront.net/Scripts/responsive/ 81 KB
82 KB 626ms
615ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Scripts/responsive/loader.b?v=jUhPhtAvt6ORldkOmMReQxUiTFynHSRnJhcyV6LDdDs1&av=0.1.0.0&cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

332d3ba1f02879d0297fd22bbbce491b01107eb26dfa376210738053d6f7d1b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 29 Aug 2024 12:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Scripts/responsive/loader.b?v=jUhPhtAvt6ORldkOmMReQxUiTFynHSRnJhcyV6LDdDs1&av=0.1.0.0&cb=342
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1700832
x-amz-cf-id: hYsPCJlRtredtRZl_qh1JBEUvOcYmIKlNeJqCf6Nzwt_UWCB5zdZNA==
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 04:54:45 GMT

GET
H2 200 Skolar-Lt_LatnCyrl_v2.4.woff
d1tk677tabtete.cloudfront.net/Content/responsive/fonts/ 47 KB
48 KB 542ms
541ms Font
application/font-woff 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e5a124d380589c76f7342e2618e10d6891b42de6355863a048e4e95178a17a7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
Origin: https://d1tk677tabtete.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 48384
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: yO4puCS2Z9xDjhwaiX50Y2MYGPVN2G3iqtSuOp3SGD8IaOAcW1pgrQ==
expires: Sat, 28 Sep 2024 12:27:33 GMT

GET
H2 200 sectionversioncss
d1tk677tabtete.cloudfront.net/api/customization/ 103 B
621 B 544ms
542ms Stylesheet
text/css 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/api/customization/sectionversioncss?sectionversionid=5332&cv=1

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

45ff35466afe40b7b0f8ef79d7424469b8ec45521fd7942a38c850a1cde988cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 29 Aug 2024 12:27:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/api/customization/sectionversioncss?sectionversionid=5332&cv=1
content-type: text/css; charset=utf-8
x-cache: Miss from cloudfront
cache-control: max-age=1796752
x-amz-cf-id: KOB5oAUouiGAIYVQ8SvdxvVmL7g-5pyixjlsK0ll-e59_LNhtVcTHw==
x-xss-protection: 1; mode=block
expires: Thu, 19 Sep 2024 07:33:25 GMT

GET
H2 200 logo-compact.svg
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/ 4 KB
5 KB 168ms
161ms Image
image/svg+xml 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/logo-compact.svg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

033e674319125f7757da4914126b4df10e152e9ff609e7b593633e3b8d1648bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 4189
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Wed, 12 Jun 2024 14:00:34 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/tt-BA/img/logo-compact.svg
content-type: image/svg+xml
cache-control: public, max-age=312330
x-amz-cf-id: gNzn9-M47520O9bJoKV02pMswWzeF0pB0paYoWA3mnRQd1b4jt67xg==
expires: Mon, 02 Sep 2024 03:13:04 GMT

GET
H2 200 logo.svg
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/ 4 KB
5 KB 371ms
364ms Image
image/svg+xml 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/logo.svg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

0ea88c95439291ddf8bc132355482110d2a901a54698e8f18b268d592779ca49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 4193
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:38 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/tt-BA/img/logo.svg
content-type: image/svg+xml
cache-control: public, max-age=632114
x-amz-cf-id: Am0R_Bs3oko7fe1jeB9lGoou191B9CUF8pDLv0ZJHLe9NpueN-Ctmg==
expires: Thu, 05 Sep 2024 20:02:48 GMT

GET
H2 200 logo-print.gif
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/ 3 KB
3 KB 164ms
159ms Image
image/gif 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/logo-print.gif

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

71cce48e756b22002f4b43147e46ed46452329e48658edcd45b6dc3759bbc66e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Tue, 10 Sep 2024 13:55:41 GMT
date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/tt-BA/img/logo-print.gif
content-type: image/gif
x-cache: Miss from cloudfront
cache-control: public, max-age=1042087
accept-ranges: bytes
x-amz-cf-id: gEt9Dsfioxq6avYGlY-voAZGIKGMRrPMkcH8tn_wW4pS94nGoz77WA==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 logo-print_color.png
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/ 6 KB
6 KB 225ms
224ms Image
image/png 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/img/logo-print_color.png

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

76f814527524a69b2b48c421965d8a8ab9910f441e8cce6747743f3f796030f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 6065
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:38 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/tt-BA/img/logo-print_color.png
content-type: image/png
cache-control: public, max-age=623405
accept-ranges: bytes
x-amz-cf-id: UNskUYf4K-5Nquj6n63J58NNWYV91w_jC40XNjHsPkhFHyEY5a-nHg==
expires: Thu, 05 Sep 2024 17:37:39 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/ 69 KB
25 KB 57ms
27ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.11.3/gsap.min.js

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 48845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25150
last-modified: Tue, 04 Oct 2022 19:36:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "633c8b2b-623e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpmKiTNf%2Fzb7qsRPKLmo22X63HBe2AGjGLdkThi2OUoKfYh7FYDklvvXs7dCxkPjx6U%2FzIesRG9AcDm8Q2iVqEmgMq2mARdJVEwFx%2B2GhFUdloonbgGWcT5YedR0TFSyTQq6VxKB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bac89341cd64dc3-FRA
expires: Tue, 19 Aug 2025 12:27:34 GMT

GET
H2 200 banners-styles.css
dlo17u0f71hna.cloudfront.net/branding/cdn/html_banners/ 4 KB
1 KB 142ms
81ms Stylesheet
text/css 2600:9000:20ab:9800:6:5ea4:a580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlo17u0f71hna.cloudfront.net/branding/cdn/html_banners/banners-styles.css

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ab:9800:6:5ea4:a580:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/8.5 /

Resource Hash

1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
via: 1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
date: Thu, 29 Aug 2024 12:27:34 GMT
x-amz-cf-pop: AMS58-P3
x-cache: RefreshHit from cloudfront
content-length: 849
last-modified: Mon, 05 Feb 2018 10:24:04 GMT
server: Microsoft-IIS/8.5
etag: "0ba49726b9ed31:0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: E4CAJIW_MoD_J4RCSiD7hbwAs3LLYQrHYe2joSnIBmAOyiaKnU9Zpw==
expires: Sat, 28 Sep 2024 12:27:34 GMT

GET
H2 200 080a0000-0a00-0242-517c-08da54d97b42_tv_w250_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 4 KB
5 KB 525ms
122ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/080a0000-0a00-0242-517c-08da54d97b42_tv_w250_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3aa7c2ff80aa0d890d5e1a60834d678a023ab50ad1cc505532515cb4c0427f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Thu, 22 Aug 2024 19:54:19 GMT
server: Akamai Image Manager
x-serial: 457
x-amz-cf-pop: AMS58-P2
etag: "7403"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2014057
content-length: 4203
x-amz-cf-id: D3aRplHsnG3snlTOD3kR_Jepif2j9Eh5yQG4HpTE3-2SeyChBW6VqA==
expires: Sat, 21 Sep 2024 19:55:12 GMT

GET
H3 200 OneSignalSDK.page.js Show response
cdn.onesignal.com/sdks/web/v16/ 2 KB
1 KB 158ms
44ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2694
etag: W/"19fb0fd50e69d6b97e1badc837a6dff2"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8bac8935cace9f2f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 01 Sep 2024 12:27:34 GMT

GET
H2 200 serviceWorkerInstall.js Show response
d1tk677tabtete.cloudfront.net/Scripts/responsive/ 1 KB
2 KB 274ms
165ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Scripts/responsive/serviceWorkerInstall.js?cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

49533254df88a258332aed0020e05629ab257339ab68111838250bcaa4b05cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 1213
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Scripts/responsive/serviceWorkerInstall.js?cb=342
content-type: application/javascript
cache-control: public, no-transform, max-age=1701803
x-amz-cf-id: 9RXn6ASdDAuLE1iIIrgANFZoQw5H5XeaAQApV1UFapcj2WqSKd_FPg==
expires: Wed, 18 Sep 2024 05:10:57 GMT

GET
H2 200 conf.js Show response
d1tk677tabtete.cloudfront.net/ 3 KB
4 KB 284ms
167ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/conf.js?x=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

dc99304eba2e6988c4ec53a0ce6bb54ce5b242117321af443202b3a290fa91ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 3525
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/conf.js?x=342
content-language: tt
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1738504
x-amz-cf-id: eG3BfJzfNdGz6VN_aYxV_o2MlyoogREGLAgk8XZI0oDenfqcWIT0BQ==
expires: Wed, 18 Sep 2024 15:22:38 GMT

GET
H/1.1 200
OK aksb.min.js Show response
ds-aksb-a.akamaihd.net/ 13 KB
5 KB 523ms
34ms Script
application/x-javascript 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ds-aksb-a.akamaihd.net/aksb.min.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Thu, 29 Aug 2024 12:27:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Aug 2018 18:25:26 GMT
Server: AkamaiNetStorage
ETag: "15de19f42b35806faf815298644157e0:1535653526"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=43200
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 4826

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 331 KB
104 KB 564ms
45ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXZBPZ

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e82c4738b8c7f116fefca8e99bb9436ae6bfabcd7185bdf9bba20a892ceb85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105764
x-xss-protection: 0
last-modified: Thu, 29 Aug 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Aug 2024 12:27:35 GMT

GET
H2 200 utag.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 107 KB
107 KB 216ms
119ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d614eee1bc109de7b6488ba3ac6259c1ab6bce97ef9c7ed492a64bd31a58cfc5

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 82
etag: "09ca4a6102a5705c3126956856e24acd:1723232398.564874"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: DvkEiyjbzpBYhfIKlhQqKmrb-exVPPAwgYBnq06a1Mxjy0S5G_MpGA==

GET
H2 200 SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
d1tk677tabtete.cloudfront.net/Content/responsive/fonts/ 40 KB
41 KB 276ms
173ms Font
application/font-woff 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342
Origin: https://d1tk677tabtete.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 41216
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Thu, 23 May 2024 15:33:24 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: YMykb4iZpSsZjYH2hF_Zk9mpkty7L3FzXSBxIbIrYnhqrU4rW3ssqw==
expires: Sat, 28 Sep 2024 12:27:34 GMT

GET
H2 200 icons-font-1715956494242.woff
d1tk677tabtete.cloudfront.net/Content/responsive/fonts/ 18 KB
19 KB 269ms
182ms Font
application/font-woff 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/fonts/icons-font-1715956494242.woff

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

009fcd01c88d88fb29789f88576b3b89532a3781c270ecece0f58cfe0cbe9cce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342
Origin: https://d1tk677tabtete.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 18628
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/fonts/icons-font-1715956494242.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: j4KjeaGQ-LKssg30n9Yex1TpFhKvcJ7SItUAodKVz4uQQRQY3eBy3w==
expires: Sat, 28 Sep 2024 12:27:34 GMT

GET
H2 200 image-placeholder.svg
d1tk677tabtete.cloudfront.net/Content/responsive/img/ 709 B
1 KB 173ms
170ms Image
image/svg+xml 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/img/image-placeholder.svg?cb=0

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/tt-BA/RFE-tt-BA.css?&av=0.1.0.0&cb=342
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 709
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/img/image-placeholder.svg?cb=0
content-type: image/svg+xml
cache-control: public, max-age=617588
x-amz-cf-id: Hi5fr007iEjTqhjhnLjhTdFrIasPgfKcCdMmtKEISu0eMalGWgSz6A==
expires: Thu, 05 Sep 2024 16:00:42 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/3abab6ef/www-widgetapi.vflset/ 31 KB
11 KB 52ms
35ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3abab6ef/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 11:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10546
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 04:16:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Aug 2025 11:40:39 GMT

GET
H3 200 OneSignalSDK.page.es6.js Show response
cdn.onesignal.com/sdks/web/v16/ 259 KB
63 KB 165ms
160ms Script
application/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2399
etag: W/"2d5effdf1f67f3d889acd0f923ae833f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8bac89376ced9f2f-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Sun, 01 Sep 2024 12:27:34 GMT

GET
H2 200 res Show response
d1tk677tabtete.cloudfront.net/ 52 KB
53 KB 274ms
159ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=342&dependencies=prog_install_prompt,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,flexible_iframe,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,video_enhancer,transition_toggler,nav20

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/Scripts/responsive/loader.b?v=jUhPhtAvt6ORldkOmMReQxUiTFynHSRnJhcyV6LDdDs1&av=0.1.0.0&cb=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

c6c3cb235132d5432ec95db7265bfb6a54a396f947bdac9451dac3c9b5113fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Sat, 21 Sep 2024 20:01:15 GMT
date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/res?callback=_resourceLoaderReceiver_0&x=342&dependencies=prog_install_prompt,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,flexible_iframe,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,video_enhancer,transition_toggler,nav20
content-type: application/javascript; charset=utf-8
content-language: tt
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=2014420
x-amz-cf-id: dtinqqhrB6Mt018Ca-NgP1pGOIC808jDvCEUyZyOoGhcTEZEJgJJpA==
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 01000000-0a00-0242-49a5-08dcc7557e6e_w650_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 53 KB
54 KB 330ms
230ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/01000000-0a00-0242-49a5-08dcc7557e6e_w650_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

588c07d6ea8edcf998ac93e92a0d23da4509b44508723ff64b1c4ef9c3e4a796

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2024 21:03:54 GMT
server: Akamai Image Manager
x-serial: 246
x-amz-cf-pop: AMS58-P2
etag: "93684"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2536450
content-length: 54670
x-amz-cf-id: rJqgHSjJi2UaiAR5h0vflxwX12qJoqJ_5TioRV6qp_IntLBZJxXj6Q==
expires: Fri, 27 Sep 2024 21:01:45 GMT

GET
H2 200 F67913C2-491A-4C38-A57E-6BC8D3167225_cx0_cy8_cw0_w408_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 13 KB
13 KB 258ms
158ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/F67913C2-491A-4C38-A57E-6BC8D3167225_cx0_cy8_cw0_w408_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4a64b98c230a4c4aefd4fa2aa9ad268fe2cbb5f290b77562e18a32780a003221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2024 00:15:36 GMT
server: Akamai Image Manager
x-serial: 1685
x-amz-cf-pop: AMS58-P2
etag: "22072"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2461683
content-length: 13290
x-amz-cf-id: KZunpeza4nT_OtXLNwGFQ0rlOgaaUKUWS7dV-_ynti_AxB7QRQaoQw==
expires: Fri, 27 Sep 2024 00:15:38 GMT

GET
H2 200 2B9A7228-E26C-4143-9F04-4F72AF716052_cx0_cy18_cw0_w408_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 28 KB
29 KB 205ms
105ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/2B9A7228-E26C-4143-9F04-4F72AF716052_cx0_cy18_cw0_w408_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

db55a0b2d53013b186448d404c8406b9832176dd218a5a85d9ee0730ef2734fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Tue, 27 Aug 2024 08:14:02 GMT
server: Akamai Image Manager
x-amz-cf-pop: AMS58-P2
etag: "50318"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2403971
content-length: 29035
x-amz-cf-id: nOR8FAYFEDu9MNEq539vxsIjj1ifx8HGB9STwYcoaJWnipAqehyBMQ==
expires: Thu, 26 Sep 2024 08:13:46 GMT

GET
H2 200 C1A791CC-CD42-47B0-911C-311C2FC6C0E7_w408_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 23 KB
23 KB 327ms
228ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/C1A791CC-CD42-47B0-911C-311C2FC6C0E7_w408_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6049a00fe2e2ae345b52bc3ebeb9e04022a7fdd89a67582ec8c97ddd47ca7860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Mon, 26 Aug 2024 01:03:03 GMT
server: Akamai Image Manager
x-serial: 1614
x-amz-cf-pop: AMS58-P2
etag: "40012"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=2291655
content-length: 23311
x-amz-cf-id: g9TC9_WTAvsqSKzVJrEErrSUFJzd0bh5L14NcaRFmlSXZIYoKfOdBA==
expires: Wed, 25 Sep 2024 01:01:50 GMT

GET
H2 200 04020000-0aff-0242-3985-08daaba2c0a8_cx0_cy7_cw0_w408_r1.png
d17u43zxf1emmx.cloudfront.net/ 94 KB
94 KB 157ms
59ms Image
image/png 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/04020000-0aff-0242-3985-08daaba2c0a8_cx0_cy7_cw0_w408_r1.png

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

2df2cac1e1c8d1b6ea50950f4c44c910400d212cbd4af036fd4a090d14d5872a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Sat, 24 Aug 2024 01:42:19 GMT
server: Akamai Image Manager
x-serial: 632
x-amz-cf-pop: AMS58-P2
etag: "133136"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: private, no-transform, max-age=2121424
content-length: 96188
x-amz-cf-id: 32RLTgwaff-3HeDJbDE5S4r-Uop29lzxJuJukvJx1xBwd9RbtYkEwg==
expires: Mon, 23 Sep 2024 01:44:39 GMT

GET
H2 200 b1d740af-a20c-473c-87a5-2c641f686201_cx0_cy3_cw0_w408_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 22 KB
22 KB 134ms
37ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/b1d740af-a20c-473c-87a5-2c641f686201_cx0_cy3_cw0_w408_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4f1106f5c6278f9eed87f143dd0283afe53cdd885c6895ca4662ca3d0a5d77da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 21:08:28 GMT
server: Akamai Image Manager
x-amz-cf-pop: AMS58-P2
etag: "35945"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=1845649
content-length: 22336
x-amz-cf-id: 9BX4RhKN3xaeilr10Yh5ZxePB9QCYKbi1RAeIlN5ez8T412MKnJDRg==
expires: Thu, 19 Sep 2024 21:08:24 GMT

GET
H2 200 91312572-EFE3-4758-8F0C-90997D393CC1_cx16_cy5_cw51_w408_r1.jpg
d17u43zxf1emmx.cloudfront.net/ 27 KB
27 KB 284ms
188ms Image
image/jpeg 2600:9000:20a0:d600:17:ca9d:c640:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d17u43zxf1emmx.cloudfront.net/91312572-EFE3-4758-8F0C-90997D393CC1_cx16_cy5_cw51_w408_r1.jpg

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20a0:d600:17:ca9d:c640:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

14e78e82e98c3dab88484cc6377c0acc17be37aecae5f584d7a3a24f65f43b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
via: 1.1 0b7cb67940347be0c4ee6f93e9091938.cloudfront.net (CloudFront)
last-modified: Tue, 20 Aug 2024 20:33:28 GMT
server: Akamai Image Manager
x-amz-cf-pop: AMS58-P2
etag: "47994"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: private, no-transform, max-age=1843471
content-length: 27609
x-amz-cf-id: Zk7aLI91RPpDq6SNqKdedbEnVrgW6wgpBwI1RsUqHJjo_WveGYTSsw==
expires: Thu, 19 Sep 2024 20:32:06 GMT

GET
H2 200 hljson Show response
d1tk677tabtete.cloudfront.net/ 87 B
603 B 481ms
478ms XHR
application/json 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/hljson

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/Scripts/responsive/loader.b?v=jUhPhtAvt6ORldkOmMReQxUiTFynHSRnJhcyV6LDdDs1&av=0.1.0.0&cb=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 87
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pragma: no-cache
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/hljson
content-language: tt
content-type: application/json; charset=utf-8
cache-control: max-age=239
x-amz-cf-id: CmPVEzHPC6PkNETbsvkXpOz_oTw6ASIv08dmJU0nLSz000hXy__1hg==
expires: Thu, 29 Aug 2024 12:31:34 GMT

GET
H2 200 33004011.html Show response
d1tk677tabtete.cloudfront.net/a/1035881/1/ Frame 41F4 21 KB
22 KB 607ms
306ms Document
text/html 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/res?callback=_resourceLoaderReceiver_0&x=342&dependencies=prog_install_prompt,collapsible,highlights,hljson_loader,smooth_scroll,google_translate,swipe_slide,simple_captcha,analyticstag_event,flexible_iframe,slider_fred,back_to_top,whatsapp_share_button,sticky_player_history_handler,copy_to_clipboard,accordeon,video_enhancer,transition_toggler,nav20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

56dd182d270b634ffc610071d0575ed1919d662e1bbe999d076797f7ed74ba74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

cache-control: public, max-age=300
content-language: tt
content-type: text/html; charset=utf-8
date: Thu, 29 Aug 2024 12:27:36 GMT
expires: Thu, 29 Aug 2024 12:32:36 GMT
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/a/1035881/1/33004011.html
server: nginx/1.18.0 (Ubuntu)
strict-transport-security: max-age=31536000
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-id: lbCjNfk2nasY3h2yvcon6bFBQOIQ1jdwlNxUNAkGvJRvN0jCaC4SZA==
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-sticky-incompatible: 1
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 995ms
11ms Script
application/javascript 2600:9000:235a:e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202408091939&cb=1724934455542
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 29 Aug 2024 12:19:37 GMT
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: _BClLscG6UrW9hagJYSAacp_-59Q9z0fdvuPM7SPvWz9i04bFqq_qA==

GET
H2 200 utag.53.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 2 KB
2 KB 489ms
113ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84f9a461a78449115f36216577b717affb14b02d8fd1fcdded0f28177a10d757

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
via: 1.1 401725c701b46e52c0591a613c644c8e.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 188
etag: "fda70af7fdb48e6db7fa105f28d111b0:1674583555.473531"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: mciX1fRErmSNHSnPWCk7v5tvCPYYRivKvo8X-KwtVUlGJtP90J9Dkw==

GET
H2

200

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674

362 B
919 B

77ms
71ms

XHR
application/json

63.34.48.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Server

63.34.48.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-48-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

77bf04fcffa1766f3c74d17fdef2ee0a8cee09fc06cfeb043c572a6382bf567d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v065-0656c5d9a.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-tid: MMUJuw0jQ/c=
vary: Origin
content-type: application/json;charset=utf-8
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin: https://d1tk677tabtete.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 306
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v065-029925ceb.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: DhOUcUxKRT0=
vary: Origin
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=518ABC7455E462B97F000101%40AdobeOrg&d_nsid=0&ts=1724934455674
access-control-allow-origin: https://d1tk677tabtete.cloudfront.net
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 web Show response
onesignal.com/api/v1/sync/3cbb47b5-31e0-4f4e-98f1-b2e2aa041cbf/ 5 KB
2 KB 305ms
111ms Script
text/javascript 104.17.111.223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/3cbb47b5-31e0-4f4e-98f1-b2e2aa041cbf/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/web/v16/OneSignalSDK.page.es6.js?v=160202

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.111.223 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f70fee4cbe6912b86b34ef51df926d5ec244f5f7dce240dad4c0bdbca355d342

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 2438
cf-polished: origSize=5274
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 2a3af617-a222-470b-b6ff-4c80a1a501ff
x-runtime: 0.041269
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"e9a338bed7192f879789abcd9160dc2e"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8bac893dace09f2f-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 29 Aug 2024 13:27:35 GMT

GET
H2

206

080a0000-0a00-0242-517c-08da54d97b42.mp4
rfe-video.rferl.org/pangeavideo/2022/06/0/08/
Redirect Chain

https://rfe-video-ns.akamaized.net/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4
https://rfe-video.rferl.org/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4

64 KB
0

685ms
388ms

Media
video/mp4

2a02:26f0:e300:18f::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://rfe-video.rferl.org/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Server

2a02:26f0:e300:18f::1317 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:39 GMT
strict-transport-security: max-age=31536000
x-powered-by: ASP.NET
Content-Range: bytes 0-488827/488828
Content-Length: 488828
last-modified: Thu, 23 Jun 2022 05:30:59 GMT
server: Microsoft-IIS/10.0
etag: "ac93cf6bc286d81:0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: video/mp4
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

Redirect headers

date: Thu, 29 Aug 2024 12:27:38 GMT
server: AkamaiGHost
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
location: https://rfe-video.rferl.org/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: max-age=0
access-control-allow-credentials: true
akamai-mon-iucid-del: 1518020
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
access-control-allow-headers: origin,range,hdntl,hdnts,CMCD-Request,CMCD-Object,CMCD-Status,CMCD-Session

GET
H2 200 utag.72.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 88 KB
89 KB 291ms
109ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.72.js?utv=ut4.46.202408091939
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b277c87f2ada99e1015a2ea8d616cf63003a513192225313ee3de068b91914dd

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 bd91400ba7aab7602cc8608c81e2cf80.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 118
etag: "3b26cf3b423a58090c1783efb494f102:1718200617.945117"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pHay7VKhhVjLec58UrYA-kyy4Un0tjmgJjBnIH0dmpkzLXZ3Ekxicg==

GET
H2 200 utag.24.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 10 KB
10 KB 282ms
117ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 56fcca3871493c818f05cbf5654d1a07dfad653a6492f78446176de5641e7eed

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 e98f0b9968088109138df73e2c009a08.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 269
etag: "46dc34d1d0cce17fa23d7d03a7d40e60:1674583553.179797"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: -fQboJGxM2buJv8jVPB2vLgh-Ket15y4ZTxPF9u7pX9LvVbp3XgaCg==

GET
H2 200 utag.7.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 607 B
1019 B 252ms
89ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c18c77ff51fed8d81f2554bfa19929f00fadb2425d733e63435a1b892778ca8a

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 6ddb0e63e125bdf021ed77a899eab8e6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 173
etag: "96a61cbf7fddf75dc152ab461c0d6124:1674583553.418274"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hwQWdsKWAbJsOfzPH0a_2y2RSxVVk818VYOin4jZhnkulOJvem60Qg==

GET
H2 200 utag.4.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 55 KB
55 KB 290ms
127ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2ae5809a2fdbf9a1b54190020b99a9ebd91c43b985ef4d12b356c80810c37873

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 30
etag: "b4f87f57ed6f740fd0aa988fa689c0df:1674583553.546956"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1G3nwik8ZMeqqzOwHxx3AJBXK2Uslz7lm2ct0sTEFHsY9ZYJgxM17A==

GET
H2 200 utag.73.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ 4 KB
4 KB 261ms
98ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57d4650b70ba5cf5e838da5d967b3bd2dfe4d324de063f2ae3c3360cc00e63bd

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 204
etag: "b5d8a29c55067666450a256f03096c15:1723232398.326786"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: D7uHfPRUA0MZDNr1nEk6g_7NjWssel2J_I3P6TcqABjmIl_edHldQg==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 425ms
11ms Script
application/x-javascript 2600:9000:2646:ae00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.53.js?utv=ut4.46.202307101453
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ae00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:31:28 GMT
content-encoding: gzip
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 71768
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: mN9YLsQ4FWRz6irpRqNFkiAcnc5iKoqM2LvdZd3ODZ7NHROwyG8MWg==
expires: Thu, 29 Aug 2024 16:31:28 GMT

GET
H3 200 0255.js Show response
script.crazyegg.com/pages/scripts/0026/ 7 KB
3 KB 474ms
77ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80334dea4c1a068877473bf3b4e15e1d6b553b5f73315a202a752e1983021713

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 143
cf-polished: origSize=6998
ce-version: 11.5.268
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 29 Aug 2024 12:25:12 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 8bac89414c0fd396-FRA

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 71 KB
24 KB 391ms
18ms Script
application/x-javascript 2600:9000:2646:ae00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ae00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:27:31 GMT
content-encoding: gzip
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:07:44 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 72005
etag: W/"665fac50-11d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PvYR0wfzJMhPVq3ngKoSCu_6l9a5gY2nybbX0vCVNvvmnSMUebcpkg==
expires: Thu, 29 Aug 2024 16:27:31 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 343ms
11ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:27:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4489, tp=12, tpl=0, uplat=4, ullat=-1
pragma: public
x-fb-debug: OEk6vppBUzSJ2xI19DwABmfbw7BkIWrO+DpWmifi0JCwPlSgPWNgtf/LKMaMCM8Flc2nwMk0H8tufITksgms9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
383 B

57ms
39ms

Script
application/javascript

18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 03:59:39 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 30478
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: j4LbGQq8orPvpb7bx-VUFr8295w1n9ijGEXd4KzmA2XNH0Lg7F8ruw==

Redirect headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: 5r39uWyyL0p0kZ0VnX7WTFS_ovGWPjAjHCCiEfpN5_EvA4fySSnAcQ==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
432 B 309ms
9ms Script
application/javascript 2600:9000:235a:e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202408091939&cb=1724934456219
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 29 Aug 2024 12:19:37 GMT
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: Ixo4CbzOfZZWJv6l3e1B_fFoT-nwdH_zOAKcHp7kiO9Kq-Eo5Bpe-w==

GET
H2 204 b
sb.scorecardresearch.com/ 0
225 B 315ms
18ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns__t=1724934456218&ns_c=UTF-8&c8=%D0%90%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B%20%E2%80%93%20%D0%BD%D0%B8%D1%87%D0%B5%D0%BA%20%D0%B1%D0%B0%D1%80%2C%20%D1%88%D1%83%D0%BB%D0%B0%D0%B9&c7=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&c9=
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: 4DVMgcp6afVeS2SDUWf2H6lYwHmq3CHc_NGL73hdR0iZXLcUkIjLKA==
x-cache: Miss from cloudfront

GET
H2 200 utag.sync.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 3 KB
0 113ms
113ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.sync.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85fe6eeeb55398b89866f0a057c7fbb97f4167a69144c65f57f3c49e3bf195a8

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:33 GMT
via: 1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 83
etag: "bd2576c2f6468be92e3ce1b78b8f439d:1723232398.454595"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: t3nnBWjq0Ian7WfiRhmLDWsWpf2kbBtO2XBczrs6r_blRQ9X52Pz4A==

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 41F4 993 B
515 B 142ms
28ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

a0d048257dfd2554ec4c5fe578dc03703f7d6011bee5899143eb9ca9db9491e2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script'
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 29 Aug 2024 12:27:36 GMT

GET
H2 200 infographics.b Show response
d1tk677tabtete.cloudfront.net/Scripts/responsive/ Frame 41F4 4 KB
0 113ms
113ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 15:22:38 GMT
date: Thu, 29 Aug 2024 12:27:33 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-id: pzGsPN9lIj-FtChYyj_37T9bpybjTP7_XqL1W5SqxgzcaHcH89Vi2g==
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Scripts/responsive/infographics.b?v=dVbZ-Cza7s4UoO3BqYSZdbxQZVF4BOLP5EfYDs4kqEo1&av=0.1.0.0&cb=342
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1738505
content-length: 3943
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 Skolar-Lt_LatnCyrl_v2.4.woff
d1tk677tabtete.cloudfront.net/Content/responsive/fonts/ Frame 41F4 47 KB
0 128ms
128ms Font
application/font-woff 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

e5a124d380589c76f7342e2618e10d6891b42de6355863a048e4e95178a17a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Origin: https://d1tk677tabtete.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:33 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 48384
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff
content-type: application/font-woff
cache-control: public, max-age=2592000
accept-ranges: bytes
x-amz-cf-id: yO4puCS2Z9xDjhwaiX50Y2MYGPVN2G3iqtSuOp3SGD8IaOAcW1pgrQ==
expires: Sat, 28 Sep 2024 12:27:33 GMT

GET
H2 200 ifg-blank.css
d1tk677tabtete.cloudfront.net/Content/ Frame 41F4 292 B
803 B 366ms
233ms Stylesheet
text/css 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/ifg-blank.css?av=0.1.0.0&cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

3f92381ffcc05bf360dd7e7aebee55fc7cb041de7ca8feb3c8e05fcd92054957

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Thu, 29 Aug 2024 12:27:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/ifg-blank.css?av=0.1.0.0&cb=342
content-type: text/css
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1703974
x-amz-cf-id: m1VvXPL-XKDhm3O_JQvKQ5JZCZTpGDfMUKMRqqDA_Ah9TLz_hJ1BdA==
x-xss-protection: 1; mode=block
expires: Wed, 18 Sep 2024 05:47:10 GMT

GET
H2 200 typography-codepen.css
dlo17u0f71hna.cloudfront.net/branding/cdn/html_banners/ Frame 41F4 1 KB
746 B 266ms
132ms Stylesheet
text/css 2600:9000:20ab:9800:6:5ea4:a580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlo17u0f71hna.cloudfront.net/branding/cdn/html_banners/typography-codepen.css

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ab:9800:6:5ea4:a580:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e530cc612649e8af10601965cc263f81ef81d6910a693be1f7f71dca9587a6b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
content-encoding: gzip
via: 1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 11:53:29 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: AMS58-P3
etag: "2139c1f84532d91:0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 344
x-amz-cf-id: woS8pa1n5P33kP8H_Eank7VdUBJP9rqClbTKVnyGMegcwlkcvt0Rig==

GET
H2 200 RFE-en-US.css
www.rferl.org/Content/responsive/RFE/en-US/ Frame 41F4 291 KB
48 KB 521ms
87ms Stylesheet
text/css 2a02:26f0:e300:18f::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rferl.org/Content/responsive/RFE/en-US/RFE-en-US.css

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:18f::1317 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b9fc864380605e18d45922a588895846363e3cecf47ab01ff1bc5dc5df4aded2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Tue, 03 Sep 2024 18:15:54 GMT
date: Thu, 29 Aug 2024 12:27:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
last-modified: Fri, 19 Jul 2024 10:41:47 GMT
vary: Accept-Encoding
onion-location: https://www.rferlo2zxgv23tct66v45s5mecftol5vod3hf4rqbipfp46fqu2q56ad.onion/Content/responsive/RFE/en-US/RFE-en-US.css
content-type: text/css
content-security-policy-report-only: frame-ancestors 'self' https://www.rferl.org/embed https://www.rferl.org/embed/player https://www.rferl.org/embed/player/0 https://www.rferl.org/embed/player/1 https://www.rferl.org/ext https://www.rferl.org/widget; report-uri https://csp.pangeadigital.io/cspreport
cache-control: public, no-transform, max-age=452898
accept-ranges: bytes
content-length: 49044
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 bannerCarousel.js Show response
dlo17u0f71hna.cloudfront.net/Branding/CDN/HTML_Banners/js/ Frame 41F4 8 KB
2 KB 318ms
184ms Script
application/javascript 2600:9000:20ab:9800:6:5ea4:a580:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dlo17u0f71hna.cloudfront.net/Branding/CDN/HTML_Banners/js/bannerCarousel.js

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20ab:9800:6:5ea4:a580:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

db96492d21ed075fdb8aeb33faaa8fa3aa4974a995a58ed99556c134bddd3ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
content-encoding: gzip
via: 1.1 3ab47e7bb911be04b665845f18319950.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000
last-modified: Thu, 25 Feb 2021 11:15:58 GMT
server: Microsoft-IIS/10.0
x-amz-cf-pop: AMS58-P3
etag: "06b619767bd71:0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1381
x-amz-cf-id: KyZVRX208pbl8r31lmfbFP2Ssro68DcgbRSAQOYPtR4LXSn5-isaTQ==

GET
H2 200 serviceWorkerInstall.js Show response
d1tk677tabtete.cloudfront.net/Scripts/responsive/ Frame 41F4 1 KB
0 34ms
34ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Scripts/responsive/serviceWorkerInstall.js?cb=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

49533254df88a258332aed0020e05629ab257339ab68111838250bcaa4b05cb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 05:10:57 GMT
date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Fri, 19 Jul 2024 10:41:48 GMT
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 9RXn6ASdDAuLE1iIIrgANFZoQw5H5XeaAQApV1UFapcj2WqSKd_FPg==
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Scripts/responsive/serviceWorkerInstall.js?cb=342
content-type: application/javascript
x-cache: Miss from cloudfront
cache-control: public, no-transform, max-age=1701803
content-length: 1213
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 conf.js Show response
d1tk677tabtete.cloudfront.net/ Frame 41F4 3 KB
0 131ms
131ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/conf.js?x=342

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

dc99304eba2e6988c4ec53a0ce6bb54ce5b242117321af443202b3a290fa91ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Wed, 18 Sep 2024 15:22:38 GMT
date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-id: eG3BfJzfNdGz6VN_aYxV_o2MlyoogREGLAgk8XZI0oDenfqcWIT0BQ==
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: FRA56-C1
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/conf.js?x=342
content-language: tt
content-type: application/javascript; charset=utf-8
x-cache: Miss from cloudfront
cache-control: public, max-age=1738504
content-length: 3525
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/3abab6ef/www-widgetapi.vflset/ Frame 41F4 31 KB
0 35ms
35ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/3abab6ef/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 11:40:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2815
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10546
x-xss-protection: 0
last-modified: Tue, 27 Aug 2024 04:16:51 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 29 Aug 2025 11:40:39 GMT

GET
H3 200 d1tk677tabtete.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/site/ 139 KB
12 KB 492ms
451ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/site/d1tk677tabtete.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bbeb90ab82961a321beb3442af47b00f027793f110355a31e174caa7d82965d

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:37 GMT
content-encoding: gzip
cf-cache-status: MISS
ce-version: 11.5.268
alt-svc: h3=":443"; ma=86400
content-length: 12523
last-modified: Thu, 29 Aug 2024 12:27:36 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bac89425911d2c3-FRA

GET /
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 0
0

GET
H2 200 dest5.html
bbg.demdex.net/ Frame BD91 0
0 731ms
0ms Document
text/html 63.34.48.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.demdex.net/dest5.html?d_nsid=0

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.34.48.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-48-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Thu, 29 Aug 2024 12:27:37 GMT
dcs: dcs-prod-irl1-2-v065-0810a4d20.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Mon, 19 Aug 2024 12:39:47 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 7UuPRT1vQyw=

GET
H2 200 id Show response
bbg.sc.omtrdc.net/ 2 B
276 B 917ms
275ms XHR
application/x-javascript 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bbg.sc.omtrdc.net/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&mid=21845009191252933770761042762759478845&ts=1724934456793

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Aug 2024 12:27:37 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://d1tk677tabtete.cloudfront.net
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2

200

ibs:dpid=411&dpuuid=ZtBpOQAAAFX1gwO5
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=21886152457365277700756791272709185766
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtBpOQAAAFX1gwO5

42 B
716 B

83ms
39ms

Image
image/gif

63.34.48.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtBpOQAAAFX1gwO5

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Server

63.34.48.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-34-48-44.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v065-0fbcb9133.edge-irl1.demdex.com 3 ms
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: z65c7eUBRt0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZtBpOQAAAFX1gwO5
Date: Thu, 29 Aug 2024 12:27:37 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 utag.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 107 KB
0 13ms
13ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d614eee1bc109de7b6488ba3ac6259c1ab6bce97ef9c7ed492a64bd31a58cfc5

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:34 GMT
via: 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 82
etag: "09ca4a6102a5705c3126956856e24acd:1723232398.564874"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: DvkEiyjbzpBYhfIKlhQqKmrb-exVPPAwgYBnq06a1Mxjy0S5G_MpGA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 1457ms
288ms Image
image/gif 3.231.196.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.tatar-bashkir.tatar&p=%2F&u=B3wtz7Chgui7DRGNC3&d=d1tk677tabtete.cloudfront.net&g=62557&g0=%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4129&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&b=4612&t=DBqoJ6Cx4mh4MK2k7ZGf_JxnrXz&V=147&i=%D0%90%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&tz=-120&sn=1&sv=D9sR41CuQLd2CHNElIXLApyBtn6iH&sr=external&sd=1&im=061b2ffa&_
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.196.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-196-82.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H3 200 524402386369695 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 597ms
594ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/524402386369695?v=2.9.166&r=stable&domain=d1tk677tabtete.cloudfront.net&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3d8a44d6e6b5a54a07ad373e0523c1b287f4ab5dd83ad29fa041cda283c3101a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:27:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=66, mss=1232, tbw=67129, tp=65, tpl=0, uplat=147, ullat=1
pragma: public
x-fb-debug: SpzEdb2JyLop93hf7aT7l31GrGyqLllajAFhZu+JNrdaaAQpv84yG+N/AyqtjjXtsrMrrCnzraIF/f2HgIKjWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ Frame 41F4 2 B
432 B 347ms
42ms Script
application/javascript 2600:9000:235a:e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202408091939&cb=1724934457436
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 29 Aug 2024 12:19:37 GMT
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: 2JFdBYjyjbcTaDcTdB8pvsJ84FGKhKkA4el8KAkjgYwDv19i2cAO3Q==

GET
H2 200 s65353522438825
d1tk677tabtete.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ 43 B
570 B 301ms
263ms Image
image/gif 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s65353522438825?AQB=1&ndh=1&pf=1&t=29%2F7%2F2024%2014%3A27%3A37%204%20-120&sdid=44771780F342FF0B-4EEC0FFBBC35EC44&mid=21845009191252933770761042762759478845&aamlh=6&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Atb%3Aw%3Ahomepage%3A%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&g=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&cc=USD&ch=%2F&server=d1tk677tabtete.cloudfront.net&events=event1%2Cevent10&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&v4=index&v5=%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&v6=%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&v13=azatliq_radiosi&v15=tatar-bashkir&v16=rferl%20tatar-bashkir&v17=web&v20=yes&v21=homepage&v23=21845009191252933770761042762759478845&v24=01919e1b00ca00160ec36851565a05065002605d00b08&v25=rfe&v27=RFERL%20Tatar-Bashkir%20Responsive&v29=d1tk677tabtete.cloudfront.net&v30=424&v31=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&v32=rfe%3Atb%3Aw%3Ahomepage%3A%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&v36=8.33.0.0.342&v38=homepage&v50=homepage%20view&v70=2.23.0&v72=prod&v75=2.23.0&v82=view&v85=azatliq_radiosi&v100=2024-08-29%3A14.27%3A%2B02.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Ade-DE&v104=iq&v111=ut4.46.202408091939&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=518ABC7455E462B97F000101%40AdobeOrg&AQE=1

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:38 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Aug 2024 12:27:37 GMT
server: nginx/1.18.0 (Ubuntu)
etag: 3704268541692379136-4618255263795499005
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-amz-cf-id: 2NF7fnowN-lb05KHNSohfZ3-pHF1R3DMH_XykuBNuQiTAO2-t7EUpA==
expires: Wed, 28 Aug 2024 12:27:37 GMT

GET
H3 200 d465aa29c12b492a7a2c9822cacda70c.js Show response
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 145 KB
50 KB 53ms
51ms Script
text/javascript 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/d465aa29c12b492a7a2c9822cacda70c.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0026/0255.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7e89a539b89777116916e8163985854ed2b2ff51e02f50b15f81d095be7236

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:37 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Fri, 16 Aug 2024 22:53:59 GMT
server: cloudflare
age: 83692
cf-polished: origSize=148800
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 8bac89499e5dd396-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 719ms
150ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524402386369695&ev=PageView&dl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&rl=&if=false&ts=1724934457859&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1724934457857.888133418914767535&ler=empty&cdl=API_unavailable&it=1724934457138&coo=false&rqm=GET

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2860, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Aug 2024 12:27:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 718ms
146ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=524402386369695&ev=PageView&dl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&rl=&if=false&ts=1724934457859&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1724934457857.888133418914767535&ler=empty&cdl=API_unavailable&it=1724934457138&coo=false&rqm=FGET

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 29 Aug 2024 12:27:38 GMT
document-policy: force-load-at-top
x-fb-server-load: 43
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408537086430029419", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=1, c=10, mss=1297, tbw=3301, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: no-cache
x-fb-debug: NepZxKy9NOEaaLr/hOxZrd4yG7wAr8FkWgDv9o+2G7qEZFSM3WL/4SBnHiFCK+5SGyY1bp/fibRWaIA/nGlhRQ==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408537086430029419"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET data.json
stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/ Frame 41F4 0
0

GET
H2 200 utag.72.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 88 KB
0 291ms
109ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.72.js?utv=ut4.46.202408091939
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b277c87f2ada99e1015a2ea8d616cf63003a513192225313ee3de068b91914dd

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 bd91400ba7aab7602cc8608c81e2cf80.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 118
etag: "3b26cf3b423a58090c1783efb494f102:1718200617.945117"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: pHay7VKhhVjLec58UrYA-kyy4Un0tjmgJjBnIH0dmpkzLXZ3Ekxicg==

GET
H2 200 utag.24.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 10 KB
0 282ms
117ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.24.js?utv=ut4.46.202212081948
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 56fcca3871493c818f05cbf5654d1a07dfad653a6492f78446176de5641e7eed

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 e98f0b9968088109138df73e2c009a08.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 269
etag: "46dc34d1d0cce17fa23d7d03a7d40e60:1674583553.179797"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: -fQboJGxM2buJv8jVPB2vLgh-Ket15y4ZTxPF9u7pX9LvVbp3XgaCg==

GET
H2 200 utag.7.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 607 B
0 252ms
89ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.7.js?utv=ut4.46.201802231859
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c18c77ff51fed8d81f2554bfa19929f00fadb2425d733e63435a1b892778ca8a

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 6ddb0e63e125bdf021ed77a899eab8e6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 173
etag: "96a61cbf7fddf75dc152ab461c0d6124:1674583553.418274"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: hwQWdsKWAbJsOfzPH0a_2y2RSxVVk818VYOin4jZhnkulOJvem60Qg==

GET
H2 200 utag.4.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 55 KB
0 290ms
127ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.4.js?utv=ut4.46.201802231859
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2ae5809a2fdbf9a1b54190020b99a9ebd91c43b985ef4d12b356c80810c37873

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 abcdd9ead509c6f31d96ed9f797fd698.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 30
etag: "b4f87f57ed6f740fd0aa988fa689c0df:1674583553.546956"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: 1G3nwik8ZMeqqzOwHxx3AJBXK2Uslz7lm2ct0sTEFHsY9ZYJgxM17A==

GET
H2 200 utag.73.js Show response
d1tk677tabtete.cloudfront.net/rferl-pangea/prod/ Frame 41F4 4 KB
0 261ms
98ms Script
application/javascript 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57d4650b70ba5cf5e838da5d967b3bd2dfe4d324de063f2ae3c3360cc00e63bd

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:36 GMT
via: 1.1 c2b321e4bf2baad609809abdec469ff6.cloudfront.net (CloudFront), 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
server: nginx/1.18.0 (Ubuntu)
x-amz-cf-pop: CMH68-P1, FRA56-C1
age: 204
etag: "b5d8a29c55067666450a256f03096c15:1723232398.326786"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=1296000
x-amz-cf-id: D7uHfPRUA0MZDNr1nEk6g_7NjWssel2J_I3P6TcqABjmIl_edHldQg==

GET
DATA 200
OK truncated
/ Frame 41F4 156 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 41F4 157 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET SkolarSansPE-Eb.woff2
stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/ Frame 41F4 0
0

GET SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff
www.rferl.org/Content/responsive/fonts/ Frame 41F4 0
0

GET Skolar-Lt_Latin_v2.woff
www.rferl.org/Content/responsive/fonts/ Frame 41F4 0
0

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ Frame 41F4 2 B
432 B 16ms
8ms Script
application/javascript 2600:9000:235a:e00:7:2bfb:7c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bbg/rferl-pangea/202408091939&cb=1724934457927
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:235a:e00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 29 Aug 2024 12:19:37 GMT
via: 1.1 9bd2938ceb90e1a35f549d1165e84676.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P9
age: 481
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: DOkSp9r7B8Cl87ctI-L6VT0I5fLMU8o-XJQPEkWj1b9SA2OQwaEC-A==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 41F4 225 KB
0 343ms
11ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:27:36 GMT
document-policy: force-load-at-top
x-fb-server-load: 40
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=30, rtx=0, c=23, mss=1232, tbw=4489, tp=12, tpl=0, uplat=4, ullat=-1
pragma: public
x-fb-debug: OEk6vppBUzSJ2xI19DwABmfbw7BkIWrO+DpWmifi0JCwPlSgPWNgtf/LKMaMCM8Flc2nwMk0H8tufITksgms9Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/ Frame 41F4
Redirect Chain

https://sb.scorecardresearch.com/c2/6035794/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
0

65ms
65ms

Script
application/javascript

18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Protocol: H2
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 03:59:39 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 30478
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: j4LbGQq8orPvpb7bx-VUFr8295w1n9ijGEXd4KzmA2XNH0Lg7F8ruw==

Redirect headers

date: Thu, 29 Aug 2024 12:27:37 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: 5HoNqbMXmP-ARVP-AFrceCb-m4RZEjkunNHzF_6GV9BBoV5F8FGz-w==

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ Frame 41F4 71 KB
0 391ms
18ms Script
application/x-javascript 2600:9000:2646:ae00:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/rferl-pangea/prod/utag.73.js?utv=ut4.46.202408091939
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:ae00:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Wed, 28 Aug 2024 16:27:31 GMT
content-encoding: gzip
via: 1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:07:44 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 72005
etag: W/"665fac50-11d74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PvYR0wfzJMhPVq3ngKoSCu_6l9a5gY2nybbX0vCVNvvmnSMUebcpkg==
expires: Thu, 29 Aug 2024 16:27:31 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 41F4 0
224 B 9ms
8ms Image
text/plain 18.244.18.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035794&ns_type=hidden&ns__t=1724934457954&ns_c=UTF-8&c8=banner%20-%20Tatar%20Dictionary%20--%201-col-vertical&c7=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&c9=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-32.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:37 GMT
via: 1.1 182ccc7786c60fec555dbcd8ce6baa5e.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: s15VZQ82sLJDQr6MqvAYStMReHgXwTjXL0ohj9Ete5Rq9FSu_C60Wg==
x-cache: Miss from cloudfront

GET
H3 200 524402386369695 Show response
connect.facebook.net/signals/config/ Frame 41F4 64 KB
0 597ms
594ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3d8a44d6e6b5a54a07ad373e0523c1b287f4ab5dd83ad29fa041cda283c3101a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Aug 2024 12:27:37 GMT
document-policy: force-load-at-top
x-fb-server-load: 29
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=66, mss=1232, tbw=67129, tp=65, tpl=0, uplat=147, ullat=1
pragma: public
x-fb-debug: SpzEdb2JyLop93hf7aT7l31GrGyqLllajAFhZu+JNrdaaAQpv84yG+N/AyqtjjXtsrMrrCnzraIF/f2HgIKjWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 41F4 0
102 B 509ms
151ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=524402386369695&ev=PageView&dl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&rl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&if=true&ts=1724934458054&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1724934457857.888133418914767535&ler=empty&cdl=API_unavailable&it=1724934457959&coo=false&rqm=GET

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3146, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Aug 2024 12:27:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ Frame 41F4 67 B
852 B 508ms
69ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=524402386369695&ev=PageView&dl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&rl=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&if=true&ts=1724934458054&sw=1600&sh=1200&v=2.9.166&r=stable&a=tmtealium&ec=0&o=12318&fbp=fb.2.1724934457857.888133418914767535&ler=empty&cdl=API_unavailable&it=1724934457959&coo=false&rqm=FGET

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 29 Aug 2024 12:27:38 GMT
document-policy: force-load-at-top
x-fb-server-load: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7408537085745322904", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=8, rtx=1, c=10, mss=1297, tbw=6166, tp=-1, tpl=-1, uplat=185, ullat=0
pragma: no-cache
x-fb-debug: 57Pc5oM77z0zZavTY2Br8D8WXOdAOE+eSxbph+edz7iZFBAjXqvl1CckMJp36Rx4GiglClvd1mVCOCgIZdvPRA==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7408537085745322904"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 s63333272964753
d1tk677tabtete.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/ Frame 41F4 43 B
570 B 455ms
431ms Image
image/gif 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d1tk677tabtete.cloudfront.net/b/ss/bbgprod,bbgentityrferl/1/JS-2.23.0/s63333272964753?AQB=1&ndh=1&pf=1&t=29%2F7%2F2024%2014%3A27%3A38%204%20-120&fid=7BFDD3800927CCE8-3B1D2FE4C3A83FD2&ce=UTF-8&ns=bbg&cdp=3&pageName=rfe%3Atb%3Ase%3Aiframe%3A&g=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&cc=USD&ch=%2Fa&server=d1tk677tabtete.cloudfront.net&events=event2%2Cevent80&v1=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&v4=snippet&v5=snippet&v6=banner%20-%20tatar%20dictionary%20--%201-col-vertical&v14=33004011&v15=tatar-bashkir&v16=rferl%20tatar-bashkir&v17=self-embed&v21=iframe&v25=rfe&v27=RFERL%20Tatar-Bashkir%20Responsive&v29=d1tk677tabtete.cloudfront.net&v30=424&v31=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&v32=rfe%3Atb%3Ase%3Aiframe%3A&v38=snippet&v50=iframe&v62=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2Fa%2F1035881%2F1%2F33004011.html&v65=banner%20-%20tatar%20dictionary%20--%201-col-vertical&v66=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&v67=d1tk677tabtete.cloudfront.net&v72=prod&v82=link&v100=2024-08-29%3A14.27%3A%2B02.00&v101=Europe%2FBerlin&v102=en-US%3Aen%3Ade-DE&v104=iq&v111=ut4.46.202408091939&pe=lnk_o&pev2=no%20link_name&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=290&bh=340&AQE=1

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:38 GMT
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 30 Aug 2024 12:27:38 GMT
server: nginx/1.18.0 (Ubuntu)
etag: 3704268542761500672-4618515297219753953
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-amz-cf-id: iZoG0saXcmQSAonb84_SkhoHHLDtpRbmRlzALqUGVOOkI68PfUmx6g==
expires: Wed, 28 Aug 2024 12:27:38 GMT

GET
H2 200 SkolarSansLatnCyrlCn-Bd.woff
docs.rferl.org/infographics/sources/fonts/ Frame 41F4 40 KB
40 KB 124ms
92ms Font
application/font-woff 2a02:26f0:e300:18f::1317
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://docs.rferl.org/infographics/sources/fonts/SkolarSansLatnCyrlCn-Bd.woff

Requested by

Host: dlo17u0f71hna.cloudfront.net
URL: https://dlo17u0f71hna.cloudfront.net/branding/cdn/html_banners/typography-codepen.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:e300:18f::1317 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://dlo17u0f71hna.cloudfront.net/
Origin: https://d1tk677tabtete.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:38 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 23 Feb 2016 10:17:15 GMT
server: Microsoft-IIS/10.0
etag: "8087f95d236ed11:0"
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 41216
expires: Sat, 28 Sep 2024 12:27:38 GMT

GET
H3 200 d1tk677tabtete.cloudfront.net.json Show response
script.crazyegg.com/pages/data-scripts/0026/0255/sampling/ 7 KB
2 KB 291ms
288ms XHR
application/json 104.19.148.8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0026/0255/sampling/d1tk677tabtete.cloudfront.net.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/d465aa29c12b492a7a2c9822cacda70c.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.148.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d4df51e30f100585f36e386b1c0d548cd2f2f86a0a57e44589c0eb388c60ef8

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:38 GMT
content-encoding: gzip
cf-cache-status: MISS
ce-version: 11.5.268
alt-svc: h3=":443"; ma=86400
content-length: 1469
last-modified: Thu, 29 Aug 2024 12:27:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8bac894cca96d2c3-FRA

GET SkolarSansPE-Eb.woff
stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/ Frame 41F4 0
0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 237ms
103ms Image
image/gif 3.231.196.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40rferl.tatar-bashkir.tatar&g=62557&p=https%3A%2F%2Frfe-video-ns.akamaized.net%2Fpangeavideo%2F2022%2F06%2F0%2F08%2F080a0000-0a00-0242-517c-08da54d97b42.mp4&i=&g0=%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&u=C9PvvNB_OZJ1B41AKy&t=skXb0Cec_LzDKDCE8Brn4x9DxLnOS&x=0&y=0&V=147&VS=H5&n=1&b=4653&r=&_vd=28840&_vi=%D0%90%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D0%A0%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&_vp=d1tk677tabtete.cloudfront.net%2F&_vh=d1tk677tabtete.cloudfront.net&_pu=B3wtz7Chgui7DRGNC3&_pt=DBqoJ6Cx4mh4MK2k7ZGf_JxnrXz&_pr=&_vdd=rferl.tatar-bashkir.tatar&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=2.243&_vpt=0&_vtn=https%3A%2F%2Fd17u43zxf1emmx.cloudfront.net%2F080a0000-0a00-0242-517c-08da54d97b42_tv_w250_r1.jpg&_vaup=man&_vce=0&c=0.04&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Requested by: Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.196.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-196-82.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:39 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H2 200 Counts Show response
sheets.googleapis.com/v4/spreadsheets/1bmABDBUQJfRa9kyilayYH6weIKJXmFiRoMGTNkqX9hk/values/ 192 B
497 B 1284ms
945ms Fetch
application/json 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sheets.googleapis.com/v4/spreadsheets/1bmABDBUQJfRa9kyilayYH6weIKJXmFiRoMGTNkqX9hk/values/Counts?alt=json&key=AIzaSyDliBdIaszCPY0qUrpbRZZyNpBIlzpAous

Requested by

Host: d1tk677tabtete.cloudfront.net
URL: https://d1tk677tabtete.cloudfront.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4cef9bc676cf3794de974a079fdf6e06f02910ebc659bb2b647e28e58ad011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-l2-request-path: l2-managed-6
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://d1tk677tabtete.cloudfront.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145
x-xss-protection: 0

GET
H/1.1 204
No Content b
ds-aksb-a.akamaihd.net/2/52398/ 0
269 B 18ms
16ms Image
text/html 2a02:26f0:480:e::210:f107
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ds-aksb-a.akamaihd.net/2/52398/b?dE=24&cS=25&cE=226&rqS=253&rsS=935&rsE=1186&sS=31&dl=998&di=2506&fp=2292&dlS=2507&dlE=2533&dc=7149&leS=7149&leE=7150&to=&ol=0&cr=8&mt=&mb=&b=257&u=https%3A//d1tk677tabtete.cloudfront.net/&ua=Mozilla/5.0%20%28X11%3B%20Linux%20x86_64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/128.0.0.0%20Safari/537.36&pl=Linux%20x86_64&us=&gh=23.33.28.145&t=&rid=33615217&r=44093&akM=dsca&akN=ae&vc=14:17&bpcip=00000NaN&akTX=1&akTI=33615217&ai=211610&pmgn=&pmgi=&pmp=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:e::210:f107 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Aug 2024 12:27:39 GMT
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store, private
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 29 Aug 2024 12:27:39 GMT

GET
H2 200 favicon.ico
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/img/webApp/ 4 KB
5 KB 177ms
159ms Other
image/x-icon 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:39 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 4414
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:47 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/img/webApp/favicon.ico
content-type: image/x-icon
cache-control: public, max-age=621018
x-amz-cf-id: eRQuey8fZna-XMxsLvrq8CcUMmaCMAKrIvI6kxhnlUol_qg6s0BK8A==
expires: Thu, 05 Sep 2024 16:57:57 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 120ms
120ms Image
image/gif 3.231.196.82
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=rferl.tatar-bashkir.tatar&p=%2F&u=B3wtz7Chgui7DRGNC3&d=d1tk677tabtete.cloudfront.net&g=62557&g0=%D0%B0%D0%B7%D0%B0%D1%82%D0%BB%D1%8B%D0%BA%20%D1%80%D0%B0%D0%B4%D0%B8%D0%BE%D1%81%D1%8B&g1=No%20Author&n=1&f=00001&c=0.05&x=0&m=0&y=4156&o=1600&w=1200&j=30&R=1&W=0&I=0&E=3&e=3&r=&PA=https%3A%2F%2Fd1tk677tabtete.cloudfront.net%2F&b=4612&t=DBqoJ6Cx4mh4MK2k7ZGf_JxnrXz&V=147&tz=-120&_vi=&_vp=https://rfe-video-ns.akamaized.net/pangeavideo/2022/06/0/08/080a0000-0a00-0242-517c-08da54d97b42.mp4&_vdd=video%40rferl.tatar-bashkir.tatar&_vs=s1&_vt=ct&_vap=&_vtn=https%3A%2F%2Fd17u43zxf1emmx.cloudfront.net%2F080a0000-0a00-0242-517c-08da54d97b42_tv_w250_r1.jpg&_vd=28840&sn=2&sv=D9sR41CuQLd2CHNElIXLApyBtn6iH&sr=external&sd=1&im=061b2ffa&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.196.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-196-82.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: 0
pragma: no-cache
date: Thu, 29 Aug 2024 12:27:40 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
content-type: image/gif

GET
H2 200 favicon.svg
d1tk677tabtete.cloudfront.net/Content/responsive/RFE/img/webApp/ 629 B
1 KB 213ms
212ms Other
image/svg+xml 2600:9000:206f:3c00:7:4434:d080:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d1tk677tabtete.cloudfront.net/Content/responsive/RFE/img/webApp/favicon.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:7:4434:d080:21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://d1tk677tabtete.cloudfront.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 29 Aug 2024 12:27:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-length: 629
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
last-modified: Fri, 19 Jul 2024 10:41:47 GMT
server: nginx/1.18.0 (Ubuntu)
onion-location: https://www.azatli7ifydxlltreov6fyvzwuflgggwdgry2cnxllzs7xpoh7qjmmid.onion/Content/responsive/RFE/img/webApp/favicon.svg
content-type: image/svg+xml
cache-control: public, max-age=623426
x-amz-cf-id: Eb7Gu9RlrHj0IjiO3FHugeriRdioPQ5T4saKdbsU-D6zzhDAL-C_4w==
expires: Thu, 05 Sep 2024 17:38:06 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mab.chartbeat.com
URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=rferl.tatar-bashkir.tatar&domain=d1tk677tabtete.cloudfront.net&path=%2F

Domain: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/data.json

Domain: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff2

Domain: www.rferl.org
URL: https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff

Domain: www.rferl.org
URL: https://www.rferl.org/Content/responsive/fonts/Skolar-Lt_Latin_v2.woff

Domain: stdatavisualpublic001.blob.core.windows.net
URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 23:08:56	Name: __cf_bm Value: 2vqIiwq8OFSEqXw0yYtCMTGZ0vVwBUxbtsim_i7yADc-1724934454-1.0.1.1-c4Fn9henlcg.qlyMaO.BC17XOcwqYQ3oMhbXx6.NUcxIj1frnvaX9GGTXw3sojRem.GiW3m_.hW1EO9HGuX7ew
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: 8PVN4jr11vk
.youtube.com/	1970-01-21 03:28:06	Name: VISITOR_INFO1_LIVE Value: VPZU_LaRcvo
.youtube.com/	1970-01-21 03:28:06	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgbA%3D%3D
d1tk677tabtete.cloudfront.net/	1969-12-31 23:59:59	Name: clickCounter Value: 0
.demdex.net/	1970-01-21 03:28:06	Name: demdex Value: 21886152457365277700756791272709185766
.d1tk677tabtete.cloudfront.net/	1969-12-31 23:59:59	Name: AMCVS_518ABC7455E462B97F000101%40AdobeOrg Value: 1
.d1tk677tabtete.cloudfront.net/	1970-01-21 08:37:42	Name: _cb Value: B3wtz7Chgui7DRGNC3
.d1tk677tabtete.cloudfront.net/	1970-01-20 23:08:56	Name: _cb_svref Value: external
.d1tk677tabtete.cloudfront.net/	1970-01-21 08:37:42	Name: _v__chartbeat3 Value: C9PvvNB_OZJ1B41AKy
.d1tk677tabtete.cloudfront.net/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-21 03:28:06	Name: dpm Value: 21886152457365277700756791272709185766
.d1tk677tabtete.cloudfront.net/	1970-01-21 08:44:54	Name: AMCV_518ABC7455E462B97F000101%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19965%7CMCMID%7C21845009191252933770761042762759478845%7CMCAAMLH-1725539256%7C6%7CMCAAMB-1725539256%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1724941657s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19972%7CvVersion%7C5.4.0
.d1tk677tabtete.cloudfront.net/	1970-01-21 01:18:30	Name: _fbp Value: fb.2.1724934457857.888133418914767535
.d1tk677tabtete.cloudfront.net/	1970-01-21 08:37:42	Name: _chartbeat2 Value: .1724934456949.1724934457981.1.D9sR41CuQLd2CHNElIXLApyBtn6iH.2
.d1tk677tabtete.cloudfront.net/	1970-01-21 08:44:54	Name: s_fid Value: 7BFDD3800927CCE8-3B1D2FE4C3A83FD2
.d1tk677tabtete.cloudfront.net/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.d1tk677tabtete.cloudfront.net/	1969-12-31 23:59:59	Name: cebs Value: 1
.d1tk677tabtete.cloudfront.net/	1970-01-21 07:54:30	Name: _ce.s Value: v~f34bb51fd6976ce9dcd3da7c460d32347209a4eb~lcw~1724934458664~lva~1724934458664~vpv~0~lcw~1724934458668

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: Access to font at 'https://www.rferl.org/Content/responsive/fonts/Skolar-Lt_Latin_v2.woff' from origin 'https://d1tk677tabtete.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.rferl.org/Content/responsive/fonts/Skolar-Lt_Latin_v2.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: Access to font at 'https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff' from origin 'https://d1tk677tabtete.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.rferl.org/Content/responsive/fonts/SkolarSans-Cn-Bd_LatnCyrl_v2.3.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: Access to fetch at 'https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/data.json' from origin 'https://d1tk677tabtete.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/data.json Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: Access to font at 'https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff2' from origin 'https://d1tk677tabtete.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: Access to font at 'https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff' from origin 'https://d1tk677tabtete.cloudfront.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stdatavisualpublic001.blob.core.windows.net/tatar-dictionary/production/fonts/skolar-sans/SkolarSansPE-Eb.woff Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://d1tk677tabtete.cloudfront.net/a/1035881/1/33004011.html Message: The resource https://d1tk677tabtete.cloudfront.net/Content/responsive/fonts/Skolar-Lt_LatnCyrl_v2.4.woff was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bbg.demdex.net
bbg.sc.omtrdc.net
cdn.onesignal.com
cdnjs.cloudflare.com
cm.everesttech.net
connect.facebook.net
d17u43zxf1emmx.cloudfront.net
d1tk677tabtete.cloudfront.net
dlo17u0f71hna.cloudfront.net
docs.rferl.org
dpm.demdex.net
ds-aksb-a.akamaihd.net
mab.chartbeat.com
onesignal.com
ping.chartbeat.net
rfe-video-ns.akamaized.net
rfe-video.rferl.org
sb.scorecardresearch.com
script.crazyegg.com
sheets.googleapis.com
static.chartbeat.com
stdatavisualpublic001.blob.core.windows.net
tags.tiqcdn.com
www.facebook.com
www.googletagmanager.com
www.rferl.org
www.youtube.com
mab.chartbeat.com
stdatavisualpublic001.blob.core.windows.net
www.rferl.org
104.17.111.223
104.17.24.14
104.19.148.8
157.240.0.6
172.217.18.14
18.244.18.32
2600:9000:206f:3c00:7:4434:d080:21
2600:9000:20a0:d600:17:ca9d:c640:21
2600:9000:20ab:9800:6:5ea4:a580:21
2600:9000:235a:e00:7:2bfb:7c00:93a1
2600:9000:2646:ae00:18:1fcd:354:4b41
2a00:1450:4001:809::200a
2a00:1450:4001:810::200e
2a00:1450:4001:81c::2008
2a02:26f0:480:e::210:f107
2a02:26f0:7100::213:c691
2a02:26f0:e300:18f::1317
2a03:2880:f177:185:face:b00c:0:25de
3.231.196.82
52.210.212.240
63.140.62.222
63.34.48.44
009fcd01c88d88fb29789f88576b3b89532a3781c270ecece0f58cfe0cbe9cce
033e674319125f7757da4914126b4df10e152e9ff609e7b593633e3b8d1648bd
058eeeab39a650f6724fce5c96e8272c4a5d8e6c2cfe3d7e6465626f6df522b6
0ea88c95439291ddf8bc132355482110d2a901a54698e8f18b268d592779ca49
14e78e82e98c3dab88484cc6377c0acc17be37aecae5f584d7a3a24f65f43b19
199598578f7bf8f8477a739eac981fa5a1552f1f11aec7f570b3e1475d8aec04
1a2d86cce24f48335701b6b630aba6cec5fa3ec2f4e81f45b876977da82d5315
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2ae5809a2fdbf9a1b54190020b99a9ebd91c43b985ef4d12b356c80810c37873
2daddd81c3f0d86278b848fd7aaccf2ea00e2d7c15df0e533df5e8fdbdf720b5
2df2cac1e1c8d1b6ea50950f4c44c910400d212cbd4af036fd4a090d14d5872a
332d3ba1f02879d0297fd22bbbce491b01107eb26dfa376210738053d6f7d1b9
386a292b805ec5376c149711c08d9013658fd08879a7ac9a62a99e14310c397a
3aa7c2ff80aa0d890d5e1a60834d678a023ab50ad1cc505532515cb4c0427f88
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3d8a44d6e6b5a54a07ad373e0523c1b287f4ab5dd83ad29fa041cda283c3101a
3f92381ffcc05bf360dd7e7aebee55fc7cb041de7ca8feb3c8e05fcd92054957
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ff35466afe40b7b0f8ef79d7424469b8ec45521fd7942a38c850a1cde988cf
49533254df88a258332aed0020e05629ab257339ab68111838250bcaa4b05cb3
4a64b98c230a4c4aefd4fa2aa9ad268fe2cbb5f290b77562e18a32780a003221
4f1106f5c6278f9eed87f143dd0283afe53cdd885c6895ca4662ca3d0a5d77da
56dd182d270b634ffc610071d0575ed1919d662e1bbe999d076797f7ed74ba74
56fcca3871493c818f05cbf5654d1a07dfad653a6492f78446176de5641e7eed
57d4650b70ba5cf5e838da5d967b3bd2dfe4d324de063f2ae3c3360cc00e63bd
588c07d6ea8edcf998ac93e92a0d23da4509b44508723ff64b1c4ef9c3e4a796
6049a00fe2e2ae345b52bc3ebeb9e04022a7fdd89a67582ec8c97ddd47ca7860
71cce48e756b22002f4b43147e46ed46452329e48658edcd45b6dc3759bbc66e
76f814527524a69b2b48c421965d8a8ab9910f441e8cce6747743f3f796030f1
77bf04fcffa1766f3c74d17fdef2ee0a8cee09fc06cfeb043c572a6382bf567d
7f06def529e0076b37f65c60085a6b1c65f1bbab0b1f87c72c188018b5094966
80334dea4c1a068877473bf3b4e15e1d6b553b5f73315a202a752e1983021713
84f9a461a78449115f36216577b717affb14b02d8fd1fcdded0f28177a10d757
85fe6eeeb55398b89866f0a057c7fbb97f4167a69144c65f57f3c49e3bf195a8
88c21e8752f97350e83ffe0610ab69e7d9aeb87b2507db99cc9ecb8419ee6ddf
8a178c949a092768497501e2247b12163961a059a81ab92d0e918129a7fc55b7
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
9a4cef9bc676cf3794de974a079fdf6e06f02910ebc659bb2b647e28e58ad011
9bbeb90ab82961a321beb3442af47b00f027793f110355a31e174caa7d82965d
9d4df51e30f100585f36e386b1c0d548cd2f2f86a0a57e44589c0eb388c60ef8
a0d048257dfd2554ec4c5fe578dc03703f7d6011bee5899143eb9ca9db9491e2
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a8440cc4073ce181e57b3041c36d9e17cf266b3abd4dd09d0c86103f667bad22
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac7e89a539b89777116916e8163985854ed2b2ff51e02f50b15f81d095be7236
b277c87f2ada99e1015a2ea8d616cf63003a513192225313ee3de068b91914dd
b9fc864380605e18d45922a588895846363e3cecf47ab01ff1bc5dc5df4aded2
c18c77ff51fed8d81f2554bfa19929f00fadb2425d733e63435a1b892778ca8a
c6c3cb235132d5432ec95db7265bfb6a54a396f947bdac9451dac3c9b5113fe0
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
cefccb03ad22a124428d0988abbacbec6d48931fe2c19df99048a08fb186c4ff
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0667af06a388861a7f55cfbb6ef24081e152e7eabbb399e5c660ade3721589e
d24ec64291900c8a48816a802de8d32e6f4466018218cab64f9961fe33b0f71f
d2ba0e8a74340c429355e9260d453136d7b097666415b43f7ffbdce7af607542
d351296943c7a7389ed59dd92745ed0f2e7a660ae2ed8234cfa405816c40ad8a
d614eee1bc109de7b6488ba3ac6259c1ab6bce97ef9c7ed492a64bd31a58cfc5
db55a0b2d53013b186448d404c8406b9832176dd218a5a85d9ee0730ef2734fd
db96492d21ed075fdb8aeb33faaa8fa3aa4974a995a58ed99556c134bddd3ec1
dc99304eba2e6988c4ec53a0ce6bb54ce5b242117321af443202b3a290fa91ec
e0e82c4738b8c7f116fefca8e99bb9436ae6bfabcd7185bdf9bba20a892ceb85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e530cc612649e8af10601965cc263f81ef81d6910a693be1f7f71dca9587a6b9
e5a124d380589c76f7342e2618e10d6891b42de6355863a048e4e95178a17a7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70fee4cbe6912b86b34ef51df926d5ec244f5f7dce240dad4c0bdbca355d342
fdfce799d0cb5c2e30840f7f7ce90b02ebdda127bb744b0b8f0573f801ae9bb5

d1tk677tabtete.cloudfront.net Open in urlscan Pro 2600:9000:206f:3c00:7:4434:d080:21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

89 %HTTPS

55 %IPv6

20 Domains

27 Subdomains

21 IPs

5 Countries

1730 kBTransfer

3740 kBSize

19 Cookies

7 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

d1tk677tabtete.cloudfront.net Open in urlscan Pro
2600:9000:206f:3c00:7:4434:d080:21 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

89 %
HTTPS

55 %
IPv6

20
Domains

27
Subdomains

21
IPs

5
Countries

1730 kB
Transfer

3740 kB
Size

19
Cookies

104 HTTP transactions
2 data transactions