bloodshot2020.livejournal.com Open in urlscan Pro
81.19.74.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bloodshot2020.livejournal.com/277.html
Submission Tags: falconsandbox
Submission: On December 03 via api (December 3rd 2020, 8:54:12 am UTC) from US

Summary HTTP 83 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 27 IPs in 7 countries across 17 domains to perform 83 HTTP transactions. The main IP is 81.19.74.5, located in Moscow, Russian Federation and belongs to RAMBLER-TELECOM-AS, RU. The main domain is bloodshot2020.livejournal.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on March 6th 2019. Valid for: 2 years.

This is the only time bloodshot2020.livejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	81.19.74.5 81.19.74.5	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
6	91.192.150.12 91.192.150.12	42481 (BEGUN-AS) (BEGUN-AS)
9	184.30.212.126 184.30.212.126	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	81.19.74.3 81.19.74.3	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
11	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 3	95.101.55.60 95.101.55.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1	2a02:6b8::131 2a02:6b8::131	13238 (YANDEX) (YANDEX)
3 10	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	91.192.149.38 91.192.149.38	42481 (BEGUN-AS) (BEGUN-AS)
1	2a02:6b8::402 2a02:6b8::402	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	77.88.21.179 77.88.21.179	13238 (YANDEX) (YANDEX)
2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	81.19.89.17 81.19.89.17	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
3	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
4	91.192.149.14 91.192.149.14	42481 (BEGUN-AS) (BEGUN-AS)
6	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:401... 2a00:1450:4010:c0b::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
83	27

1 81.19.74.5 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

bloodshot2020.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.192.150.12 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru

ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.30.212.126 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-126.deploy.static.akamaitechnologies.com

l-stat.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-api.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.74.3 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

xc3.services.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.101.55.60 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-55-60.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::131 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

awaps.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.149.38 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: rcm.rambler.ru

rcmjs.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::402 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

static-mon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.88.21.179 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: adfox-external-l3-engine.stable.qloud-b.yandex.net

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.89.17 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.192.148.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.192.149.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

img01.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4010:c0b::9b (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	rambler.ru ssp.rambler.ru rcmjs.rambler.ru kraken.rambler.ru profile.ssp.rambler.ru img01.ssp.rambler.ru	206 KB
13	googlesyndication.com pagead2.googlesyndication.com 0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com tpc.googlesyndication.com	47 KB
13	google.com fundingchoicesmessages.google.com adservice.google.com	91 KB
11	yandex.ru 2 redirects awaps.yandex.ru mc.yandex.ru an.yandex.ru	178 KB
8	livejournal.net l-stat.livejournal.net	653 KB
7	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	263 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	livejournal.com bloodshot2020.livejournal.com xc3.services.livejournal.com l-api.livejournal.com	68 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	google.ch adservice.google.ch	972 B
2	yandex.com 1 redirects mc.yandex.com	584 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	1 KB
1	adfox.ru ads.adfox.ru	447 B
1	yandex.net static-mon.yandex.net	102 KB
1	top100.ru st.top100.ru	21 KB
1	googletagmanager.com www.googletagmanager.com	31 KB
83	17

	Domain	Requested by
11	fundingchoicesmessages.google.com	bloodshot2020.livejournal.com
8	mc.yandex.ru	2 redirects bloodshot2020.livejournal.com l-stat.livejournal.net mc.yandex.ru
8	l-stat.livejournal.net	bloodshot2020.livejournal.com l-stat.livejournal.net
6	securepubads.g.doubleclick.net	ssp.rambler.ru securepubads.g.doubleclick.net
6	ssp.rambler.ru	bloodshot2020.livejournal.com ssp.rambler.ru
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	img01.ssp.rambler.ru	ssp.rambler.ru
4	www.google-analytics.com	bloodshot2020.livejournal.com
3	sb.scorecardresearch.com	1 redirects bloodshot2020.livejournal.com
2	www.googletagservices.com	securepubads.g.doubleclick.net
2	c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.ch	securepubads.g.doubleclick.net
2	profile.ssp.rambler.ru	bloodshot2020.livejournal.com ssp.rambler.ru
2	mc.yandex.com	1 redirects bloodshot2020.livejournal.com
2	an.yandex.ru	bloodshot2020.livejournal.com
2	www.tns-counter.ru	1 redirects bloodshot2020.livejournal.com
1	kraken.rambler.ru	bloodshot2020.livejournal.com
1	ads.adfox.ru	ssp.rambler.ru
1	stats.g.doubleclick.net	www.google-analytics.com
1	l-api.livejournal.com	l-stat.livejournal.net
1	static-mon.yandex.net	l-stat.livejournal.net
1	rcmjs.rambler.ru	bloodshot2020.livejournal.com
1	awaps.yandex.ru	bloodshot2020.livejournal.com
1	st.top100.ru	bloodshot2020.livejournal.com
1	www.googletagmanager.com	bloodshot2020.livejournal.com
1	xc3.services.livejournal.com	bloodshot2020.livejournal.com
1	bloodshot2020.livejournal.com
83	30

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
www.facebook.com
twitter.com
itunes.apple.com
play.google.com
appgallery.huawei.com

Subject Issuer	Validity	Valid
*.livejournal.com RapidSSL RSA CA 2018	`2019-03-06` - `2021-03-05`	2 years	crt.sh
ssp.rambler.ru Let's Encrypt Authority X3	`2020-10-11` - `2021-01-09`	3 months	crt.sh
livejournal.com DigiCert SHA2 Secure Server CA	`2019-11-24` - `2021-02-22`	a year	crt.sh
*.services.livejournal.com RapidSSL RSA CA 2018	`2019-05-30` - `2021-05-27`	2 years	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.top100.ru RapidSSL RSA CA 2018	`2019-02-07` - `2021-03-08`	2 years	crt.sh
*.tns-counter.ru GlobalSign RSA OV SSL CA 2018	`2020-11-17` - `2021-12-19`	a year	crt.sh
awaps-v6.yandex.net Yandex CA	`2020-09-30` - `2021-03-03`	5 months	crt.sh
mc.yandex.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
*.rambler.ru RapidSSL RSA CA 2018	`2019-04-15` - `2021-06-13`	2 years	crt.sh
*.naydex.net Yandex CA	`2020-09-29` - `2021-03-30`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adfox.ru Yandex CA	`2020-09-29` - `2021-03-11`	5 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
profile.ssp.rambler.ru Let's Encrypt Authority X3	`2020-10-11` - `2021-01-09`	3 months	crt.sh
img01.ssp.rambler.ru Let's Encrypt Authority X3	`2020-10-11` - `2021-01-09`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://bloodshot2020.livejournal.com/277.html
Frame ID: 6849B2824FE9A8A088F42A28A1AFED98
Requests: 73 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 0D495F7F11CC82080598702C68A2288C
Requests: 10 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=KV5E06j*F2mselny80C8rTumqQFc71rpmHlA-3rmSOHSE45OpbFWJ1jpC-QZ2rMOFBGLjDo2AnQ0VKZ7SCntPE2z0rc6JGGKqi2E3ark-gE0lsntIs450PWUBc8HLja177Sc6xxCsv2E9X746T1hpWK0Lq6vJs*YDcRPQkE5H2TPCeOA6uEFhltf7zaiM-HBAgAAALrcvAoAAAAA&img=J8o5p6SaUi17jKJ3HSZyj-hKMRumOrmT5TU9zintJFeZSByRtl-**jXnMKxgD5nxjNTQL6X14jJDBD1qfXOfrnFwEMxDL0R64mxlj5mrtBWJM*K2CqolLuYza2xjFgarRfDPl077nPRE594oleQ93gIAAAC63LwKAAAAAA&img=I*Wp1KSVSPXxSLbTHnFrkL7EoQs5PpQB5xaJoRwwaUUAjd8kiT6TyghuNdslxlDZr4d-oi87ylqCqVcYpoeKbc0Z65d2ocLbFp8ctFqzf2KZlZFOAfVPBNLOBzER3CdeQTb81pj2AAXuM4dDXXVP7wIAAAC63LwKAAAAAA&img=2TlkSYVZMpDGtTvgkD8s3Aje-XIgam5lLeytP5YEYTjj0d1d1au8FYdPLtgTwT5UbYSx-*8pSkaeroDK496BONKTMx4gO8Y6nDPiFSkIoXvngmb0-*Gy*LbxgX7IcClLYSefa*zX49YhrInnQLRluH5RMxftRvPmpxlygzCha7VbaQjFC6EQZUmFjWES*Ke2oV0LR3SulMndkVHlWtOMiaxW5LbbgNypQnIMk4ghbFgZXIUYZw280mg6ygYhNxMcr85ILV4bcj*3w34D7F39pjlwWQVQLIPdC--Wbf5U7goCAAAAuty8CgAAAAA&img=CdJx0ypsIYttCDE0ldrut38MIWLSLYVcrNvDJle*eq4aqprCo4ooZUvTmG0eiyBOu2PvmlqRdnuMJWo-ZABX0JXWXPdTjPkKjf7zZNq54uocvWt*SIWwEZnsGel6Aj4CvFufJObrsbHsPxcMAy3UoQIAAAC63LwKAAAAAA&img=WgX6XRaXQnPUtP7-ZR4UNQDgv76M9m90shl6wtPAswq3YXMMGm45StLk7jB4ZnN*xoPUQxO24WK3vXRRWElfrIBkAHCN8hKHQF-6as-RR4njWuKS8D0vKp9evE-RxoQIup1BH5-bOmTPn2ZOd5p1ujO6T9D87rvuiJu9gpOs*7sCAAAAuty8CgAAAAA&img=JZzArnKJfOo2*wYPUwkg9zZoi8gaArt5PjSyEKINiK354jXd2zt9yFRaa9I7qKlD7Botn2mXwoM0QeSjyBl46kXnB4nhou8HiEXSpqdggFrcHzhrBm6KH0rn3SaDkYq0*lOK-iv6Qpb0We9B83gWDpzekdmil6cUz9sw3hOe5y8CAAAAuty8CgAAAAA&img=UnNxtIc3YJTo5aBO3bY2tyJHaDjDJrv1yekPH2K*j9Bvt1P12U0SomFDX4ehFNGfHokQAqxjaboyJMJaFgAGFjMGvzagldV3sDtutnU41Pr-w*NyP5VtvLlRZphg0IIvuh8oPmMcSVDx1X9RbpBemR4kHx1im2vpf6UrlR66JxoCAAAAuty8CgAAAAA&img=k542BKW2vGboNWhfZcpObjdi-rHN1r446KTmketw*A7x*J1MF16lLW16IR2naxPjj0hDL1gDqXwnpT-7i7996B9OfR8V2B4W4fK0Tc9UCbvEYXsO9O2GmVUgVS3rqpqhAgAAALrcvAoAAAAA&img=jQPBB50*roKl*hXff0*TPHSFAVwXlp6ZpaInr8BJ*HnC6h*Q9zQXTWRQ*EeLikSGDjfHeH03xc5vKXXiD2Fy5wYCvZe0d8m5JcuFUfKO41h8jirY0xZfMa80bTQY8-zmy27nCjeaH601DP3l-iO65CKrtrVaV78h5dGFOtPij-ECAAAAuty8CgAAAAA&img=qFOMAWdkXI1qjyPrAKmwZwH1HRzeLQOBgk5nviJI*aIm55CTifYhh9EN3NArZQxeeoUmAF68c16nhWzHS31cERa3csLriYF4E6iKwJRUB3euTyZqeLk2*LCN2FmqC56Ly6WmmbgbuQWp3L2U8Fsp4-bpWNaftmDsAfnlqjmKdEgCAAAAuty8CgAAAAA&img=LyP7Mn0uDQDnZHLcYFrjs61ZKYRBx3lOYP4AaL1-kLUNAPRw5nKwqVXFquBtiFRxzV0uGR59WA6Md3hGhnCrgoLbdgBn6t9QmDNJ*GpOHUr9GWLiC4LdoAHLjTNoP34gYXyN1TeHoEGHQQUGLwhGNwIAAAC63LwKAAAAAA&img=9lUVaDCiLB1cWsREaajLDv4S1j4ur24OE-dJOO68XZLxoIaupt3eZcPoEtnMU9kYQwfol4khekAkKuEyEio8VbbKTCnqwVwTWVUe0fmA4JCbSydiwGb17CDWrwDt8LVDkCDBCzapuWCmsuecqKaM4m-5HSKjZSSTE1UOyR5FCmUCAAAAuty8CgAAAAA&img=T2hG6wCJHftfGLdfLlskVf8pKMdIbLyhMvdYB4z-ee6VgHVyd7Ivp78fvTpq32cNrkbhtQH8GlVDduTsZZIaVxGJniRcOdZmvhP76hffgt5vYa5OQN*SSqxln05*A2*cu4akLe5pW*uaRGy*X2KdNAIAAAC63LwKAAAAAA&script=Ez3nZZT0E8J-IcPkqCYMdt-I3UZ6yah12q0K5kdvcDBOb5gQB4L6KvqJeiTYJrvKO6DEhV-L-ypaK-51dTTOHQ6vbziqNYFa9I5W4iIkhXLzoToji5A-8bSoePxZiPmNmsaWGQvCyNRsPsMFa2C8BAIAAAC63LwKAAAAAA&img=dBwcB48cJ*ImoQxO763tytlMnVGBPCmb6u1VDa6WA2TQ5-eJpZSWHUUGRCsIi995GARQfTSEG7kXNlfPKtfDHln9zrsqFhLbrXhTvgJ9LbhzvEajEdIRviQL2mAv*DIKNZS5G1MnzyOcuT3vcHU196JegF7VET6N6dQ3Yg9PVT63V*FkOfQJJp4ufVSLpUPxaKsYohgCwivnmnRjifgKufdzrNRFadRugUJeYMFFQWwCAAAAuty8CgAAAAA&img=B5dIJv4k4tDD2W49CTvW-d-Sp72asXh7XENRrolS0RHE1ZVyfhtEVsDv-gvofcDP7QxvHYtf-ghlxyxGEgZJb2yKGfTSefsGAwibnEZ3TyQwYmZ7ZndTSgmQxLsGdxg-8ja8iI8gvRlcGnsk8ETrUgIAAAC63LwKAAAAAA&img=G98HvzvhEkeltu5fixSPeY1068tmgQ2kp8Bj6XX*9ReC2kxkcwWEvzCNOk9PW9aofOBVapQCQh5kCWZPS9G*oL2yIR7PFm419*GJdjVHLYm3nmaWGwvlRibCCztJ93*4AgAAALrcvAoAAAAA&img=xRnD7SuGWgKSZvRmHTK6ZRYcx8Zl*BegLgNtELNtB5-IKk5dSgCrF-GK26*4HZdc16l3OEESsU1oHTd6hiJS5EhaWtdgpDP45AcceTsXgT3agQffyGFUCZdJqOjiE3c7hBEHXoKPKtzbnOX5XTYUySCRLw30JPOwfe16nYEuoke7cXm6FMLeZPr57hBIpBth7HBEAJQqVoLdKXyc5o5zowIAAAC63LwKAAAAAA
Frame ID: 07047EF837EEC8B562FF62BEF80510B5
Requests: 1 HTTP requests in this frame

Frame: https://c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 431CF2E676F28DF6923221218B4CA6EA
Requests: 1 HTTP requests in this frame

Frame: https://0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: 653B6B7249A044AE4DCD1164AA132005
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: B1A9A78F3A94A28373940AFF24D13AF2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: FDD61D0FC5FA933EC930716DFDDBEEDB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Error

Detected technologies

LiveJournal (Blogs) Expand

Overall confidence: 100%
Detected patterns

url /\.livejournal\.com/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

83
Requests

100 %
HTTPS

54 %
IPv6

17
Domains

30
Subdomains

27
IPs

7
Countries

1875 kB
Transfer

4716 kB
Size

15
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://www.livejournal.com/
Title: LiveJournal

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/browse/
Title: Communities

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/syn
Title: RSS Reader

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/app/
Title: iOS & Android

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/support/
Title: Help

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/create
Title: CREATE BLOG Join

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/manage/settings/?cat=display
Title: English (en)

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/lostinfo.bml
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=facebook&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=twitter&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=google&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title: Google

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=rambler&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title: RAMBLER&Co ID

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=mailru&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title:

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=vkontakte&auto_forwhat=user%24bloodshot2020%24%2F277.html
Title:

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/legal/tos-en.bml
Title: User agreement

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/profaccount.bml?tired=ads
Title: Tired of ads? Upgrade to account with Professional package of service and never see ads again!

Search URL Search Domain Scan URL

URL: https://www.facebook.com/livejournal
Title: Follow us on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/LiveJournal
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/app/id1097099835?mt=8
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.livejournal.android
Title: Android

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/#/app/C101747491
Title: Huawei

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/betatest.bml
Title: v.445

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/about/
Title: About

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/developer/extshare
Title: Button "Share"

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960

Request Chain 30

https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9=&cs_ak_ss=1

Request Chain 36

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A827137736%3Arqn%3A1%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606985634404%3Ads%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C396%2C128%2C%2C%2C%2C1337%3Adsn%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C320%2C128%2C%2C%2C%2C1337%3Ati%3A2%3Ast%3A1606985636 HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A827137736%3Arqn%3A1%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606985634404%3Ads%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C396%2C128%2C%2C%2C%2C1337%3Adsn%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C320%2C128%2C%2C%2C%2C1337%3Ati%3A2%3Ast%3A1606985636

Request Chain 40

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9111.bI2SIYusbvTkuK5dxFyYDzTqN_9j9o-hnU7kxdARiCs5TLnspR5MYxvXar9ElfGm.9ATPm_Wo8NUtKZobW7kXbfhmt_E%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9111.oncFMU8yGHC7nZlUslUIV_MT2jbI1HiOwOtX8IzwJKY5UelmDo9Jb2q0EuGnAME088_OvfogZktJ1-7l2fHfB7W_skdg1RaC7Nv_ub014A8%2C.6V47cKkOVeQgiss72aId1Bn0OXY%2C

83 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set 277.html Show response
bloodshot2020.livejournal.com/ 262 KB
66 KB 938ms
633ms Document
text/html 81.19.74.5
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.74.5 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: efb9486ce2944b0b80edbd968cb4ac6bfda55f703d16d60255523f752252c4dc

Request headers

Host: bloodshot2020.livejournal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=50
X-AWS-Id: kr-ws35
X-LJ-Flow-ID: X8inogobA0EAAC57cDIAAAAU
Content-Encoding: gzip
Vary: Accept-Encoding
X-Varnish: 24985279
Age: 0
X-VWS-Id: kr-varn06.lj.rambler.tech
ETag: GgZz
Accept-Ranges: bytes
X-SplitTest: endless_scroll
Set-Cookie: splittest=endless_scroll; domain=.livejournal.com; path=/; Priority=High; Secure; SameSite=None; Max-Age=604800

GET
H2 200 capirs_async.js Show response
ssp.rambler.ru/ 454 KB
158 KB 345ms
159ms Script
application/x-javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/capirs_async.js

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

daafdcab0cf2f1726f029909ea6f94a584857bee4d99d5005290018578cc8708

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:55 GMT
content-encoding: gzip
last-modified: Mon, 23 Nov 2020 09:48:11 GMT
server: nginx
etag: W/"5fbb855b-71991"
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=60
x-passed: 0bal1
content-type: application/x-javascript
expires: Thu, 03 Dec 2020 08:54:55 GMT

GET
H/1.1 200
OK /
l-stat.livejournal.net/ 61 KB
12 KB 110ms
48ms Stylesheet
text/css 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1606918037
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f8ad5acd65bb4bad427614ff2a50a658dcaf71f4de101d904aaf86faab6601e3

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzW/G4ebUHa0JJSbbFcRQsvfOw
X-Gateway: front01.lj.rambler.tech
Connection: keep-alive
Content-Length: 11412
X-remaining-TTL: 537216
Last-Modified: Wed, 02 Dec 2020 14:07:17 GMT
Server: nginx
Cache-Control: public, max-age=537216
X-LJ-Flow-ID: X8efoQoaACQAABP@dPcAAAAE
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 41833878 48110621
Access-Control-Allow-Origin: *
X-VWS-Id: os-varn01.lj.rambler.tech
X-AWS-Id: os-ws05
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK /
l-stat.livejournal.net/ 292 KB
64 KB 113ms
50ms Stylesheet
text/css 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,notifications/list.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1606918037
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 403e4eecd577abe7ad25eacba6cccc07df6208e4ae89ce77ae0cedeb487c155e

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzW/WGJk1Zb6XQdP6t9LB6nNqg
X-VWS-Id: kr-varn01.lj.rambler.tech
X-Gateway: front09.lj.rambler.tech
Connection: keep-alive
Content-Length: 64453
X-remaining-TTL: 604689, 537266
Last-Modified: Wed, 02 Dec 2020 14:07:17 GMT
Server: nginx
X-LJ-Flow-ID: X8efwgobA0QAABItTbUAAAAY
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 46523775 21163891
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=537266
X-AWS-Id: kr-ws38
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK /
l-stat.livejournal.net/ 379 KB
287 KB 115ms
49ms Stylesheet
text/css 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??proximanova-opentype.css?v=1606918037
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8701bac585db7aae451cadb81c54bb1a7ffd2fd16ffaf07fb46128d02b0257c4

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzW/UC5txc/E6OXC77s3GZFdeA
X-Gateway: front01.lj.rambler.tech
Connection: keep-alive
Content-Length: 293605
X-remaining-TTL: 537217
Last-Modified: Wed, 02 Dec 2020 14:07:17 GMT
Server: nginx
Cache-Control: public, max-age=537217
X-LJ-Flow-ID: X8efoQobAyIAAGR-KH0AAAAH
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 49000409 50079868
Access-Control-Allow-Origin: *
X-VWS-Id: kr-varn07.lj.rambler.tech
X-AWS-Id: kr-ws04
Accept-Ranges: bytes
Content-Type: text/css

GET
H/1.1 200
OK / Show response
l-stat.livejournal.net/js/ 710 KB
237 KB 133ms
68ms Script
application/x-javascript 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8ac39c6bbefa356fc5b3d9a42bf09338113ed704927c942044fcf87cdf5f54c9

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzW/whmXEuqZRSEqlKgTS7G3jw
X-VWS-Id: kr-varn03.lj.rambler.tech
X-Gateway: front09.lj.rambler.tech
Connection: keep-alive
Content-Length: 242274
X-remaining-TTL: 604796, 537217
Last-Modified: Wed, 02 Dec 2020 14:07:17 GMT
Server: nginx
X-LJ-Flow-ID: X8efoAobAzMAAGQHg3EAAAAQ
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 44002872
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=537217
X-AWS-Id: kr-ws21
Accept-Ranges: bytes
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
l-stat.livejournal.net/js/ 148 KB
43 KB 141ms
61ms Script
application/x-javascript 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??scheme/schemius.js,widgets/angular/login.js,scheme/medius.js?v=1606918037
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6decab085976f8699c3b550b793a269926da5ee568d966e25a300bfbf548e9ca

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzW/bk1TTNcpgUySzmNpspW6ew
X-VWS-Id: kr-varn03.lj.rambler.tech
X-Gateway: front09.lj.rambler.tech
Connection: keep-alive
Content-Length: 43001
X-remaining-TTL: 604677, 537243
Last-Modified: Wed, 02 Dec 2020 14:07:17 GMT
Server: nginx
X-LJ-Flow-ID: X8ef9AobAywAAGDOg@AAAAAa
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 20094925
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=537243
X-AWS-Id: kr-ws14
Accept-Ranges: bytes
Content-Type: application/x-javascript

GET
H/1.1 200
OK print-logo.png
l-stat.livejournal.net/img/schemius/ 2 KB
3 KB 79ms
79ms Image
image/png 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzYGcFKOznFaw7EFLw6wHnuA
X-VWS-Id: os-varn01.lj.rambler.tech
X-Gateway: front05.lj.rambler.tech
Connection: keep-alive
Content-Length: 2249
X-remaining-TTL: 57099, 66439, 58939, 58643, 86400, 14838
Last-Modified: Thu, 01 Jan 1970 13:42:41 GMT
Server: nginx
X-LJ-Flow-ID: X2h59QobAysAAFq4wgkAAAAG
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 53226012
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14838
X-AWS-Id: kr-ws13
Accept-Ranges: bytes
Content-Type: image/png

GET
H/1.1 200
OK /
xc3.services.livejournal.com/ljcounter/ 35 B
704 B 427ms
102ms Image
image/gif 81.19.74.3
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xc3.services.livejournal.com/ljcounter/?d=srv:kr-ws35,r:0,j:0,uri:%22%2F277.html%22,vig:0,extra:

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

livejournal.com

Software

nginx /

Resource Hash

3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:56 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000;
Access-Control-Allow-Methods: GET, OPTIONS, POST, PUT, DELETE, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent
Content-Length: 35
Keep-Alive: timeout=50

GET
H2 200 AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Show response
fundingchoicesmessages.google.com/f/ 84 KB
32 KB 55ms
34ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

239e0f987bd87f35d702355546423eff84e7e0e869b73fb0c3584eab9bc3d2de

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wr0Kj+FJBp2xkJSfTDGaVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wr0Kj+FJBp2xkJSfTDGaVw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-wr0Kj+FJBp2xkJSfTDGaVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wr0Kj+FJBp2xkJSfTDGaVw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3874
date: Thu, 03 Dec 2020 07:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Thu, 03 Dec 2020 09:49:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 81 KB
31 KB 37ms
16ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a88c0c87c03f2b7aba811668db9da22788ce669d5111c161a9e0e176a28f4de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31143
x-xss-protection: 0
last-modified: Thu, 03 Dec 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 03 Dec 2020 08:53:55 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 84ms
27ms Script
application/x-javascript 95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 04 Dec 2020 08:53:55 GMT

GET
H/1.1 200
OK logo.svg
l-stat.livejournal.net/img/schemius/ 3 KB
2 KB 58ms
58ms Image
image/svg+xml 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/logo.svg?v=51065
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1606918037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2

Request headers

Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1606918037
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZz3z079X2cVU4y1yrKm4XODA
X-Gateway: front05.lj.rambler.tech
Connection: keep-alive
Content-Length: 1362
X-remaining-TTL: 15048
Last-Modified: Thu, 01 Jan 1970 14:11:05 GMT
Server: nginx
Cache-Control: public, max-age=15048
X-LJ-Flow-ID: X2hJFwobAzoAAE7P1RIAAAAJ
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 63093317 4021175
Access-Control-Allow-Origin: *
X-VWS-Id: kr-varn05.lj.rambler.tech
X-AWS-Id: kr-ws28
Accept-Ranges: bytes
Content-Type: image/svg+xml

GET
H/1.1 200
OK s-icons.svg
l-stat.livejournal.net/img/schemius/ 15 KB
6 KB 32ms
32ms Image
image/svg+xml 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/s-icons.svg?v=40651
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1606918037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358

Request headers

Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1606918037
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Content-Encoding: gzip
ETag: GgZzPs10q9OPQj9DZHt/ejloHw
X-VWS-Id: kr-varn02.lj.rambler.tech
X-Gateway: front05.lj.rambler.tech
Connection: keep-alive
Content-Length: 5618
X-remaining-TTL: 57106, 33028, 64185, 77727, 83187
Last-Modified: Thu, 01 Jan 1970 11:17:31 GMT
Server: nginx
X-LJ-Flow-ID: X2gWMQoaACUAAAg7xDcAAAAZ
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
X-Varnish: 35546903 25888022
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=83187
X-AWS-Id: os-ws06
Accept-Ranges: bytes
Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead

Request headers

Origin: https://bloodshot2020.livejournal.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d

Request headers

Origin: https://bloodshot2020.livejournal.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

Request headers

Origin: https://bloodshot2020.livejournal.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK top100.js Show response
st.top100.ru/top100/ 60 KB
21 KB 417ms
198ms Script
application/javascript 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.9 /
Resource Hash: fb0601da73f3d87bf5853b84a3697b22e6f08c4c076d6a769dfab189f6d72947

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:56 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jan 2020 17:53:36 GMT
Server: nginx/1.17.9
ETag: W/"5e20a320-efdd"
Vary: Accept-Encoding
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
Expires: Thu, 03 Dec 2020 09:53:56 GMT

GET
H/1.1

200
OK

166632960
www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960

43 B
458 B

42ms
41ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.1.0/1.14.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 08:53:55 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: ms-counter-3.1.0/1.14.0
Content-Type: image/gif
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 08:53:55 GMT
Server: ms-counter-3.1.0/1.14.0
Strict-Transport-Security: max-age=2678400
Content-Type: image/gif
Location: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/166632960
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK 001001.gif
awaps.yandex.ru/0/9999/ 43 B
303 B 146ms
56ms Image
image/gif 2a02:6b8::131
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://awaps.yandex.ru/0/9999/001001.gif?0-0-37892-0-&timestamp=37892&awcode=6&subsection=0

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::131 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=5
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 368 KB
94 KB 176ms
87ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:55 GMT
content-encoding: br
last-modified: Wed, 02 Dec 2020 18:57:18 GMT
etag: "5f993b61-17714"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 96020
expires: Thu, 03 Dec 2020 09:53:55 GMT

GET
H2 200 recommender.js Show response
rcmjs.rambler.ru/static/ 25 KB
25 KB 359ms
169ms Script
application/javascript 91.192.149.38
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://rcmjs.rambler.ru/static/recommender.js

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.192.149.38 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

rcm.rambler.ru

Software

nginx /

Resource Hash

9846d3c4604e8e98eca930c407c1e2dcc12a8cd18808218bae4c2f6574703c99

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:55 GMT
last-modified: Wed, 02 Dec 2020 09:58:30 GMT
server: nginx
etag: "5fc76546-6370"
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=3600, must-revalidate
x-passed: 1bal1
accept-ranges: bytes
content-type: application/javascript
content-length: 25456

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 116 KB
40 KB 113ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0cb74bc278181ad682014972d7d0cc7dcc08a344430f3ec7a42ea995f3f931ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:55 GMT
content-encoding: br
last-modified: Wed, 02 Dec 2020 18:57:18 GMT
etag: "5fc7be55-a0ce"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 41166
expires: Thu, 03 Dec 2020 09:53:55 GMT

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 356 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2857415d04d8bcf01c7ee863ab2e916944ef24a45ef80255c5513bf0120cb05

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK main.js Show response
static-mon.yandex.net/static/ 101 KB
102 KB 160ms
72ms XHR
application/javascript 2a02:6b8::402
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/main.js?pid=livejournal
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: /
Resource Hash: 78fda08d849adc0de3cbb80190a5522386075545a61ca5afd1ecc8840c893a89

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:55 GMT
Nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
X-Amz-Request-Id: 8f5c820833eaedc6
Transfer-Encoding: chunked
X-Yc-S3-Bucket-Tags: {}
X-Consumed-Content-Encoding: gzip
Last-Modified: Thu, 03 Dec 2020 08:53:55 GMT
X-Robots-Tag: noindex, noarchive, nofollow
Vary: Origin
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel"}]}
X-Amz-Version-Id: null
Access-Control-Allow-Origin: https://bloodshot2020.livejournal.com
Access-Control-Expose-Headers: Content-Lenght
Cache-Control: max-age=600,private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript
Content-Lenght: 103835

GET
H/1.1 200
OK / Show response
l-api.livejournal.com/__api/ 92 B
529 B 168ms
84ms Script
application/javascript 184.30.212.126
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://l-api.livejournal.com/__api/?callback=jQuery4463851sitemessage__get_message&request=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22sitemessage.get_message%22%2C%22params%22%3A%7B%22locale%22%3A%22en_US%22%2C%22country%22%3A%22CH%22%7D%2C%22id%22%3A446385%7D
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.126 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-126.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 653cc4ae826cbd1e145fda2fa81d2c5d592a962711436d683165d85c7ff5a78d

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 03 Dec 2020 08:53:56 GMT
Server: nginx
X-LJ-Flow-ID: X8idPAobAyQAAEZnLeYAAAAb
X-VWS-Id: os-varn01.lj.rambler.tech
X-Varnish: 66729169 55174934
X-AWS-Id: kr-ws06
X-Gateway: front01.lj.rambler.tech
Cache-Control: max-age=600, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
Content-Length: 92
Expires: Thu, 03 Dec 2020 09:09:32 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
452 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-24823174-1&cid=1642268021.1606985636&jid=1528001519&gjid=2113728973&_gid=1837308037.1606985636&_u=IGDAgEABAAAAAE~&z=294474351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 03 Dec 2020 08:53:55 GMT
content-type: text/plain
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1105509531&t=pageview&_s=1&dl=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&ul=en-us&de=UTF-8&dt=Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1528001519&gjid=2113728973&cid=1642268021.1606985636&tid=UA-24823174-1&_gid=1837308037.1606985636&z=1974127889

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 09:44:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83340
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1105509531&t=event&ni=1&_s=2&dl=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&ul=en-us&de=UTF-8&dt=Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=not_blocked&_u=IGDAgEABAAAAAE~&jid=&gjid=&cid=1642268021.1606985636&tid=UA-24823174-1&_gid=1837308037.1606985636&z=1103275227

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 09:44:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 83340
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9=&cs_ak_ss=1

0
528 B

29ms
29ms

Image
text/plain

95.101.55.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9=&cs_ak_ss=1
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.55.60 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-55-60.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 08:53:56 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1606985635922&ns_c=UTF-8&cv=3.5&c8=Error&c7=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 03 Dec 2020 08:53:55 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXhnGWE5vbT_Dex6lqLB1ZFoiXvthaeSVLoxjqGudWI39dYK6c-5i41qzU9lwlL6D7fXkWSWRs4MAFBlZ2eaA8= Show response
fundingchoicesmessages.google.com/l/ 0
824 B 107ms
81ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXhnGWE5vbT_Dex6lqLB1ZFoiXvthaeSVLoxjqGudWI39dYK6c-5i41qzU9lwlL6D7fXkWSWRs4MAFBlZ2eaA8=?pvid=7F401FF3-21CC-48EE-BA02-677C8AA63CFF&anonid=786E89D7-692E-4228-B64F-6BDD59BF0387

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.cAYyW0aqEbA.es5.O/d=1/ct=zgms/rs=AJlcJMzz3QzHbkzVg1bTA42IcyWB5ksZKw/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-n678dVCOu13gUrpfYMipvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-n678dVCOu13gUrpfYMipvQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-n678dVCOu13gUrpfYMipvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-n678dVCOu13gUrpfYMipvQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXvlxK-iMNef9mL25yH1gxhg0WcP2DbT7rJ10F-2PW_y6a8dudsmHtH1ahhEq5aoxTSoialgnd3_-9ay3UGiyA= Show response
fundingchoicesmessages.google.com/f/ 81 KB
31 KB 61ms
47ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvlxK-iMNef9mL25yH1gxhg0WcP2DbT7rJ10F-2PW_y6a8dudsmHtH1ahhEq5aoxTSoialgnd3_-9ay3UGiyA=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjA2OTg1NjM1LDk1ODAwMDAwMF0sIjdGNDAxRkYzLTIxQ0MtNDhFRS1CQTAyLTY3N0M4QUE2M0NGRiIsIjc4NkU4OUQ3LTY5MkUtNDIyOC1CNjRGLTZCREQ1OUJGMDM4NyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e000689b84af589027b0e54923f758e07b3e011df4b2e45dad8df3b427fbfe76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kTy42IAC6EjxoHvsizlwBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kTy42IAC6EjxoHvsizlwBw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-kTy42IAC6EjxoHvsizlwBw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kTy42IAC6EjxoHvsizlwBw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 userip Show response
ssp.rambler.ru/ 15 B
142 B 267ms
88ms XHR
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/userip
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: 4a3f346ea5e34560b02f7ea3e1d25dc99ab15c8e6319ed99d7a93c5434623478

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Dec 2020 08:53:56 GMT
x-passed: 0bal1
server: nginx
content-length: 15
content-type: application/octet-stream, text/plain

GET
H2 200 getid Show response
ads.adfox.ru/ 36 B
447 B 210ms
79ms Script
application/x-javascript 77.88.21.179
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=4212426510

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

adfox-external-l3-engine.stable.qloud-b.yandex.net

Software

Resource Hash

1a84dde79f3957f91e5f0244f67422af6455d0e4dfe277dc84059ee1d840874c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1105509531&t=event&_s=3&dl=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&ul=en-us&de=UTF-8&dt=Error&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Metrika&ea=init-sucsess&el=27737346&_u=KGDAgEABAAAAAE~&jid=&gjid=&cid=1642268021.1606985636&tid=UA-24823174-1&_gid=1837308037.1606985636&z=1633028807

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 18:12:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52887
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%...

35 B
116 B

48ms
47ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A827137736%3Arqn%3A1%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606985634404%3Ads%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C396%2C128%2C%2C%2C%2C1337%3Adsn%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C320%2C128%2C%2C%2C%2C1337%3Ati%3A2%3Ast%3A1606985636

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Dec-2020 08:53:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 35
x-xss-protection: 1; mode=block
expires: Thu, 03-Dec-2020 08:53:56 GMT

Redirect headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
last-modified: Thu, 03-Dec-2020 08:53:56 GMT
location: /watch/3/1?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A827137736%3Arqn%3A1%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606985634404%3Ads%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C396%2C128%2C%2C%2C%2C1337%3Adsn%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C320%2C128%2C%2C%2C%2C1337%3Ati%3A2%3Ast%3A1606985636
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 03-Dec-2020 08:53:56 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 44ms
44ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
last-modified: Wed, 02 Dec 2020 18:57:18 GMT
etag: "5fc7be55-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 03 Dec 2020 09:53:56 GMT

GET
H2 200 context.js Show response
an.yandex.ru/system/ 140 KB
41 KB 157ms
69ms XHR
text/javascript 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

1f1cc495456ae320ee2aabfff008bf85e7687f4e31a0949c5387645a3a896aa9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: br
server: nginx/1.12.2
etag: 4110106967
x-yandex-req-id: 1606985636269235-1551828817704894512300159-production-app-host-man-pcode-51
strict-transport-security: max-age=31536000
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Thu, 03 Dec 2020 09:53:56 GMT

GET
H/1.1 200
OK /
kraken.rambler.ru/cnt/ 43 B
790 B 334ms
110ms Image
image/gif 81.19.89.17
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&pid=1111412&rid=1606985636.164-1691052342&tid=t1.1111412.631727660.1606985636164&v=1.8.0&rn=1714025661&bs=1600x1200&ce=1&rf&en=UTF-8&pt=Error&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-60&fv&sv&lv&cv=uid&url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html
Requested by: Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.17 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.17.7 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 03 Dec 2020 08:53:56 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.17.7
Access-Control-Allow-Methods: GET, POST, OPTIONS
P3P: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif, image/gif
Access-Control-Allow-Headers: content-type
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9111.bI2SIYusbvTkuK5dxFyYDzTqN_9j9o-hnU7kxdARiCs5TLnspR5MYxvXar9ElfGm.9ATPm_Wo8NUtKZobW7kXbfhmt_E%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9111.oncFMU8yGHC7nZlUslUIV_MT2jbI1HiOwOtX8IzwJKY5UelmDo9Jb2q0EuGnAME088_OvfogZktJ1-7l2fHfB7W_skdg1RaC7Nv_ub014A8%2C.6V47cKkOVeQgiss72aId1Bn0OXY%2C

43 B
334 B

47ms
47ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9111.oncFMU8yGHC7nZlUslUIV_MT2jbI1HiOwOtX8IzwJKY5UelmDo9Jb2q0EuGnAME088_OvfogZktJ1-7l2fHfB7W_skdg1RaC7Nv_ub014A8%2C.6V47cKkOVeQgiss72aId1Bn0OXY%2C

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9111.oncFMU8yGHC7nZlUslUIV_MT2jbI1HiOwOtX8IzwJKY5UelmDo9Jb2q0EuGnAME088_OvfogZktJ1-7l2fHfB7W_skdg1RaC7Nv_ub014A8%2C.6V47cKkOVeQgiss72aId1Bn0OXY%2C
date: Thu, 03 Dec 2020 08:53:56 GMT
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 14%3A706231
an.yandex.ru/mapuid/adfox/ 43 B
328 B 139ms
52ms Image
image/gif 2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adfox/14%3A706231?jsredir=1

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
content-type: image/gif; charset=utf-8
last-modified: Thu, 03 Dec 2020 08:53:56 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03 Dec 2020 08:53:56 GMT

GET
H2 204 sync2.204
profile.ssp.rambler.ru/ 0
169 B 281ms
96ms Image
text/plain 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profile.ssp.rambler.ru/sync2.204?anket_id=14%3A706231&pid=85&ruid=pA8AAN9Js1dozssCAcDx1wA%3D

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=0
x-passed: 2bal1
server: nginx
date: Thu, 03 Dec 2020 08:53:56 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2 200 27737346 Show response
mc.yandex.ru/watch/ 202 B
236 B 49ms
49ms XHR
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/27737346?wmode=7&page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_comments_style%22%3A%22s1%22%2C%22pd_page_title%22%3A%22Error%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afp%3A1327%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A651364568%3Arqn%3A1%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606985634404%3Ads%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C396%2C128%2C%2C%2C%2C1337%3Adsn%3A11%2C293%2C633%2C79%2C0%2C0%2C%2C320%2C128%2C%2C%2C%2C1337%3Arqnl%3A1%3Aadb%3A2%3App%3A3629563401%3Ati%3A2%3Ast%3A1606985636%3At%3AError

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ee3d4c58e689d8b44ea02266eb05dd381cfd9f39116ebe097882abf571667e82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 03-Dec-2020 08:53:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 202
x-xss-protection: 1; mode=block
expires: Thu, 03-Dec-2020 08:53:56 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/27737346/ 43 B
73 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/27737346/1?page-url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A3co3dc2h0k1v5l%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A302%3Acn%3A1%3Adp%3A1%3Als%3A0%3Ahid%3A977342790%3Az%3A60%3Ai%3A20201203095356%3Aet%3A1606985636%3Ac%3A1%3Arn%3A381490200%3Arqn%3A2%3Au%3A1606985636316732317%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1606985634404%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1606985636

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
last-modified: Thu, 03-Dec-2020 08:53:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03-Dec-2020 08:53:56 GMT

GET
H3-Q050 200 / Show response
fundingchoicesmessages.google.com/f/AGSKWxXaNFD8BkdkRNwpuhhGX9QQCQ1gZJEfCzadnWeNW6m3npUzmcC0iq3t3g8HbRSZqpyoJqgk_-zEUrGecbetwmzWsnmIR5yHlbKlugaze_Ewx2p4_Th0QfTQVEk4T3nbd0G95mEtJ1XGmpDEJDlL_hIh-rQVE... 54 B
423 B 23ms
22ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXaNFD8BkdkRNwpuhhGX9QQCQ1gZJEfCzadnWeNW6m3npUzmcC0iq3t3g8HbRSZqpyoJqgk_-zEUrGecbetwmzWsnmIR5yHlbKlugaze_Ewx2p4_Th0QfTQVEk4T3nbd0G95mEtJ1XGmpDEJDlL_hIh-rQVEpzj5HUVbFGkOE2ZHb3ySBdXccdWs_wRemPrfDmuu4QIp_tyggO-QdZtHL0Vjdr12qEDXvkrzOGM_eeG-Bs=/_-ad-unit//adchoice__468x80__ad_integration.-ads-manager/

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.DRBECW0si-w.es5.O/d=1/ct=zgms/rs=AJlcJMz3ZAanAlKvTmFxHwH20SUgzoqhVQ/m=detection

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9ca231f1644a1b81aafbb32cf6f8335ec0697a07f8efcf9e2e1355c8b01c5b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dyMyP0Wmo/8KIQiABHPD4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dyMyP0Wmo/8KIQiABHPD4w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-dyMyP0Wmo/8KIQiABHPD4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-dyMyP0Wmo/8KIQiABHPD4w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 07:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3370
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 20658
x-xss-protection: 0
server: cafe
etag: 3049979879964453995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Thu, 03 Dec 2020 08:57:46 GMT

POST
H3-Q050 204 AGSKWxVXGe4n2_U-EF89F1oWjAeRBttLgPgt1s4FfDoSuMkAMHNdle32SVaYQyPa80_gazFeFB2733xVnCeAh_MjeXK748TVxYmk9EV8WE4oiL35-wRwoGZ4VlMots1JsSMjYAGuTQzYUqDMbm77GT81McNk6oS5pPnz4d18UhUPJHAkS4hH23U6CR5hTswa Show response
fundingchoicesmessages.google.com/l/ 0
347 B 88ms
88ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxVXGe4n2_U-EF89F1oWjAeRBttLgPgt1s4FfDoSuMkAMHNdle32SVaYQyPa80_gazFeFB2733xVnCeAh_MjeXK748TVxYmk9EV8WE4oiL35-wRwoGZ4VlMots1JsSMjYAGuTQzYUqDMbm77GT81McNk6oS5pPnz4d18UhUPJHAkS4hH23U6CR5hTswa

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-itGwHaDXPEgHPrfkoTouZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-itGwHaDXPEgHPrfkoTouZA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-itGwHaDXPEgHPrfkoTouZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-itGwHaDXPEgHPrfkoTouZA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxVXGe4n2_U-EF89F1oWjAeRBttLgPgt1s4FfDoSuMkAMHNdle32SVaYQyPa80_gazFeFB2733xVnCeAh_MjeXK748TVxYmk9EV8WE4oiL35-wRwoGZ4VlMots1JsSMjYAGuTQzYUqDMbm77GT81McNk6oS5pPnz4d18UhUPJHAkS4hH23U6CR5hTswa Show response
fundingchoicesmessages.google.com/l/ 0
346 B 82ms
81ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kQwlOLne4Sh3ltlEfBikOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kQwlOLne4Sh3ltlEfBikOQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-kQwlOLne4Sh3ltlEfBikOQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kQwlOLne4Sh3ltlEfBikOQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxVXGe4n2_U-EF89F1oWjAeRBttLgPgt1s4FfDoSuMkAMHNdle32SVaYQyPa80_gazFeFB2733xVnCeAh_MjeXK748TVxYmk9EV8WE4oiL35-wRwoGZ4VlMots1JsSMjYAGuTQzYUqDMbm77GT81McNk6oS5pPnz4d18UhUPJHAkS4hH23U6CR5hTswa Show response
fundingchoicesmessages.google.com/l/ 0
344 B 81ms
81ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ODv7riz/1bZrd8Weom4yuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ODv7riz/1bZrd8Weom4yuQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-ODv7riz/1bZrd8Weom4yuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ODv7riz/1bZrd8Weom4yuQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxW4czIGsWD3--w_ra_JfllFipFtjshBjRMsH0lH-q2eRbgC7kMdQ6VL6wD_KEUKwAPIQwQ6CwFWW6IslLxZWCpf0_j9BDUUBEsHcU5zhL4QIBEX-l34LJBlna5Bkv66EQIr16JnJkSsBL7a_bTq7IcC5tQztWPsH3M9jen4NoIpAFhFJuCb95ZkrHg5 Show response
fundingchoicesmessages.google.com/f/ 63 KB
24 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4czIGsWD3--w_ra_JfllFipFtjshBjRMsH0lH-q2eRbgC7kMdQ6VL6wD_KEUKwAPIQwQ6CwFWW6IslLxZWCpf0_j9BDUUBEsHcU5zhL4QIBEX-l34LJBlna5Bkv66EQIr16JnJkSsBL7a_bTq7IcC5tQztWPsH3M9jen4NoIpAFhFJuCb95ZkrHg5?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjA2OTg1NjM2LDc2NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ

Requested by

Host: bloodshot2020.livejournal.com
URL: https://bloodshot2020.livejournal.com/277.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8bf8d108ee906a7d571b2c7c3f2f25a529aab1d3eeee8a4dc5e7e9091e6b006d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DunCMfbSnjZ8EYd1okpITg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DunCMfbSnjZ8EYd1okpITg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-DunCMfbSnjZ8EYd1okpITg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DunCMfbSnjZ8EYd1okpITg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxVXGe4n2_U-EF89F1oWjAeRBttLgPgt1s4FfDoSuMkAMHNdle32SVaYQyPa80_gazFeFB2733xVnCeAh_MjeXK748TVxYmk9EV8WE4oiL35-wRwoGZ4VlMots1JsSMjYAGuTQzYUqDMbm77GT81McNk6oS5pPnz4d18UhUPJHAkS4hH23U6CR5hTswa Show response
fundingchoicesmessages.google.com/l/ 0
347 B 91ms
91ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NWZ3sfXPKIPhpYQByBtmWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NWZ3sfXPKIPhpYQByBtmWA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-NWZ3sfXPKIPhpYQByBtmWA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-NWZ3sfXPKIPhpYQByBtmWA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ 14 KB
11 KB 101ms
101ms XHR
application/x-javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=536695695&first=1&block_id=536708283&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=0&rq_sess=9D45D25153C424DFF65FD49F018A1C84&secure=1&vcapirs=4_2_1&jparams=%7B%22puid49%22%3A%22%22%2C%22puid3%22%3A%22%22%2C%22puid4%22%3A%22NO%22%2C%22puid21%22%3A%22NO%22%2C%22puid10%22%3A%22NO%22%2C%22puid14%22%3A%22NO%22%2C%22puid1%22%3A%22%22%2C%22puid6%22%3A%22LIVEJOURNAL_JOURNAL%22%2C%22puid15%22%3A%22%22%2C%22pct%22%3A%22c%22%2C%22puid16%22%3A%22%22%2C%22puid7%22%3A%22%22%2C%22p1%22%3A%22blnun%22%2C%22criteo%22%3A%22crljn728%3D1%22%2C%22puid9%22%3A%22bloodshot2020%22%2C%22puid62%22%3A%220%22%2C%22puid59%22%3A%22%22%2C%22puid2%22%3A%22ENTRY%22%2C%22p2%22%3A%22y%22%2C%22puid35%22%3A%22%22%2C%22puid8%22%3A%22%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nLPJKMnNseOyyUhNTLGzKcksyUm1cy0qyi-y0YdwbPTBUlw2SfkplUBKH0ZDNAIAwvIU9w%3D%3D&browser_family=Chrome&browser_version=83.0.4103.61&os_family=Mac%20OS&os_version=10.14.5&device_type=1&top=60&left=0&fpruid=pA8AAN9Js1dozssCAcDx1wA%3D&lruid=pQ8AAKSnyF%2FcX4HvAR5P%2FAA%3D&callback=Begun_Autocontext_saveFeed1&url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

81cbb7098fa82a79367fd40448be801ea01eb81014ea4443a83c2be4718958e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-user-regionid: 1828
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount: 2
pragma: no-cache
last-modified: Thu, 3 Dec 2020 08:53:56 GMT
server: nginx
strict-transport-security: max-age=0
content-type: application/x-javascript; charset=windows-1251
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 0bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ 11 KB
8 KB 100ms
99ms XHR
application/x-javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=536695695&block_id=536708317&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=1&rq_sess=9D45D25153C424DFF65FD49F018A1C84&secure=1&vcapirs=4_2_1&jparams=%7B%22puid49%22%3A%22%22%2C%22puid3%22%3A%22%22%2C%22puid44%22%3A%22context_item1%22%2C%22puid4%22%3A%22NO%22%2C%22puid21%22%3A%22NO%22%2C%22puid10%22%3A%22NO%22%2C%22puid14%22%3A%22NO%22%2C%22puid1%22%3A%22%22%2C%22puid6%22%3A%22LIVEJOURNAL_JOURNAL%22%2C%22puid15%22%3A%22%22%2C%22pct%22%3A%22a%22%2C%22puid16%22%3A%22%22%2C%22puid7%22%3A%22%22%2C%22p1%22%3A%22bsrxy%22%2C%22puid9%22%3A%22bloodshot2020%22%2C%22puid62%22%3A%220%22%2C%22puid59%22%3A%22%22%2C%22puid2%22%3A%22ENTRY%22%2C%22p2%22%3A%22feox%22%2C%22puid35%22%3A%22%22%2C%22puid8%22%3A%22%22%2C%22puid42%22%3A%2210%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2214%3A706231%22%7D&rq_type=0&grab=eyJncmFiX3ZlcnNpb24iOiA0fQp4nLPJKMnNseOyyUhNTLGzKcksyUm1cy0qyi-y0YdwbPTBUlw2SfkplUBKH0ZDNAIAwvIU9w%3D%3D&browser_family=Chrome&browser_version=83.0.4103.61&os_family=Mac%20OS&os_version=10.14.5&device_type=1&top=119&left=0&fpruid=pA8AAN9Js1dozssCAcDx1wA%3D&lruid=pQ8AAKSnyF%2FcX4HvAR5P%2FAA%3D&callback=Begun_Autocontext_saveFeed2&url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

c22231cf65e6bf10cc9638e8a6aae1be05a75ffd33c83ddcf1fbc22467c098f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
content-encoding: gzip
x-user-regionid: 1828
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-begun-graphcount: 2
pragma: no-cache
last-modified: Thu, 3 Dec 2020 08:53:56 GMT
server: nginx
strict-transport-security: max-age=0
content-type: application/x-javascript; charset=windows-1251
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 0bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H3-Q050 204 AGSKWxXjKiNHSuSxfIIoZRqrLyv1U995hpdBMj6CoFQMFS66MlTQPgco8RULUJy1Nq86ATX9hDjOtbbxzvjPdDA_pslKm8H3wMf9-2_hFNwAHcfTAx8cy1UR-q2ntCuyOXwis-DKLV1IQQ4-60fS6O-nwskcm0CUEqsP3tOCTbalP0w1DyQo2IonP02mYosg Show response
fundingchoicesmessages.google.com/l/ 0
346 B 79ms
79ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXjKiNHSuSxfIIoZRqrLyv1U995hpdBMj6CoFQMFS66MlTQPgco8RULUJy1Nq86ATX9hDjOtbbxzvjPdDA_pslKm8H3wMf9-2_hFNwAHcfTAx8cy1UR-q2ntCuyOXwis-DKLV1IQQ4-60fS6O-nwskcm0CUEqsP3tOCTbalP0w1DyQo2IonP02mYosg

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.9tPNO7r3z_c.es5.O/d=1/ct=zgms/rs=AJlcJMxEMBg1Ow7G1zxXNbmx4tl8DBc-Ww/m=cookie_refresh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MvDMGruiC9dl9Ed4XJpXaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MvDMGruiC9dl9Ed4XJpXaA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-MvDMGruiC9dl9Ed4XJpXaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-MvDMGruiC9dl9Ed4XJpXaA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXjKiNHSuSxfIIoZRqrLyv1U995hpdBMj6CoFQMFS66MlTQPgco8RULUJy1Nq86ATX9hDjOtbbxzvjPdDA_pslKm8H3wMf9-2_hFNwAHcfTAx8cy1UR-q2ntCuyOXwis-DKLV1IQQ4-60fS6O-nwskcm0CUEqsP3tOCTbalP0w1DyQo2IonP02mYosg Show response
fundingchoicesmessages.google.com/l/ 0
807 B 96ms
96ms XHR
text/html 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-00lmvckdBm7CDbPO7295Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-00lmvckdBm7CDbPO7295Tg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 03 Dec 2020 08:53:56 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-00lmvckdBm7CDbPO7295Tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-00lmvckdBm7CDbPO7295Tg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 file.jsp Show response
img01.ssp.rambler.ru/ 1 KB
1 KB 325ms
107ms XHR
application/x-html 91.192.149.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.ssp.rambler.ru/file.jsp?url=6vMcO0rotanb08QgIAd-OPBUGFOdE2WWccRkVUtCyTo3UmnhhK2IXf*NXJRV3p1Df6pdbAQF4gQMy1j0Eo5jbM0bStaHK2fNle556m-81LwWl-g0kYNtFq2ThTSXEVsW-lUMNkktRilg3-H41wjVmQegsbl-VHGNyg58NW1qcnPABi42AWQrZf1PokZ1BVJyBbIWDCH6s5mLAdy0GGaqr0zUVywtQ5OBo9CM8ZAyqUjvpuZTpF4iaEe569TRvr4HIMOFys6t4zhpwEw5tT0V1iDs3041kaXstELj7dzeKlbP4et*W4U-6IB9K2b-NTKQOD58GX*KQVYYxS2nQN-TDLwE0iD2eG-j76sMiivJoWcPYfFcIakBzpFCe-myBdRTWngMmLrdKuXpJVptIRn8Uky2-ACO9SCWtYgFDBZK*3F8ApciIfyaHrE-2yVczmSMikB9TL8izhrfdImxeZwwyWW-3ZDrnVe5XsRdvwUL2fF1xQ5L7R-GQ-BKOCUdo6xzjXSbpaVbrliqBZDYWe0-quP1rJJpURRRRLZsYCxgAliKG*LARsqwdb41rUljWV5wKKP5CklEaanQ6GWn1fRPhL*F1XnDIm8sHHs9OPXx8ZW6e7SGYfhhfuAQ80dYdiMDPmWbV-LzGr6KbXvOrlImQQ5xGjneZE-cdPgszNbJmfrjncwK5sZ8oR2baKpIF0XrkxbATefJ3FKyXPV4ZCiuzqp-oUQFse*MLZ3goi7t109zmsULyquQ9Yq7hFc3kgvDecyI78rGFOiW-sjQo-3weglbWECzlSJGogHvNV0k*vcoPK-vItyUGJZKYPb3q*DGO4K1E4Y7bAfq2QKqv7GsyanI8aRG8KHyo42F8c-anhibD2TKz00585GkSehwdkOBMmLznlZ-MK*Lla20NIS5IuO9GRrptZtfN-5nOA*DDnyIZWQCmpDx0s1oJ6Imd5T8A8k6QTtLB*7*KAWOujegsGnX2eLeY5UIGXy7R-N1-Vlsok5iaAoEEFhxU1PJaC3eI6YdLzILebL4S*0dGeWYpNlxgn7BMtoPab3sqNT0FKybTJzf24*T2BC56T3MVLR7X90MW50*C32C3iguCTAFxI*4LOOpCWLCPjpqOyOzhCEuysSpbHrfDcxnD2nKvwx514rem*-c68hJBDsao*yeLSlFpkp*qQGi0YzrZADPDSrfs1a**S8RA580c7NSOmXvhM3AMYt3dfb0Rt3iC5SJVt0gL6LLG8rB3LompGdiykUHEunDUSEk*Dp-utgSY8OI4e0tOtDT7mbP16ZHgWcc2Oo5U5GW5X9rEzBatkEPmm0GLWzV1up1GD6qPQ62*eQhvAZ0M4S-9ZX2BLKCzbnvvq0Q5hKBkbbymPU0*y*kRfDSfD5OjOHW5Ga598lSpdU2g5JwzGUILZxN76Qb7xGSe18KZAb4ygu7mIoEKrLoujAxlcNBjHx2wCO9QzOTVIXTAFHDaYHE3729BxQ4aUwYpR4TL1R6eahBiKaA0H1Ziu2dtT4HGF8O*t8tOsvitGI77jWHB2IGVMVEuWljgY69M6zk1xPJZaWPUk87-eKgqWkVtfdbTdnFWtNTeUnzZjL1BvnQEVemnqUF13WHCITQKrqgdezAr7qoL8fdd6vU3Aq8g4OqjExAJMO9W2TfupZKfH5xhY4pFcp7RNO*hSjh52IKwECpD*4eUND8J-dlFbcyTESc1t9BQJh5ikaF2Fxo1USC0-sVW7hK2OjHrPM0sWpKeBh6YegxVFm5UiFSVUxDPs*KueDNtiTyjJh6V5VcHsmNj3h28ewwXGakbhmVRg7DFNoPFQRk7O7EWIqnea9PByH5-WcBEQ9gJtXHjV*5RCrEMWi3p065ihN0uOhUTgIAAAC63LwKAAAAAA&eurl%5B%5D=2T3zGeQZcMFsgFI8SQvdGR2gVmRWY1YHLbG1yeLqDrcloFMXuoV7VUx00Ucc827w4Q57wm-5ClCmIERo6M58vejRhDbbYSinp8WZzli*spgCAAAAuty8CgAAAAA&seq=0

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

ac99aabffd3db8f6b2b7e3a368ac1b77b176e33dcc090670d01c5d3a1fa460e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
server: nginx
x-begun-impressionid: 5fc88-a7a46-00940
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin: https://bloodshot2020.livejournal.com
access-control-allow-credentials: true
x-passed: 1bal1
content-type: application/x-html; charset=Windows-1251
content-length: 1099

GET
H2 200 file.jsp Show response
img01.ssp.rambler.ru/ 1 KB
1 KB 341ms
189ms XHR
application/x-iframe-html 91.192.149.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img01.ssp.rambler.ru/file.jsp?url=pKhAn0q536E-99Qp-JBa7M7mV3TAaze1jGbAWbe*xpuv*M86NqwNp9RvM0bnTumLupRDXinSlZzdlQc2z--UQuFk3CqLsJGaV1e6UKoo5Z7lyW-tuaVCvi-ahpKtGjjXPUHFIoEPLYIYlk1*AyfPXznwbdObTnTV9qvg45iDZmk-PS7niippCiq6HyN4QCnKIcB*GsV17WGIL8s-XgcwWh2fPy9-*K*HUPcTEoNFrOmnw0GjiaN245dm-rGrJGRTdnjvwRCOsYz7*c9bRyjxjBZd8mPSw1kg6IPaFLyPfNxDTzvyUESSYwhafPDuHLbbEMDTQOBYjeu1QftOMj2GT7gY9ckc6itU4m*U1gY3ogUOCFq8x6dX7NJFlVpZEdei0iahRypAriKDVkvQiovUPCXefPnJCRWTzkSoZiajFn5kaijQruCKW1ZB1isqJb6Vb4LHoAcEb9JxvWxKgY9NLGi*l1HzSby7pRiXxgve95HATtzD0CUHxo3c59yu6*omcnJZ5NuQAJv7CXrjR-uNpWYUOm8Q7ng3666E*YFUEDETfrgDFZwn2s3-DnHSft*N1*-Q4lnIiixnCRBOPPjoUsLLYQCdEZDh4jhGFEXZUtqIb*2EeI2On9i4ESOuNXhVnyyg1tewQfITSJI-3uRyZNDPWVfOhUcsZJPKNNI58UPS2-CJm1svfY*9sqBmWhgXOcCHbhU5u0geNQnuWiUf5U4Ac0OG3g2OsMkhcAcy9pKE9qXjshdSzg6CpUWELNvyqPPzT9DO6f7wZQIkBR9qXXDmiCYyCt6iuE*2DFnDwURzE7baAbuv22RmgkbS0vbA8LMaw-ivusrWCHibWoVnC9V02ckgcSseroWsxlILSoxxa9GknELFNpXWA11GyoxGpB2k4r-Rvn7xtvkvYJPoUyECj91j92pTq8RFAbOemvgoXz22mCQxjfleR-oBHTIGQ8ojHSVbXLBE3pVVGHwNWBHpcxGzXeLqsu1ht1Xz*tBbswfN3-cuLxkwC5GH82G4HhhIBkkayvom-rk56KaLcAHOh04QyKVt7o5iaTMvGoNfv1nm0-0O8vu2CSc*fPshOh176teWZdHsmvCLDfveFduegdvD5apZhUjb3C9xzEyowT*4rX3UCuq9K8IjTsAmSjsrOLNQKCRJLsu42K3SOofUi3jyuzKalpL7vMIMw*NRq1I1XaNe99JQXoQ5pVQWeZKMJINzbxsbEptTEBS5DZqWhi-PMlwPS1umh*JH5oVPThucoVKj-6lPL6zGeElpvjc408rrjHlRlOJDiUMSfyD2Rhgy*5HoZvHWhDKxcyiuZOjckZpaOpNb1X4TDoBe6Jcg7s5NU5hCO389PyWVqC3IEzti34xs7hB71Q4UlmtfMC*vkSzKZqjcsO8Qk0pFR9hE17glyEk3ldoVoCFtDfxLj4HJrQ*mnCaGgQUf1djaRAcnAX7K68r5MruIwLxE9wsKX8o6OpGAs3WGDFYw2Uuldf71ztBkGNCOhx0plLqt5QqDpxk1ZylO2scN4dkb4VA5eD1MHVXV*fl60p0HfO4iCYa3e908Hva1xEm5HF8gCTkMjWJa3kMTmuKsT*Nt1GFdt9zyDXAvG44iYR6v-RtxLbGqjrpe0LknF3DlmRrpA-Nk2ndJ2PTwc5jfcXRhA1bH5HgTXng2MGf5ekD2GhByUDzEH2uR9i7rkVN8kTQAl2SsD*CNWMVDNxmpW0RF4No5tvyyj6iwGkMmnBcFtpOuQmTR0MeqxJV6KcOZRbHMGu9UBVuYxF7HQHmntbtAUXZ30Ifzz7ORXNacy-uQegkj4DaAEKuSQHK8uVeeOdvK4yysk4w7qcD0Eo-vD3o0cQF0w7xT*aUElBqX9gCilJTUxdnszDoPJP9T70GFdVcCAAAAuty8CgAAAAA&eurl%5B%5D=JlUwuwiHtk3HCA7s7aLzNGfnxSoNCvkZhFbUe7gciCQyk820H*84waB2nbEX7-aA8IuxbKjnR60WjEYOUen7qezfirqvKfZdVG*746nC77ICAAAAuty8CgAAAAA&seq=0

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

c0d1a67767e603dc552d6272168bc476fec92244d222c08e30373bc19091b778

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
server: nginx
x-begun-impressionid: 5fc8f-a7a48-80298
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-origin: https://bloodshot2020.livejournal.com
access-control-allow-credentials: true
x-passed: 1bal1
content-type: application/x-iframe-html; charset=Windows-1251
content-length: 1095

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 99ms
37ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

99eb1ca2d71707f36338e0515c92bb2cbbe145bdd139533b7495655bf77d6c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "712 / 867 of 1000 / last-modified: 1606951003"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18357
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:57 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0D49 53 KB
18 KB 38ms
38ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

45f8ed9fb8430b0153a3678b5036cd1c0e973ce950ca07755fb9ec5aab9a4f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "712 / 102 of 1000 / last-modified: 1606951125"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18358
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:57 GMT

POST
H2 200 blockstat_post Show response
ssp.rambler.ru/ 0
79 B 88ms
88ms XHR
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/blockstat_post
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
x-passed: 0bal1
server: nginx
content-length: 0

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 77ms
44ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:57 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0D49 277 KB
98 KB 63ms
42ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:57 GMT

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ Frame 0D49 109 B
803 B 132ms
43ms Script
application/javascript 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=bloodshot2020.livejournal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0D49 109 B
803 B 35ms
15ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodshot2020.livejournal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 0D49 69 KB
15 KB 500ms
500ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1130953253187875&correlator=1905266358676195&output=ldjh&impl=fifs&eid=21068855%2C21066995%2C21068480%2C21068812&vrg=2020111901&guci=2.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201203&iu_parts=267277916%2Clivejournal.com%2C100x70&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=728x90&prev_scp=sspimpressionid%3D5fc8f-a7a48-80298%26sspnext%3D1%26segments%3D%252C%252C%252C&cookie_enabled=1&cdm=bloodshot2020.livejournal.com&bc=31&abxe=1&lmt=1606985637&dt=1606985637570&dlt=1606985636989&idt=563&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=436&adys=129&adks=2987223720&ucis=met5v3uubtp0&ifi=1&ifk=1105776532&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&top=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=1600x90&ga_vid=1642268021.1606985636&ga_sid=1606985638&ga_hid=2017742582&ga_fc=true&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

da461ff82c471584d94b3ddb1c63a05a19c975b52bfb3b4c808d57e75cf4ceca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14920
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0D49 0
0 85ms
39ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
169 B 100ms
45ms Script
application/javascript 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=bloodshot2020.livejournal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 15ms
14ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bloodshot2020.livejournal.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 76 KB
16 KB 324ms
324ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3481278248576412&correlator=3997056151816760&output=ldjh&impl=fifs&eid=21065138%2C21068761%2C21068809&vrg=2020111901&guci=2.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201203&iu_parts=267277916%2Clivejournal.com%2CBillboard&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=970x250&prev_scp=sspimpressionid%3D5fc88-a7a46-00940%26sspnext%3D1%26segments%3D%252C%252C%252C&cookie_enabled=1&bc=31&abxe=1&lmt=1606985637&dt=1606985637603&dlt=1606985635345&idt=2240&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=60&adks=3497394805&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fbloodshot2020.livejournal.com%2F277.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x250&msz=1600x250&ga_vid=1642268021.1606985636&ga_sid=1606985638&ga_hid=1105509531&fws=0&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c472bdd4f665c194c71821bc50149171872e560da0c2a5fea5a8d1bad39f118f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15770
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bloodshot2020.livejournal.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 47ms
15ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 sandbox
profile.ssp.rambler.ru/ Frame 0704 0
0 94ms
93ms Document
text/html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ssp.rambler.ru/sandbox?img=KV5E06j*F2mselny80C8rTumqQFc71rpmHlA-3rmSOHSE45OpbFWJ1jpC-QZ2rMOFBGLjDo2AnQ0VKZ7SCntPE2z0rc6JGGKqi2E3ark-gE0lsntIs450PWUBc8HLja177Sc6xxCsv2E9X746T1hpWK0Lq6vJs*YDcRPQkE5H2TPCeOA6uEFhltf7zaiM-HBAgAAALrcvAoAAAAA&img=J8o5p6SaUi17jKJ3HSZyj-hKMRumOrmT5TU9zintJFeZSByRtl-**jXnMKxgD5nxjNTQL6X14jJDBD1qfXOfrnFwEMxDL0R64mxlj5mrtBWJM*K2CqolLuYza2xjFgarRfDPl077nPRE594oleQ93gIAAAC63LwKAAAAAA&img=I*Wp1KSVSPXxSLbTHnFrkL7EoQs5PpQB5xaJoRwwaUUAjd8kiT6TyghuNdslxlDZr4d-oi87ylqCqVcYpoeKbc0Z65d2ocLbFp8ctFqzf2KZlZFOAfVPBNLOBzER3CdeQTb81pj2AAXuM4dDXXVP7wIAAAC63LwKAAAAAA&img=2TlkSYVZMpDGtTvgkD8s3Aje-XIgam5lLeytP5YEYTjj0d1d1au8FYdPLtgTwT5UbYSx-*8pSkaeroDK496BONKTMx4gO8Y6nDPiFSkIoXvngmb0-*Gy*LbxgX7IcClLYSefa*zX49YhrInnQLRluH5RMxftRvPmpxlygzCha7VbaQjFC6EQZUmFjWES*Ke2oV0LR3SulMndkVHlWtOMiaxW5LbbgNypQnIMk4ghbFgZXIUYZw280mg6ygYhNxMcr85ILV4bcj*3w34D7F39pjlwWQVQLIPdC--Wbf5U7goCAAAAuty8CgAAAAA&img=CdJx0ypsIYttCDE0ldrut38MIWLSLYVcrNvDJle*eq4aqprCo4ooZUvTmG0eiyBOu2PvmlqRdnuMJWo-ZABX0JXWXPdTjPkKjf7zZNq54uocvWt*SIWwEZnsGel6Aj4CvFufJObrsbHsPxcMAy3UoQIAAAC63LwKAAAAAA&img=WgX6XRaXQnPUtP7-ZR4UNQDgv76M9m90shl6wtPAswq3YXMMGm45StLk7jB4ZnN*xoPUQxO24WK3vXRRWElfrIBkAHCN8hKHQF-6as-RR4njWuKS8D0vKp9evE-RxoQIup1BH5-bOmTPn2ZOd5p1ujO6T9D87rvuiJu9gpOs*7sCAAAAuty8CgAAAAA&img=JZzArnKJfOo2*wYPUwkg9zZoi8gaArt5PjSyEKINiK354jXd2zt9yFRaa9I7qKlD7Botn2mXwoM0QeSjyBl46kXnB4nhou8HiEXSpqdggFrcHzhrBm6KH0rn3SaDkYq0*lOK-iv6Qpb0We9B83gWDpzekdmil6cUz9sw3hOe5y8CAAAAuty8CgAAAAA&img=UnNxtIc3YJTo5aBO3bY2tyJHaDjDJrv1yekPH2K*j9Bvt1P12U0SomFDX4ehFNGfHokQAqxjaboyJMJaFgAGFjMGvzagldV3sDtutnU41Pr-w*NyP5VtvLlRZphg0IIvuh8oPmMcSVDx1X9RbpBemR4kHx1im2vpf6UrlR66JxoCAAAAuty8CgAAAAA&img=k542BKW2vGboNWhfZcpObjdi-rHN1r446KTmketw*A7x*J1MF16lLW16IR2naxPjj0hDL1gDqXwnpT-7i7996B9OfR8V2B4W4fK0Tc9UCbvEYXsO9O2GmVUgVS3rqpqhAgAAALrcvAoAAAAA&img=jQPBB50*roKl*hXff0*TPHSFAVwXlp6ZpaInr8BJ*HnC6h*Q9zQXTWRQ*EeLikSGDjfHeH03xc5vKXXiD2Fy5wYCvZe0d8m5JcuFUfKO41h8jirY0xZfMa80bTQY8-zmy27nCjeaH601DP3l-iO65CKrtrVaV78h5dGFOtPij-ECAAAAuty8CgAAAAA&img=qFOMAWdkXI1qjyPrAKmwZwH1HRzeLQOBgk5nviJI*aIm55CTifYhh9EN3NArZQxeeoUmAF68c16nhWzHS31cERa3csLriYF4E6iKwJRUB3euTyZqeLk2*LCN2FmqC56Ly6WmmbgbuQWp3L2U8Fsp4-bpWNaftmDsAfnlqjmKdEgCAAAAuty8CgAAAAA&img=LyP7Mn0uDQDnZHLcYFrjs61ZKYRBx3lOYP4AaL1-kLUNAPRw5nKwqVXFquBtiFRxzV0uGR59WA6Md3hGhnCrgoLbdgBn6t9QmDNJ*GpOHUr9GWLiC4LdoAHLjTNoP34gYXyN1TeHoEGHQQUGLwhGNwIAAAC63LwKAAAAAA&img=9lUVaDCiLB1cWsREaajLDv4S1j4ur24OE-dJOO68XZLxoIaupt3eZcPoEtnMU9kYQwfol4khekAkKuEyEio8VbbKTCnqwVwTWVUe0fmA4JCbSydiwGb17CDWrwDt8LVDkCDBCzapuWCmsuecqKaM4m-5HSKjZSSTE1UOyR5FCmUCAAAAuty8CgAAAAA&img=T2hG6wCJHftfGLdfLlskVf8pKMdIbLyhMvdYB4z-ee6VgHVyd7Ivp78fvTpq32cNrkbhtQH8GlVDduTsZZIaVxGJniRcOdZmvhP76hffgt5vYa5OQN*SSqxln05*A2*cu4akLe5pW*uaRGy*X2KdNAIAAAC63LwKAAAAAA&script=Ez3nZZT0E8J-IcPkqCYMdt-I3UZ6yah12q0K5kdvcDBOb5gQB4L6KvqJeiTYJrvKO6DEhV-L-ypaK-51dTTOHQ6vbziqNYFa9I5W4iIkhXLzoToji5A-8bSoePxZiPmNmsaWGQvCyNRsPsMFa2C8BAIAAAC63LwKAAAAAA&img=dBwcB48cJ*ImoQxO763tytlMnVGBPCmb6u1VDa6WA2TQ5-eJpZSWHUUGRCsIi995GARQfTSEG7kXNlfPKtfDHln9zrsqFhLbrXhTvgJ9LbhzvEajEdIRviQL2mAv*DIKNZS5G1MnzyOcuT3vcHU196JegF7VET6N6dQ3Yg9PVT63V*FkOfQJJp4ufVSLpUPxaKsYohgCwivnmnRjifgKufdzrNRFadRugUJeYMFFQWwCAAAAuty8CgAAAAA&img=B5dIJv4k4tDD2W49CTvW-d-Sp72asXh7XENRrolS0RHE1ZVyfhtEVsDv-gvofcDP7QxvHYtf-ghlxyxGEgZJb2yKGfTSefsGAwibnEZ3TyQwYmZ7ZndTSgmQxLsGdxg-8ja8iI8gvRlcGnsk8ETrUgIAAAC63LwKAAAAAA&img=G98HvzvhEkeltu5fixSPeY1068tmgQ2kp8Bj6XX*9ReC2kxkcwWEvzCNOk9PW9aofOBVapQCQh5kCWZPS9G*oL2yIR7PFm419*GJdjVHLYm3nmaWGwvlRibCCztJ93*4AgAAALrcvAoAAAAA&img=xRnD7SuGWgKSZvRmHTK6ZRYcx8Zl*BegLgNtELNtB5-IKk5dSgCrF-GK26*4HZdc16l3OEESsU1oHTd6hiJS5EhaWtdgpDP45AcceTsXgT3agQffyGFUCZdJqOjiE3c7hBEHXoKPKtzbnOX5XTYUySCRLw30JPOwfe16nYEuoke7cXm6FMLeZPr57hBIpBth7HBEAJQqVoLdKXyc5o5zowIAAAC63LwKAAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: profile.ssp.rambler.ru
:scheme: https
:path: /sandbox?img=KV5E06j*F2mselny80C8rTumqQFc71rpmHlA-3rmSOHSE45OpbFWJ1jpC-QZ2rMOFBGLjDo2AnQ0VKZ7SCntPE2z0rc6JGGKqi2E3ark-gE0lsntIs450PWUBc8HLja177Sc6xxCsv2E9X746T1hpWK0Lq6vJs*YDcRPQkE5H2TPCeOA6uEFhltf7zaiM-HBAgAAALrcvAoAAAAA&img=J8o5p6SaUi17jKJ3HSZyj-hKMRumOrmT5TU9zintJFeZSByRtl-**jXnMKxgD5nxjNTQL6X14jJDBD1qfXOfrnFwEMxDL0R64mxlj5mrtBWJM*K2CqolLuYza2xjFgarRfDPl077nPRE594oleQ93gIAAAC63LwKAAAAAA&img=I*Wp1KSVSPXxSLbTHnFrkL7EoQs5PpQB5xaJoRwwaUUAjd8kiT6TyghuNdslxlDZr4d-oi87ylqCqVcYpoeKbc0Z65d2ocLbFp8ctFqzf2KZlZFOAfVPBNLOBzER3CdeQTb81pj2AAXuM4dDXXVP7wIAAAC63LwKAAAAAA&img=2TlkSYVZMpDGtTvgkD8s3Aje-XIgam5lLeytP5YEYTjj0d1d1au8FYdPLtgTwT5UbYSx-*8pSkaeroDK496BONKTMx4gO8Y6nDPiFSkIoXvngmb0-*Gy*LbxgX7IcClLYSefa*zX49YhrInnQLRluH5RMxftRvPmpxlygzCha7VbaQjFC6EQZUmFjWES*Ke2oV0LR3SulMndkVHlWtOMiaxW5LbbgNypQnIMk4ghbFgZXIUYZw280mg6ygYhNxMcr85ILV4bcj*3w34D7F39pjlwWQVQLIPdC--Wbf5U7goCAAAAuty8CgAAAAA&img=CdJx0ypsIYttCDE0ldrut38MIWLSLYVcrNvDJle*eq4aqprCo4ooZUvTmG0eiyBOu2PvmlqRdnuMJWo-ZABX0JXWXPdTjPkKjf7zZNq54uocvWt*SIWwEZnsGel6Aj4CvFufJObrsbHsPxcMAy3UoQIAAAC63LwKAAAAAA&img=WgX6XRaXQnPUtP7-ZR4UNQDgv76M9m90shl6wtPAswq3YXMMGm45StLk7jB4ZnN*xoPUQxO24WK3vXRRWElfrIBkAHCN8hKHQF-6as-RR4njWuKS8D0vKp9evE-RxoQIup1BH5-bOmTPn2ZOd5p1ujO6T9D87rvuiJu9gpOs*7sCAAAAuty8CgAAAAA&img=JZzArnKJfOo2*wYPUwkg9zZoi8gaArt5PjSyEKINiK354jXd2zt9yFRaa9I7qKlD7Botn2mXwoM0QeSjyBl46kXnB4nhou8HiEXSpqdggFrcHzhrBm6KH0rn3SaDkYq0*lOK-iv6Qpb0We9B83gWDpzekdmil6cUz9sw3hOe5y8CAAAAuty8CgAAAAA&img=UnNxtIc3YJTo5aBO3bY2tyJHaDjDJrv1yekPH2K*j9Bvt1P12U0SomFDX4ehFNGfHokQAqxjaboyJMJaFgAGFjMGvzagldV3sDtutnU41Pr-w*NyP5VtvLlRZphg0IIvuh8oPmMcSVDx1X9RbpBemR4kHx1im2vpf6UrlR66JxoCAAAAuty8CgAAAAA&img=k542BKW2vGboNWhfZcpObjdi-rHN1r446KTmketw*A7x*J1MF16lLW16IR2naxPjj0hDL1gDqXwnpT-7i7996B9OfR8V2B4W4fK0Tc9UCbvEYXsO9O2GmVUgVS3rqpqhAgAAALrcvAoAAAAA&img=jQPBB50*roKl*hXff0*TPHSFAVwXlp6ZpaInr8BJ*HnC6h*Q9zQXTWRQ*EeLikSGDjfHeH03xc5vKXXiD2Fy5wYCvZe0d8m5JcuFUfKO41h8jirY0xZfMa80bTQY8-zmy27nCjeaH601DP3l-iO65CKrtrVaV78h5dGFOtPij-ECAAAAuty8CgAAAAA&img=qFOMAWdkXI1qjyPrAKmwZwH1HRzeLQOBgk5nviJI*aIm55CTifYhh9EN3NArZQxeeoUmAF68c16nhWzHS31cERa3csLriYF4E6iKwJRUB3euTyZqeLk2*LCN2FmqC56Ly6WmmbgbuQWp3L2U8Fsp4-bpWNaftmDsAfnlqjmKdEgCAAAAuty8CgAAAAA&img=LyP7Mn0uDQDnZHLcYFrjs61ZKYRBx3lOYP4AaL1-kLUNAPRw5nKwqVXFquBtiFRxzV0uGR59WA6Md3hGhnCrgoLbdgBn6t9QmDNJ*GpOHUr9GWLiC4LdoAHLjTNoP34gYXyN1TeHoEGHQQUGLwhGNwIAAAC63LwKAAAAAA&img=9lUVaDCiLB1cWsREaajLDv4S1j4ur24OE-dJOO68XZLxoIaupt3eZcPoEtnMU9kYQwfol4khekAkKuEyEio8VbbKTCnqwVwTWVUe0fmA4JCbSydiwGb17CDWrwDt8LVDkCDBCzapuWCmsuecqKaM4m-5HSKjZSSTE1UOyR5FCmUCAAAAuty8CgAAAAA&img=T2hG6wCJHftfGLdfLlskVf8pKMdIbLyhMvdYB4z-ee6VgHVyd7Ivp78fvTpq32cNrkbhtQH8GlVDduTsZZIaVxGJniRcOdZmvhP76hffgt5vYa5OQN*SSqxln05*A2*cu4akLe5pW*uaRGy*X2KdNAIAAAC63LwKAAAAAA&script=Ez3nZZT0E8J-IcPkqCYMdt-I3UZ6yah12q0K5kdvcDBOb5gQB4L6KvqJeiTYJrvKO6DEhV-L-ypaK-51dTTOHQ6vbziqNYFa9I5W4iIkhXLzoToji5A-8bSoePxZiPmNmsaWGQvCyNRsPsMFa2C8BAIAAAC63LwKAAAAAA&img=dBwcB48cJ*ImoQxO763tytlMnVGBPCmb6u1VDa6WA2TQ5-eJpZSWHUUGRCsIi995GARQfTSEG7kXNlfPKtfDHln9zrsqFhLbrXhTvgJ9LbhzvEajEdIRviQL2mAv*DIKNZS5G1MnzyOcuT3vcHU196JegF7VET6N6dQ3Yg9PVT63V*FkOfQJJp4ufVSLpUPxaKsYohgCwivnmnRjifgKufdzrNRFadRugUJeYMFFQWwCAAAAuty8CgAAAAA&img=B5dIJv4k4tDD2W49CTvW-d-Sp72asXh7XENRrolS0RHE1ZVyfhtEVsDv-gvofcDP7QxvHYtf-ghlxyxGEgZJb2yKGfTSefsGAwibnEZ3TyQwYmZ7ZndTSgmQxLsGdxg-8ja8iI8gvRlcGnsk8ETrUgIAAAC63LwKAAAAAA&img=G98HvzvhEkeltu5fixSPeY1068tmgQ2kp8Bj6XX*9ReC2kxkcwWEvzCNOk9PW9aofOBVapQCQh5kCWZPS9G*oL2yIR7PFm419*GJdjVHLYm3nmaWGwvlRibCCztJ93*4AgAAALrcvAoAAAAA&img=xRnD7SuGWgKSZvRmHTK6ZRYcx8Zl*BegLgNtELNtB5-IKk5dSgCrF-GK26*4HZdc16l3OEESsU1oHTd6hiJS5EhaWtdgpDP45AcceTsXgT3agQffyGFUCZdJqOjiE3c7hBEHXoKPKtzbnOX5XTYUySCRLw30JPOwfe16nYEuoke7cXm6FMLeZPr57hBIpBth7HBEAJQqVoLdKXyc5o5zowIAAAC63LwKAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bloodshot2020.livejournal.com/277.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ruid=1CIAAKSnyF9NLAx5AcP8tAB=; rambler_3rdparty_v2=; uuts=4vrJyMr0-eUT1w3jb939mHK3POEEfAwz
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bloodshot2020.livejournal.com/277.html

Response headers

server: nginx
date: Thu, 03 Dec 2020 08:53:57 GMT
content-type: text/html; charset=Windows-1251
set-cookie: sts=0.1606985637.1.1606985637.2.1606985637.3.1606985637.4.1606985637; Domain=.rambler.ru; Path=/; Expires=Sat, 2 Jan 2021 08:53:57 GMT; Secure; SameSite=None
x-passed: 2bal1
strict-transport-security: max-age=0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-encoding: gzip

GET
H3-Q050 200 container.html
c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 431C 0
0 33ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bloodshot2020.livejournal.com/277.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bloodshot2020.livejournal.com/277.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Dec 2020 08:53:57 GMT
expires: Fri, 03 Dec 2021 08:53:57 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 204ms
88ms Script
text/javascript 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:58 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 110ms
71ms XHR
application/json 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

484d67d68718d1e0a88f7480b229f2a52fc151be3de8e0918f59bae2b41be7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6594
x-xss-protection: 0

POST
H2 200 blockstat_post Show response
ssp.rambler.ru/ 0
79 B 106ms
105ms XHR
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/blockstat_post
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 03 Dec 2020 08:53:58 GMT
x-passed: 0bal1
server: nginx
content-length: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 42ms
28ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:58 GMT

GET
H3-Q050 200 container.html
0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 653B 0
0 33ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bloodshot2020.livejournal.com/277.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bloodshot2020.livejournal.com/277.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Thu, 03 Dec 2020 08:53:57 GMT
expires: Fri, 03 Dec 2021 08:53:57 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D49 73 KB
28 KB 93ms
93ms Script
text/javascript 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1605702985553312"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28207
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:58 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0D49 8 KB
6 KB 44ms
44ms XHR
application/json 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65a5913dfc7fe80932856d1db9ea3ab28293d8818ae4913e800938959c0f24ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6481
x-xss-protection: 0

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame B1A9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bloodshot2020.livejournal.com/277.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bloodshot2020.livejournal.com/277.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 08:32:15 GMT
expires: Fri, 03 Dec 2021 08:32:15 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1303
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0D49 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js?21068855

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 08:53:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Thu, 03 Dec 2020 08:53:58 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame FDD6 0
0 8ms
8ms Document
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bloodshot2020.livejournal.com/277.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bloodshot2020.livejournal.com/277.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 08:32:15 GMT
expires: Fri, 03 Dec 2021 08:32:15 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1303
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 file.jsp
img01.ssp.rambler.ru/ 0
105 B 399ms
210ms Image
text/plain 91.192.149.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ssp.rambler.ru/file.jsp?url=yLYIwKQR4xeAEs8qeFTk*g*kgHFDJmQD7Z-Ba7fZ*1aBkthCOOtX8yfy4*AtA3NbaDGOs798P6JwJQdTQaWOV49xkijdMeNEVZZZvmPDFnSYLDhs6e2uNbxBGAQ2dk4elhoicGIAiIqlT6htSbbKh4gCzKwJvm4pFmpm-ttHOfdpY0wtaKxyE1E9afojXozVpwSnvFGkxfxsC7HYNpm8hhBDF6A1eX8ZJbae5SWYuJMW6GhIN3fRGAI29pnkA6NZE-Elz12dNrXK3hqfqNArQgg2k*U4ZrXHhkAvVg2Y6t8u4s9vhntxi07syyBGwiFujUKZNqYZnJBdoYOmLHjul6SkeUu8wYzpEKnz5DPp3GKGmqSvaNabrI3qf4qWzb1Wi4uQ9OiMSDysW9Ar0j3ioKDY1NL-WE5NXTlNWRuEhFL9RwX7NQuU2n4xj4YZWHskj2YpJmaxtVisktZOXc-iA-U0VFYmNSLjUz9PfgXDbYgB*sSvwvuL-8GQ7QZCsMQb-IJIosMTUqL2F9xX1dctHO1Nq-D22sD59TJGOL4Q1E05eigf8pydE8Ti8ioCZi0zRPxbGlchiqgEqBZjLQ08CtiDcMAYJr2TkwHPnhPE19u*vu*GyLzCTMnm3di9tY3xaUiyx7qtWSGX5ASU41foNH47kijIvsudc7LkfQPWQuchVlGzoUsEpA*0np5oeIpFYLgRtx8*kCWm2igzI20rNcpey6gWHJKSJcHKy0*7ei-8B6X9Hgt-yX2L1vwOBC7S9S1zzLzg1L1W3mVYGmfSHEAqp-TXxjhSdM3Qi4fK3-VUCXeHFRazPDvWh-wn69n0JiXsrNe68oyVHtQIVH3cO9FJ3u-6*N95g9me6au4amJ47V9uVVdVRKTJ55lAUGx81AaVNXlvk2pJcRINlAnW0ZPt-gwXSJIPfW-OMRqBU8d7vmA6VQPvvuRqHv9Wh-qYgEtJMFzm6t3lD5MDNV49*lEmYaeIylVwNXF*KQdqnPN0keahmeaUO91bWR4www80ZDokaDC4S8lC-vCou9UfnXrIdQRl72HcoukGKi0jypi2XYx2MQm3350V00LbqHaIAgAAALrcvAoAAAAA&eurl%5B%5D=0PO758yZrzUNDF4scVb0O4ZryhhWa80omN*YPuwNMVnmc9cgbyFqbI8OC7atAPR2qTV13IzPPvzUp5rYlX9IX4QMPlpHQcoZlo1ei2oYwlwCAAAAuty8CgAAAAA&seq=0&capirs_nocache=1606985638342
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: zvezda.ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Dec 2020 08:53:58 GMT
access-control-allow-credentials: true
x-passed: 1bal1
server: nginx

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D49 0
224 B 41ms
40ms Image
image/gif 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=1130953253187875&bg=!8vGl8dHNAAXKjztBylgHJYqOaP2rWQIAAACwUgAAABtoAQcKAP2FvU9Db0E8Wryc4AoMPvaZHYolj1ScJlN2FYyS8cTCi5i0uOQ3cVH0yWQdIroE1JYAPCQ8kKnfo9FTInhISnL3GX9UDGeHYGDDlV7TqNKgS1IssK2ZIkaRdSG4XF9fFQ7yY9DTeqcU_azNCFJQltlWUuQh-SJ1aF9PVSLpylnme7E75hZlwMUGCJfQ8_NuqsqTlYd97uP5k-gsBz98tGybphMkQys5942WoSi5D-40EnCJUQpqgSqVMrovNe6CJVQ-rJDe1SRbl0-R2mBgGRh8gVOMQoVa_gYhHTi1kZrMJFhCj9LefVmzgZOPv3lahtOgD5KpvC-91UV58Qd6mQHtrk9mThsFlm8fOPt3NR9Z2Ivf3WrYq-6CovX9IoaPxYQDo7SOx5tv6McmK8DB88ysbgQWKS-XCEpEz8AGd8Vr85DHEBlVdfwKZ9JB0f3Mu_o_UFxMnkbNeRlOxQEbCq459D4HLbT_Kk_n5BqMfvJUfIvzedkm-eUFkbnStkJ_hD-_kmOM0JBSrt4wndOTVTIWWBmbaAnTDXv1icYzXGdZulOjDq0m-kiuA99Dqw1aZmW2VUZv4fkAc9NATqhfKlLLnhN8Ecx4TBnoSMWvNTvp7FBBHNrZXfpZ0Z6LaUHBcEXbnaDNYHHjxQ7sUXqXckKXhh9QklKUcOqelbzsmndANGjMkmh3FT8WYM5jxkyClZ1DGAhA_0-2yvv-CFrtQvbyJBwPLD26WxCZsu7_n6t9lF-eNfvoKtVRX7mNfNlzHHaiG-LENtgdyvYNfj2zr5AWq3rsptKj-AS6kqoLRAuvQ1GEsrTFC1nJUkqKbSgQEgUrn8Ic6nfd54m9iRbE2-QggeauQzDGa9W-wMi2KgLIrLAkr0E2R_S7NnxgZN2Q3VBpz7AlQZuda0gOEcGDriQkv68icNzfT-f8EQjblZA2NVHIBAfzEC5yxTDbxKohF3qvDkqE_4ZzowqF-QLdLeTa5ljtQq5b-cTA8N-jpg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
23 B 41ms
40ms Image
image/gif 2a00:1450:4010:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=3481278248576412&bg=!6-il6MjNAAUbEDgJG1g2VMJmQGV9ogIAAADTUgAAABxoAQcKAcAM4wwU1Qi-LhgV6TMNj4uN669Zr93kKgl_MUsEkX82IWHijtK3hB0v8MkNhg8li2i6PXKtQrHof9LDpoxxHqQ7xO4-tYmRlWVfbNGx0LlVF1UO6jw4aRkXzVv41QJEEkLNi8BGyH_kjVCaQDVNSeQwGODRAVgJyKdqbEH5HZcVbZW1W3dyPfAVCQlWTW8dJ4RZdr62zkJt9o3BHl0zCqeVNJDbj1rH7-qKmyeXpg-iAEfz2-waOtoecp0L5Vfr5ulv2irbJD0JVg0tat9SNo86QrAM9I08UpaixQsBOI3JKTAz82M8oFPbuLF0kZ2HbiLPGDDYqQHUAe69qX2n0nJEtXvzIb5qKlwltIWT-aw48eDPetRHYl8SkM3U3i26H4YEmdpa9D-Tn4CAgz_PQwWmDbzI399ylgD9tmEHCI6bzTDwcymgRZqbNaeX0150M71XZnvcVmgyO65Y7glMuoEiPDw_oh4D90qZoxXe8Wpa26J3FWo0zrl6gGWpMAqi9pHh0ynTB-acg1HVx-E9ZEyCjJSiTG1DTwVsuR-0zOth7hGL6NvE6P5lEYRkrLniPif36za3Dgs9weojVVn3WDL4mQHzQC3d09AIaVvO8a-fPaRRzYWvztiU1PqYEDSDZbCBjI-Yzz1diHbuEIF6owCV7VeOhpS6d8phQz58FIaNJfhX3SEb0algOiZvSaaXoPIMxOCMOng4lPejsLC8iHYVcjhZywQYlZWRoqQqeUwCPnpP-a2NSwiNMslA7MF5ULYnFkUh0a3e-e-Kc9oc4mVDOshGcLsrV_kaLd4Hc-1cHdML1mUI2LF81PJg3dJcx7eD3avnDwr14P6f-yUVjwgEBUvbkAO2b6lz6VidoxQKdaYyN1_4QBMQOBbjN6uqQkBN-_ElPzL5LtULzKCKlVOzyhmRiXclz86qX-BjUmgnly2wHR6vnuZWsxgLsry63GqhBM3iQu140GUK_9IcFuTn5DYuLSN_wJ1JWMB-Or278le6hc54khE2BY3VHjviqBZQEL0u2Mk18pVSN7stBxgfgCq9CapOyCwE-KlBBPrN7GSt0TsfxALfTtAZAoZ8_SrEhyju-jOD2SCSDlpxYbnt8K2gHPW1B52L9cjzXlzG7wSMa958cv6Qg4s7joWIwpxJjSVACtQ7bK0cotIaESNuBGHHRtnV1LjqgbPU9n66WvpE_D5SycvdE8VyiGSLzPpBU2qsFKmNO6I2bmgKaRi-oNTtImaXqokhUKCzY7G8CEMNBFOiCg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4010:c0b::9b Lappeenranta, Finland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 03 Dec 2020 08:53:58 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 file.jsp
img01.ssp.rambler.ru/ 0
104 B 94ms
93ms Image
text/plain 91.192.149.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img01.ssp.rambler.ru/file.jsp?url=lcDfCmC4KXOXzOiFyOboc7LLeCzYajbIHbFVS1FRhPC87vF6EJTkz3BCrFubB1JLIW9qY7HjLt7tGKoYZsrMg5-jI5vFUoVCdLl3q4SeT6yfc-AJ98WLM3L4z-8HhHzarEEh5mub2TgSL3HPaC7WwNcctxZBDv9057DUS8CcoqYss9U*Kfcvbfn1cNVkUbqux-LxZp63ZsOIWCgvTlY8DweKR5Fy0kBRaZGVGx-igxdsgl0jTO57dQNLzmANp8vQOtGj8*nKkmm3OgEarL99*W4JHHsOa8gK9OStnCuw73GjbWxVI09yh2Np8DD6OluSZ5I3aEB*B5ZmCElihbNw-vD37KZmjlp6RPfe2LoyQa6UVEUx*lNr2JedlQHPn0IHPFP3sK1RCN9wCHA10Xp8oqjDhPtOVnLoeYSdcxvdhvZ-IrWr26LjVAiRmZ9u6SVGUeIH7px7XGXa6hvoA5C9sbypzJRmLjKXWoHvhX*VN1vhb0*-aGEedhHAFzDx*hpA*2ss12jEVfcC5V*VmgW-Xu6eXzMe0tjJd4AslXBVwTw-G5cPfubaZ3-z3gqVfAKTEb7dIV5RXmEKvx48kLLtInIzMj-LR2QmBRElJbuaZRPxFMx9oScfJeyQYSVMRVPJ0ad0NgxkW6YD5VOvapWgqreqo2Dsie2Jhgay-LrlBLJvYauiWRFf*RA1Z3xiKujSuGfPUY2Wv7Ktch-V7ry0fUkHLsHweboH0znAn0*HMpVscbZBnEgiG9**J*YTGLmWfWa58y8lWxEidemYET454uH4AL-xsKIWx-C6NqDuws-jy3EuWDCqtvmKLYtTsooH0W6E7yhI2pMwP*ZnYAMsMbdDBhoaq7cU7pQ-139mg*aok2ixpJdbj08j0lxkslynIGO-G1pTtEysSnm9b2gYEYv0wycXrtdOGcrE0XxmNywouI-Gnh5HTWJi3SYvqHJdKk5xJt62LPJQ6GOsJn4*0uhkAssvdrEkaP4aGz5Kx9G7k1WgXn2SPBbPAl0dUr1zeUEFbhOnqm27pMuJZlMBHQasP-P1Ew92VU4uLqbfcDgCAAAAuty8CgAAAAA&eurl%5B%5D=UYDwLidiFIehaqboCelaLNm5Qt6bayfFK33BaMz*bYFEc6v4kRrBJXFvACI2pkIg50QJAIXP9PZdoScRwALqNgTUyADYSaS7ghs1b13Fi8gCAAAAuty8CgAAAAA&seq=0&capirs_nocache=1606985638975
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: zvezda.ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bloodshot2020.livejournal.com/277.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 03 Dec 2020 08:53:59 GMT
access-control-allow-credentials: true
x-passed: 1bal1
server: nginx

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livejournal.com/	1970-01-19 14:23:07	Name: _ym_visorc Value: b
.livejournal.com/	1970-01-19 15:06:17	Name: sspjs_4.2.1_af_lpdid Value: %7B%22DATE%22%3A1606985636223%2C%22ID%22%3A%2214%3A706231%22%7D
.livejournal.com/	1970-01-19 14:33:10	Name: splittest Value: endless_scroll
.livejournal.com/	1970-01-19 14:24:17	Name: _ym_isad Value: 2
.livejournal.com/	1970-01-19 14:24:32	Name: _gid Value: GA1.2.1837308037.1606985636
.livejournal.com/	1970-01-19 23:08:41	Name: _ym_d Value: 1606985636
.livejournal.com/	1970-01-19 14:23:05	Name: _gat Value: 1
.livejournal.com/	1970-01-21 10:18:17	Name: ljprof Value: f22a00f39ee2f84ad5fc8a79d1215423d39e7bcb034232796
.livejournal.com/	1970-01-19 23:08:41	Name: _ym_uid Value: 1606985636316732317
.livejournal.com/	1970-01-19 14:23:48	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1606985635941]]
.livejournal.com/	1970-01-20 14:23:05	Name: top100_id Value: t1.1111412.631727660.1606985636164
.livejournal.com/	1970-01-20 07:54:17	Name: _ga Value: GA1.2.1642268021.1606985636
.bloodshot2020.livejournal.com/	1970-01-20 14:23:05	Name: last_visit Value: 1606982036166::1606985636166
bloodshot2020.livejournal.com/	1969-12-31 23:59:59	Name: lj_sale_adblock Value: true
.livejournal.com/	1970-01-24 14:23:05	Name: ljuniq Value: 2YTryZ1hWemb0aD%3A1606985635%3Apgstats0

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 109) Message: Text variable [dialogs.yes] hasn't been defined.
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 109) Message: Text variable [dialogs.yes] hasn't been defined.
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 109) Message: Text variable [dialogs.no] hasn't been defined.
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 109) Message: Text variable [dialogs.yes] hasn't been defined.
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 109) Message: Text variable [dialogs.no] hasn't been defined.
console-api	log	URL: https://ssp.rambler.ru/capirs_async.js(Line 11) Message: %cRambler Group font-size: 60px;line-height: 60px;color: #315efb;text-transform: uppercase;font-family: monospace
console-api	log	URL: https://ssp.rambler.ru/capirs_async.js(Line 11) Message: %cWe hire the best, learn from them, share experience and grow expertise. font-size: 12px;line-height: 2em;color:#315efb;
console-api	log	URL: https://ssp.rambler.ru/capirs_async.js(Line 11) Message: %cRead more: https://ramblergroup.com/career font-size: 12px;line-height: 2em;color:#315efb;
console-api	log	URL: https://rcmjs.rambler.ru/static/recommender.js(Line 1) Message: rcm logger disabled
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 283) Message: LJ: banner resolved: adfox_100x70_1_1606985635811
console-api	log	URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1606918037(Line 283) Message: LJ: banner resolved: billboard_1606985635794
console-api	warning	URL: https://ssp.rambler.ru/capirs_async.js(Line 1) Message: Montblanc no longer supported. Please stop using it.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0e440d60882f76d396258d5b11318ae0.safeframe.googlesyndication.com
ads.adfox.ru
adservice.google.ch
adservice.google.com
an.yandex.ru
awaps.yandex.ru
bloodshot2020.livejournal.com
c09036cf64384ae283c31d3118e62cec.safeframe.googlesyndication.com
fundingchoicesmessages.google.com
img01.ssp.rambler.ru
kraken.rambler.ru
l-api.livejournal.com
l-stat.livejournal.net
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
profile.ssp.rambler.ru
rcmjs.rambler.ru
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssp.rambler.ru
st.top100.ru
static-mon.yandex.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
xc3.services.livejournal.com
184.30.212.126
2001:6d0:4001::226
216.58.206.2
2a00:1450:4001:806::2008
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:815::2001
2a00:1450:4001:81b::200e
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9c
2a00:1450:4010:c0b::9b
2a02:6b8::131
2a02:6b8::1:119
2a02:6b8::402
2a02:6b8::90
77.88.21.179
81.19.74.3
81.19.74.5
81.19.89.16
81.19.89.17
91.192.148.14
91.192.149.14
91.192.149.38
91.192.150.12
95.101.55.60
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0cb74bc278181ad682014972d7d0cc7dcc08a344430f3ec7a42ea995f3f931ea
18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2
1a84dde79f3957f91e5f0244f67422af6455d0e4dfe277dc84059ee1d840874c
1f1cc495456ae320ee2aabfff008bf85e7687f4e31a0949c5387645a3a896aa9
239e0f987bd87f35d702355546423eff84e7e0e869b73fb0c3584eab9bc3d2de
276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
403e4eecd577abe7ad25eacba6cccc07df6208e4ae89ce77ae0cedeb487c155e
45f8ed9fb8430b0153a3678b5036cd1c0e973ce950ca07755fb9ec5aab9a4f73
484d67d68718d1e0a88f7480b229f2a52fc151be3de8e0918f59bae2b41be7cd
4a3f346ea5e34560b02f7ea3e1d25dc99ab15c8e6319ed99d7a93c5434623478
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
653cc4ae826cbd1e145fda2fa81d2c5d592a962711436d683165d85c7ff5a78d
65a5913dfc7fe80932856d1db9ea3ab28293d8818ae4913e800938959c0f24ab
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6decab085976f8699c3b550b793a269926da5ee568d966e25a300bfbf548e9ca
78fda08d849adc0de3cbb80190a5522386075545a61ca5afd1ecc8840c893a89
803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc
81cbb7098fa82a79367fd40448be801ea01eb81014ea4443a83c2be4718958e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8701bac585db7aae451cadb81c54bb1a7ffd2fd16ffaf07fb46128d02b0257c4
8a88c0c87c03f2b7aba811668db9da22788ce669d5111c161a9e0e176a28f4de
8ac39c6bbefa356fc5b3d9a42bf09338113ed704927c942044fcf87cdf5f54c9
8bf8d108ee906a7d571b2c7c3f2f25a529aab1d3eeee8a4dc5e7e9091e6b006d
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca
97863c262254c3df6ff2e518ad72050dbf63ad92fb0e498914a8c5424aeef893
9846d3c4604e8e98eca930c407c1e2dcc12a8cd18808218bae4c2f6574703c99
99eb1ca2d71707f36338e0515c92bb2cbbe145bdd139533b7495655bf77d6c7e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a9ca231f1644a1b81aafbb32cf6f8335ec0697a07f8efcf9e2e1355c8b01c5b8
ac99aabffd3db8f6b2b7e3a368ac1b77b176e33dcc090670d01c5d3a1fa460e2
beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead
c0d1a67767e603dc552d6272168bc476fec92244d222c08e30373bc19091b778
c22231cf65e6bf10cc9638e8a6aae1be05a75ffd33c83ddcf1fbc22467c098f7
c472bdd4f665c194c71821bc50149171872e560da0c2a5fea5a8d1bad39f118f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d56ee6a2ba915ad87e2dc9b49d9199563f3b35f9e048938e84d1a033e5c2b1c5
da461ff82c471584d94b3ddb1c63a05a19c975b52bfb3b4c808d57e75cf4ceca
daafdcab0cf2f1726f029909ea6f94a584857bee4d99d5005290018578cc8708
e000689b84af589027b0e54923f758e07b3e011df4b2e45dad8df3b427fbfe76
e2857415d04d8bcf01c7ee863ab2e916944ef24a45ef80255c5513bf0120cb05
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee3d4c58e689d8b44ea02266eb05dd381cfd9f39116ebe097882abf571667e82
efb9486ce2944b0b80edbd968cb4ac6bfda55f703d16d60255523f752252c4dc
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f2c54508e244fad6d1019ab0484369bb6712eb1d7b09ee97f9f2a742b72b707e
f8ad5acd65bb4bad427614ff2a50a658dcaf71f4de101d904aaf86faab6601e3
fb0601da73f3d87bf5853b84a3697b22e6f08c4c076d6a769dfab189f6d72947
fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

bloodshot2020.livejournal.com Open in urlscan Pro 81.19.74.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

83 Requests

100 %HTTPS

54 %IPv6

17 Domains

30 Subdomains

27 IPs

7 Countries

1875 kBTransfer

4716 kBSize

15 Cookies

26 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bloodshot2020.livejournal.com Open in urlscan Pro
81.19.74.5 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

54 %
IPv6

17
Domains

30
Subdomains

27
IPs

7
Countries

1875 kB
Transfer

4716 kB
Size

15
Cookies

83 HTTP transactions
5 data transactions