URL: https://macdonaldsaun.livejournal.com/profile
Submission: On May 22 via manual from US

Summary

This website contacted 33 IPs in 5 countries across 21 domains to perform 111 HTTP transactions. The main IP is 81.19.74.3, located in Moscow, Russian Federation and belongs to RAMBLER-TELECOM-AS, RU. The main domain is macdonaldsaun.livejournal.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 28th 2021. Valid for: a year.
This is the only time macdonaldsaun.livejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 81.19.74.3 24638 (RAMBLER-T...)
2 91.192.148.28 42481 (BEGUN-AS)
19 104.111.243.126 16625 (AKAMAI-AS)
1 81.19.87.48 24638 (RAMBLER-T...)
3 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 54.192.219.96 16509 (AMAZON-02)
2 81.19.89.18 24638 (RAMBLER-T...)
1 2 2001:6d0:4001... 52016 (TNSMSK-)
1 2a02:6b8::131 13238 (YANDEX)
2 2a03:2880:f06... 32934 (FACEBOOK)
2 87.240.139.194 47541 (VKONTAKTE...)
1 91.192.149.54 42481 (BEGUN-AS)
3 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f16... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 77.88.21.179 13238 (YANDEX)
26 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:6b8::90 13238 (YANDEX)
1 91.192.149.14 42481 (BEGUN-AS)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
111 33
Domain Requested by
27 www.youtube.com l.lj-toys.com
www.youtube.com
macdonaldsaun.livejournal.com
15 l-stat.livejournal.net macdonaldsaun.livejournal.com
l-stat.livejournal.net
l.lj-toys.com
11 fundingchoicesmessages.google.com macdonaldsaun.livejournal.com
6 mc.yandex.com 2 redirects macdonaldsaun.livejournal.com
mc.yandex.ru
4 maps.googleapis.com www.google.com
maps.googleapis.com
4 googleads.g.doubleclick.net 1 redirects www.youtube.com
4 www.google.com l.lj-toys.com
www.youtube.com
4 l.lj-toys.com macdonaldsaun.livejournal.com
3 www.gstatic.com www.youtube.com
3 static.doubleclick.net www.youtube.com
3 fonts.gstatic.com www.youtube.com
3 sb.scorecardresearch.com 1 redirects macdonaldsaun.livejournal.com
3 www.google-analytics.com macdonaldsaun.livejournal.com
2 an.yandex.ru 1 redirects macdonaldsaun.livejournal.com
2 www.facebook.com macdonaldsaun.livejournal.com
2 mc.yandex.ru 1 redirects l-stat.livejournal.net
2 vk.com macdonaldsaun.livejournal.com
2 connect.facebook.net macdonaldsaun.livejournal.com
connect.facebook.net
2 www.tns-counter.ru 1 redirects macdonaldsaun.livejournal.com
2 ssp.rambler.ru macdonaldsaun.livejournal.com
ssp.rambler.ru
1 maps.gstatic.com www.google.com
1 pagead2.googlesyndication.com
1 profile.ssp.rambler.ru macdonaldsaun.livejournal.com
1 maps.google.com 1 redirects
1 kraken.rambler.ru macdonaldsaun.livejournal.com
1 ads.adfox.ru ssp.rambler.ru
1 www.livejournal.com l-stat.livejournal.net
1 stats.g.doubleclick.net www.google-analytics.com
1 rcmjs.rambler.ru macdonaldsaun.livejournal.com
1 awaps.yandex.ru macdonaldsaun.livejournal.com
1 st.top100.ru macdonaldsaun.livejournal.com
1 www.googletagmanager.com macdonaldsaun.livejournal.com
1 xc3.services.livejournal.com macdonaldsaun.livejournal.com
1 vp.rambler.ru macdonaldsaun.livejournal.com
1 macdonaldsaun.livejournal.com
111 35
Subject Issuer Validity Valid
*.livejournal.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-02-28 -
2022-02-25
a year crt.sh
ssp.rambler.ru
R3
2021-04-08 -
2021-07-07
3 months crt.sh
livejournal.com
DigiCert SHA2 Secure Server CA
2021-02-11 -
2022-02-15
a year crt.sh
*.rambler.ru
RapidSSL RSA CA 2018
2019-04-15 -
2021-06-13
2 years crt.sh
*.services.livejournal.com
RapidSSL RSA CA 2018
2019-05-30 -
2021-05-27
2 years crt.sh
*.google-analytics.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
*.top100.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-02-15 -
2022-02-14
a year crt.sh
*.tns-counter.ru
GlobalSign ECC OV SSL CA 2018
2020-11-10 -
2021-12-12
a year crt.sh
awaps-v6.yandex.net
Yandex CA
2021-02-18 -
2021-07-22
5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2
2020-06-09 -
2022-06-10
2 years crt.sh
mc.yandex.ru
Yandex CA
2021-02-27 -
2021-08-09
5 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh
*.adfox.ru
Yandex CA
2021-02-26 -
2021-08-08
5 months crt.sh
www.google.com
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-05-03 -
2021-07-26
3 months crt.sh
bs.yandex.ru
Yandex CA
2020-12-17 -
2021-06-17
6 months crt.sh
profile.ssp.rambler.ru
R3
2021-04-08 -
2021-07-07
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-05-03 -
2021-07-26
3 months crt.sh

This page contains 9 frames:

Primary Page: https://macdonaldsaun.livejournal.com/profile
Frame ID: 86511B97CFCC863E35DA4886DEAC8F79
Requests: 59 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
Frame ID: 4E6DAFAED2941726E1E12C0F0F2FABB9
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
Frame ID: F95E4DC519E121DC2FD7B90C1DC9E0A7
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
Frame ID: E90795B3971E95204D6A40134A383934
Requests: 2 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
Frame ID: 2B96731299F4444426FCB1B8E5F1A3F4
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Frame ID: 6FD65AB5B8153AFA58AB2D3A971D8F43
Requests: 14 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
Frame ID: F84C62412A465BA1D01D600769918F88
Requests: 6 HTTP requests in this frame

Frame: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Frame ID: 6678459DBA0F7E360DF5E43466CA4E97
Requests: 14 HTTP requests in this frame

Frame: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Frame ID: 4D57CE202EBEFF3244067ED5C40DC7D0
Requests: 14 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.livejournal\.com/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

111
Requests

100 %
HTTPS

71 %
IPv6

21
Domains

35
Subdomains

33
IPs

5
Countries

4062 kB
Transfer

12200 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039 HTTP 302
  • https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039
Request Chain 36
  • https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=
Request Chain 44
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.R3-sBb_mELdJAWvHC1-Qky0PhQdAAJ4dPvzTwcN_Top7vyqWt2DKmcC8RfPVwu3u.ocQB04_JfWyeRkjZEKVD8ZwsGRI%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C
Request Chain 58
  • https://maps.google.com/maps?q=justcbd&t=&z=15&ie=UTF8&iwloc=&output=embed HTTP 301
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
Request Chain 61
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 66
  • https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile HTTP 302
  • https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile
Request Chain 78
  • https://an.yandex.ru/mapuid/adfox/26570%3A24958?jsredir=1 HTTP 302
  • https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1

111 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request profile
macdonaldsaun.livejournal.com/
335 KB
91 KB
Document
General
Full URL
https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
livejournal.com
Software
nginx /
Resource Hash
cd815a49f353e20aa1e6d1825a14fed8609d40ce7f3ec8e0bc6bf64c13e8c44b

Request headers

Host
macdonaldsaun.livejournal.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Sat, 22 May 2021 18:54:41 GMT
Content-Type
text/html; charset=utf-8
Content-Length
92963
Connection
keep-alive
Keep-Alive
timeout=50
Referrer-Policy
no-referrer-when-downgrade
X-AWS-Id
kr-botws15
X-LJ-Flow-ID
YKlTcAobA5YAAGnhWaoAAAAS
Vary
Accept-Encoding,ETag
Cache-Control
private, proxy-revalidate
Content-MD5
lztQS3k/eaL9Ka1c+l5kMw
Content-Encoding
gzip
X-Varnish
177573066
Age
0
X-VWS-Id
kr-varn01.lj.rambler.tech
ETag
GgZzlztQS3k/eaL9Ka1c+l5kMw
Accept-Ranges
bytes
capirs_async.js
ssp.rambler.ru/
550 KB
188 KB
Script
General
Full URL
https://ssp.rambler.ru/capirs_async.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.28 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
90683954a3954c583e69e7fd707cf55f71909155b201955fd1f6dcc513b189e5
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
gzip
last-modified
Tue, 18 May 2021 20:46:01 GMT
server
nginx
etag
W/"60a42789-89924"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=60
x-passed
2bal2
content-type
application/x-javascript
expires
Sat, 22 May 2021 18:55:41 GMT
/
l-stat.livejournal.net/
318 KB
59 KB
Stylesheet
General
Full URL
https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
af31ee95c772a485af6d9fce332b08e6aa001e316915f41ec52bf16b66f77b94

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVmAobAy4AAGUtLpAAAAAK
X-VWS-Id
kr-varn03.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
59575
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/pB8TASTd22rjPjJ1SOQsag
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
13106964 81982455
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392368
X-AWS-Id
kr-ws16
Accept-Ranges
bytes
Content-Type
text/css
X-remaining-TTL
392368
/
l-stat.livejournal.net/
82 KB
25 KB
Stylesheet
General
Full URL
https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a6de5f8d8a0200fc63e8c2b2313687bede1bd92e9d69723b8b7d7673a2f6dbd4

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVuAobAz4AADrNPNkAAAAN
X-VWS-Id
kr-varn02.lj.rambler.tech
X-Gateway
front09.lj.rambler.tech
Connection
keep-alive
Content-Length
24572
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/P+Hy4CTfD8OOm/XFZ9PIdA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
79719366 57394837
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392966
X-AWS-Id
kr-ws32
Accept-Ranges
bytes
Content-Type
text/css
X-remaining-TTL
392966
/
l-stat.livejournal.net/
448 KB
338 KB
Stylesheet
General
Full URL
https://l-stat.livejournal.net/??svg/headerextra.css,proximanova-opentype.css?v=1621497228
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
f5f9c9a292f0f04747ae1c38451e86d20cfb7be0378e1aae59c8c225195cbcf7

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVnAobA0EAAAN8BjoAAAAA
X-VWS-Id
kr-varn07.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
345271
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/nObMd5AP7P+2kwifFltqXQ
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
105056967 103728982
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392368
X-AWS-Id
kr-ws35
Accept-Ranges
bytes
Content-Type
text/css
X-remaining-TTL
392368
/
l-stat.livejournal.net/js/
688 KB
231 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62fbaea84dcc3b88460d11f802044b9ccd4ea6745ff2a6045a5c2625b8051a87

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVmAobAyMAAFgRJToAAAAI
X-VWS-Id
kr-varn03.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
236144
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/GiXQuV7Da4K4Qd9TjVBHxA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
24634860 28672320
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392362
X-AWS-Id
kr-ws05
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392362
/
l-stat.livejournal.net/js/
227 KB
64 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??profile/main.js,profile_new.js,scheme/schemius.js,widgets/angular/login.js,scheme/medius.js?v=1621497228
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9ba7ed10776e92552323eded6b1fa377bf2bea34f7f5fd78149a81389f2055e6

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVogobAyYAAGUngYUAAAAb
X-VWS-Id
kr-varn07.lj.rambler.tech
X-Gateway
front09.lj.rambler.tech
Connection
keep-alive
Content-Length
64470
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/agwJNJ2jBMHmOnK1ODgSTw
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
21491973 89531786
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392966
X-AWS-Id
kr-ws08
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392966
sdk.js
vp.rambler.ru/player/
132 KB
40 KB
Script
General
Full URL
https://vp.rambler.ru/player/sdk.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.19.87.48 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
apl.rambler-co.ru
Software
nginx /
Resource Hash
dd92d03f3db0d2a33e1ce31df414c96a93566bb9a1b52459f83cedf929c7e4b1

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bytes-rcv
0
date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
br
x-upstream-addr
10.144.36.20:80
age
2256
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime
-2
x-varnish-hostname
cb57bbd3bcf9b7a988d53aa4ba029c04
x-upstream-headertime
1
content-length
40274
x-amz-request-id
34e8bccb-1374-4fc1-9e8f-d85fbe589e58
x-upstream-connecttime
1
server
nginx
etag
"b08579fed2db2b44f661a8cdd63e1dcf"
vary
Accept, Origin
x-varnish
894269735 891107561
via
1.1 varnish (Varnish/6.1)
cache-control
max-age=300, public, max-age=300
x-bytes-snd
0
accept-ranges
bytes
content-type
application/javascript
x-time
0
print-logo.png
l-stat.livejournal.net/img/schemius/
2 KB
3 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
ETag
GgZzYGcFKOznFaw7EFLw6wHnuA
X-VWS-Id
kr-varn07.lj.rambler.tech
X-Gateway
front09.lj.rambler.tech
Connection
keep-alive
Content-Length
2249
X-remaining-TTL
86388, 21625, 58320, 62841
Last-Modified
Thu, 01 Jan 1970 13:42:41 GMT
Server
nginx
X-LJ-Flow-ID
YFyVLQobAyUAAHfOY38AAAAA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
84445690 77085969
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=62841
X-AWS-Id
kr-ws07
Accept-Ranges
bytes
Content-Type
image/png
userinfo_v8.svg
l-stat.livejournal.net/img/
1 KB
1 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/userinfo_v8.svg?v=17080?v=481
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYU7wobAzEAAF-1YA4AAAAJ
X-VWS-Id
os-varn02.lj.rambler.tech
X-Gateway
front10.lj.rambler.tech
Connection
keep-alive
Content-Length
523
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 01 Jan 1970 04:44:40 GMT
Server
nginx
ETag
GgZz3Lj/0Zs7IF/99OqziMt7VA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
200124091 197479088
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=29330
X-AWS-Id
kr-ws19
Accept-Ranges
bytes
Content-Type
image/svg+xml
X-remaining-TTL
86400, 29330
user.gif
l-stat.livejournal.net/img/profile_icons/
1 KB
2 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/profile_icons/user.gif?v=14273
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
7f9d52b861eab9f5d5f282f73b554bd9178240412780f70d1fa8b7267cd9f2db

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
ETag
GgZzTuG81pLe19AYYpe91+bP0Q
X-VWS-Id
kr-varn03.lj.rambler.tech
X-Gateway
front01.lj.rambler.tech
Connection
keep-alive
Content-Length
1389
X-remaining-TTL
29185, 14009, 86400, 63579
Last-Modified
Thu, 01 Jan 1970 03:57:53 GMT
Server
nginx
X-LJ-Flow-ID
YFybXgobAzQAABF46TUAAAAF
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
9873271 3213148
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=63579
X-AWS-Id
kr-ws22
Accept-Ranges
bytes
Content-Type
image/gif
/
xc3.services.livejournal.com/ljcounter/
35 B
704 B
Image
General
Full URL
https://xc3.services.livejournal.com/ljcounter/?d=srv:kr-botws15,r:0,j:88357888,p:88357888,uri:%22%2Fprofile%22,vig:0,extra:
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
livejournal.com
Software
nginx /
Resource Hash
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000;
Access-Control-Allow-Methods
GET, OPTIONS, POST, PUT, DELETE, HEAD
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent
Content-Length
35
Keep-Alive
timeout=50
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
5085
date
Sat, 22 May 2021 17:29:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 22 May 2021 19:29:56 GMT
AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=
fundingchoicesmessages.google.com/f/
87 KB
33 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d353689d93ffa16b8c37e20c72b139c8ececee3be4e7631aa41cb10652712252
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gObbuBhGylQYUw2KezuRwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gObbuBhGylQYUw2KezuRwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-gObbuBhGylQYUw2KezuRwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gObbuBhGylQYUw2KezuRwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/
86 KB
32 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
962b67dd06123e2e28190afb92d47208931bb8eb6d84eb2baf88ce870ee55a25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32966
x-xss-protection
0
last-modified
Sat, 22 May 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 22 May 2021 18:54:41 GMT
beacon.js
sb.scorecardresearch.com/
1 KB
2 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-96.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:36:45 GMT
via
1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1076
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MRS52-P2
accept-ranges
bytes
content-length
1469
x-amz-cf-id
ZSn3_tA_dxMC99YOMw51Xzsas7OjuqrCkvEVseg_8GP65mlxzyEgoA==
/
l.lj-toys.com/ Frame 4E6D
3 KB
1 KB
Document
General
Full URL
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4e2e57ea5c5faef9e06d4b45f63513e65b4d0556791efb171a003dd7d9605404

Request headers

Host
l.lj-toys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://macdonaldsaun.livejournal.com/profile
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://macdonaldsaun.livejournal.com/profile

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Referrer-Policy
no-referrer-when-downgrade
X-AWS-Id
kr-ws17
X-LJ-Flow-ID
YKlTcQobAy8AAArdH-QAAAAP
Content-Language
X-Varnish
66666574
X-VWS-Id
kr-varn04.lj.rambler.tech
ETag
GgZzW/"c8df3213249fe2bc3abbcb8267fd1a93"
Accept-Ranges
bytes
X-Gateway
front09.lj.rambler.tech
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
public, max-age=20000
Date
Sat, 22 May 2021 18:54:41 GMT
Content-Length
844
Connection
keep-alive
X-remaining-TTL
604800
/
l.lj-toys.com/ Frame F95E
3 KB
1 KB
Document
General
Full URL
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
95ceab3528e04e1743d4581535fc2f172ba85b3736027bce4130a99e24e45758

Request headers

Host
l.lj-toys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://macdonaldsaun.livejournal.com/profile
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://macdonaldsaun.livejournal.com/profile

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Referrer-Policy
no-referrer-when-downgrade
X-AWS-Id
os-ws01
X-LJ-Flow-ID
YKlTcQoaACAAAGeZ0BwAAAAK
Content-Language
X-Varnish
201122527
X-VWS-Id
os-varn01.lj.rambler.tech
ETag
GgZzW/"8fd976e458102c17730fabe91d476d88"
Accept-Ranges
bytes
X-Gateway
front03.lj.rambler.tech
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
public, max-age=20000
Date
Sat, 22 May 2021 18:54:41 GMT
Content-Length
845
Connection
keep-alive
X-remaining-TTL
604800
/
l.lj-toys.com/ Frame E907
3 KB
1 KB
Document
General
Full URL
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8b0e63fd5f41068b454453da55ee8233a9c3dc4281d351f47464f0f0738f3ac1

Request headers

Host
l.lj-toys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://macdonaldsaun.livejournal.com/profile
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://macdonaldsaun.livejournal.com/profile

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Referrer-Policy
no-referrer-when-downgrade
X-AWS-Id
kr-ws23
X-LJ-Flow-ID
YKlTcQobAzUAADCrO1wAAAAJ
Content-Language
X-Varnish
258633535
X-VWS-Id
os-varn02.lj.rambler.tech
ETag
GgZzW/"75d51aad2acc5b999cfcdfece6d913a6"
Accept-Ranges
bytes
X-Gateway
front09.lj.rambler.tech
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
public, max-age=20000
Date
Sat, 22 May 2021 18:54:41 GMT
Content-Length
810
Connection
keep-alive
X-remaining-TTL
604800
/
l.lj-toys.com/ Frame 2B96
3 KB
1 KB
Document
General
Full URL
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d51527938bdd6fe36db31c4f7abf4c4986f0ccbc8fa535f91b57f4f80e8a70d9

Request headers

Host
l.lj-toys.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://macdonaldsaun.livejournal.com/profile
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://macdonaldsaun.livejournal.com/profile

Response headers

Server
nginx
Content-Type
text/html; charset=utf-8
Referrer-Policy
no-referrer-when-downgrade
X-AWS-Id
kr-ws09
X-LJ-Flow-ID
YKlTcQobAycAADrJ7J4AAAAB
Content-Language
X-Varnish
147290545
X-VWS-Id
kr-varn03.lj.rambler.tech
ETag
GgZzW/"bec92dd040df8611e4b3567a1084e5cf"
Accept-Ranges
bytes
X-Gateway
front09.lj.rambler.tech
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
public, max-age=20000
Date
Sat, 22 May 2021 18:54:41 GMT
Content-Length
844
Connection
keep-alive
X-remaining-TTL
604800
logo.svg
l-stat.livejournal.net/img/schemius/
3 KB
2 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/schemius/logo.svg?v=51065
Requested by
Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2

Request headers

Referer
https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
ETag
GgZz3z079X2cVU4y1yrKm4XODA
X-VWS-Id
kr-varn02.lj.rambler.tech
X-Gateway
front09.lj.rambler.tech
Connection
keep-alive
Content-Length
1362
X-remaining-TTL
25088, 83697, 74892, 79236
Last-Modified
Thu, 01 Jan 1970 14:11:05 GMT
Server
nginx
X-LJ-Flow-ID
YFzC9gobA0QAAGEyDk0AAAAC
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
83433236 48133377
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=79236
X-AWS-Id
kr-ws38
Accept-Ranges
bytes
Content-Type
image/svg+xml
s-icons.svg
l-stat.livejournal.net/img/schemius/
15 KB
6 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/schemius/s-icons.svg?v=40651
Requested by
Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358

Request headers

Referer
https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
ETag
GgZzPs10q9OPQj9DZHt/ejloHw
X-VWS-Id
os-varn02.lj.rambler.tech
X-Gateway
front09.lj.rambler.tech
Connection
keep-alive
Content-Length
5618
X-remaining-TTL
49843, 86400, 26918, 31791
Last-Modified
Thu, 01 Jan 1970 11:17:31 GMT
Server
nginx
X-LJ-Flow-ID
YFzK5AobAz4AAGaaXyMAAAAF
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
113486597 97949145
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31791
X-AWS-Id
kr-ws32
Accept-Ranges
bytes
Content-Type
image/svg+xml
p-soc-icons.png
l-stat.livejournal.net/img/social-icons/
4 KB
5 KB
Image
General
Full URL
https://l-stat.livejournal.net/img/social-icons/p-soc-icons.png?v=42405
Requested by
Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d81eee672f3f9991d733a1b6e3719b01b2325a4faefbd9142b8f1abb40873375

Request headers

Referer
https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
ETag
GgZziKakaMXkLoUC7LoZxfokzQ
X-VWS-Id
kr-varn06.lj.rambler.tech
X-Gateway
front01.lj.rambler.tech
Connection
keep-alive
Content-Length
4095
X-remaining-TTL
82612, 72053, 81681, 45354
Last-Modified
Thu, 01 Jan 1970 11:46:45 GMT
Server
nginx
X-LJ-Flow-ID
YFzYRQoaACMAAC@Jh1gAAAAK
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
211634431 218152967
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=45354
X-AWS-Id
os-ws04
Accept-Ranges
bytes
Content-Type
image/png
truncated
/
46 KB
46 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead

Request headers

Origin
https://macdonaldsaun.livejournal.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
46 KB
46 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d

Request headers

Origin
https://macdonaldsaun.livejournal.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
46 KB
46 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

Request headers

Origin
https://macdonaldsaun.livejournal.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/
46 KB
46 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8ade158d7787ab081f0bb441099ba27fcce48e907414ce491648658b641adcd

Request headers

Origin
https://macdonaldsaun.livejournal.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff
top100.js
st.top100.ru/top100/
133 KB
47 KB
Script
General
Full URL
https://st.top100.ru/top100/top100.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
11f7eaf4aa31bcd12c23ca16989c7f086e9595c0de7bee5d493b2c977e5565ed

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
gzip
last-modified
Thu, 20 May 2021 13:12:11 GMT
server
nginx/1.19.4
etag
W/"60a6602b-213c5"
vary
Accept-Encoding
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
max-age=3600
content-type
application/javascript
expires
Sat, 22 May 2021 19:54:41 GMT
416195039
www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/
Redirect Chain
  • https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039
  • https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039
43 B
297 B
Image
General
Full URL
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software
tns-counter-3.1.0/1.18.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:41 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
tns-counter-3.1.0/1.18.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:41 GMT
server
tns-counter-3.1.0/1.18.0
strict-transport-security
max-age=2678400
content-type
image/gif
location
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
001001.gif
awaps.yandex.ru/0/9999/
43 B
303 B
Image
General
Full URL
https://awaps.yandex.ru/0/9999/001001.gif?0-0-63239-0-&timestamp=63239&awcode=6&subsection=0
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:6b8::131 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Cache-Control
no-cache, no-store, must-revalidate, max-age=5
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DEVa TAIa OUR BUS UNI STA"
fbevents.js
connect.facebook.net/en_US/
92 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24156
x-fb-rlafr
0
pragma
public
x-fb-debug
z6WgiEeaEC0ZGGGhC1uQPr8XVHILHQLrTA2kDhqEwyQJdWTba3LVS12WENmZYlgYu/SqRfwjW8F+MXlxdX9PFw==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Sat, 22 May 2021 18:54:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
openapi.js
vk.com/js/api/
100 KB
22 KB
Script
General
Full URL
https://vk.com/js/api/openapi.js?168
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx /
Resource Hash
25fe45f80deb3a5943695bb19674ddaf60340575dd353fd3b2d227fb62a7e42b

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
br
x-frontend
front609306
last-modified
Wed, 21 Apr 2021 15:16:58 GMT
server
kittenx
etag
"608041ea-5800"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22528
expires
Wed, 26 May 2021 18:54:41 GMT
recommender.js
rcmjs.rambler.ru/static/
34 KB
34 KB
Script
General
Full URL
https://rcmjs.rambler.ru/static/recommender.js
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.192.149.54 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
a7ce50b9de5ee8fc36a27e6ee14af8c5ec191af48e65630a66c9b11be58d38b0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
last-modified
Fri, 21 May 2021 12:24:38 GMT
server
nginx
etag
"60a7a686-861b"
strict-transport-security
max-age=0
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control
max-age=3600, must-revalidate
x-passed
1bal2
accept-ranges
bytes
content-type
application/javascript
content-length
34331
tag.js
mc.yandex.ru/metrika/
215 KB
68 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
br
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-11068"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69736
expires
Sat, 22 May 2021 19:54:41 GMT
collect
stats.g.doubleclick.net/j/
1 B
97 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-24823174-1&cid=1077689276.1621709682&jid=1969031658&gjid=1371232410&_gid=1729629445.1621709682&_u=IGDAgEABAAAAAE~&z=1687809920
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 22 May 2021 18:54:41 GMT
content-type
text/plain
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1768332188&t=pageview&_s=1&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&ul=en-us&de=UTF-8&dt=macdonaldsaun%20-%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1969031658&gjid=1371232410&cid=1077689276.1621709682&tid=UA-24823174-1&_gid=1729629445.1621709682&z=1179192492
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 10:24:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1768332188&t=event&ni=1&_s=2&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&ul=en-us&de=UTF-8&dt=macdonaldsaun%20-%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=not_blocked&_u=IGDAgEABAAAAAE~&jid=&gjid=&cid=1077689276.1621709682&tid=UA-24823174-1&_gid=1729629445.1621709682&z=1442721388
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 10:24:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30636
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=
64 B
331 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.219.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-219-96.mrs52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
via
1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
W6X8dTHJruT43WsyOA5T6JBD5GFHdo66Kgz3b5y6u7fE0HzolZIzZw==

Redirect headers

date
Sat, 22 May 2021 18:54:41 GMT
via
1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=
content-length
204
x-amz-cf-id
cWvr9NobQ-0YnlsKd7GaBzinZQ6vyCk2NbIq6A0_SEGPk1R_9UGpeQ==
AGSKWxXnhE20YHDDHdsFQqnC-0MJj4T7tiGkFA3kfEkOOWXLqFuqL_MTF__0L72OoyYQbQgqf0NLNY5vQhLRY7V_-zE=
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxXnhE20YHDDHdsFQqnC-0MJj4T7tiGkFA3kfEkOOWXLqFuqL_MTF__0L72OoyYQbQgqf0NLNY5vQhLRY7V_-zE=?pvid=F964F2A8-6F8F-41F5-9A72-DA63F4C109B6&anonid=271ACFD2-4873-4419-8EE6-0949B53871E5
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YOvuteTj_mM.es5.O/d=1/rs=AJlcJMwvaqzWrMYFxYTp28Mvvlm72jik6g/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWdB_bVP2pcEFftq9burEz17PUIPZuqKNdO35jtnuecvZ8o8xLA1WYQWnETSzcMnSjnPc78eaXS9dSNvkM879s=
fundingchoicesmessages.google.com/f/
81 KB
30 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWdB_bVP2pcEFftq9burEz17PUIPZuqKNdO35jtnuecvZ8o8xLA1WYQWnETSzcMnSjnPc78eaXS9dSNvkM879s=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIxNzA5NjgxLDcyODAwMDAwMF0sIkY5NjRGMkE4LTZGOEYtNDFGNS05QTcyLURBNjNGNEMxMDlCNiIsIjI3MUFDRkQyLTQ4NzMtNDQxOS04RUU2LTA5NDlCNTM4NzFFNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL21hY2RvbmFsZHNhdW4ubGl2ZWpvdXJuYWwuY29tL3Byb2ZpbGUiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YOvuteTj_mM.es5.O/d=1/rs=AJlcJMwvaqzWrMYFxYTp28Mvvlm72jik6g/m=loader_js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6788d28d82753329ae9cd76288aecb091a3003972ba3f9fda4e4607a29858382
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4z8031zArYwJXY2/5MZdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4z8031zArYwJXY2/5MZdKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-4z8031zArYwJXY2/5MZdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4z8031zArYwJXY2/5MZdKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
2982212878480459
connect.facebook.net/signals/config/
255 KB
73 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2982212878480459?v=2.9.40&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4cdb34a64a48f2dfd51a1528e5e65d4fd5a81ee24893b1e7345a1549f654d3fe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74812
x-fb-rlafr
0
pragma
public
x-fb-debug
Ukz8ijRQvG+m9dq50Zu1oxSMFR4XIMpeGsEi1IDCycorWBZQnfaJ52tDLg1W73vIr+Fv3gjVyOJIAGOeZW2Qpw==
x-frame-options
DENY
date
Sat, 22 May 2021 18:54:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.livejournal.com/__api/
50 B
617 B
XHR
General
Full URL
https://www.livejournal.com/__api/
Requested by
Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
livejournal.com
Software
nginx /
Resource Hash
4cb502e547cbd4062f74083f8e6b5453c4a76081461852621c77ac0294fde73f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 22 May 2021 18:54:42 GMT
Age
0
Connection
keep-alive
Content-Length
50
Access-Control-Allow-Headers
Content-Type
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
X-LJ-Flow-ID
YKlTcQobA0AAADErfK8AAAAD
Access-Control-Allow-Methods
POST
X-Varnish
186865721
Access-Control-Allow-Origin
https://macdonaldsaun.livejournal.com
X-VWS-Id
kr-varn05.lj.rambler.tech
Access-Control-Allow-Credentials
true
X-AWS-Id
kr-ws34
Accept-Ranges
bytes
Content-Type
application/json; charset=utf-8
Keep-Alive
timeout=50
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2982212878480459&ev=PageView&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&rl=&if=false&ts=1621709681829&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1621709681828.1132560193&it=1621709681745&coo=false&exp=l0&rqm=GET
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 22 May 2021 18:54:41 GMT
/
l-stat.livejournal.net/js/ Frame F95E
989 B
1 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102

Request headers

Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:41 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVlAobAy0AACJKKgAAAAAH
X-VWS-Id
kr-varn05.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
555
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/pGHPfOe9n47pvvnTlcVGnA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
100961997 138360910
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392381
X-AWS-Id
kr-ws15
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392381
rtrg
vk.com/
49 B
445 B
Image
General
Full URL
https://vk.com/rtrg?p=VK-RTRG-491315-al132&metatag_url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&metatag_title=macdonaldsaun%20-%20Profile
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv194-139-240-87.vk.com
Software
kittenx / KPHP/7.4.107230
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
content-encoding
gzip
x-frontend
front609306
server
kittenx
x-powered-by
KPHP/7.4.107230
strict-transport-security
max-age=15768000
content-type
image/gif
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
65
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.R3-sBb_mELdJAWvHC1-Qky0PhQdAAJ4dPvzTwcN_Top7vyqWt2DKmcC8RfPVwu3u.ocQB04_JfWyeRkjZEKVD8ZwsGRI%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C
75 B
75 B
Image
General
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C
date
Sat, 22 May 2021 18:54:42 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/
43 B
112 B
Image
General
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:41 GMT
last-modified
Thu, 20 May 2021 19:10:33 GMT
etag
"609e8948-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sat, 22 May 2021 19:54:41 GMT
91bpIBVFK4o
www.youtube.com/embed/ Frame 6FD6
53 KB
23 KB
Document
General
Full URL
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0e36aa6dcd342f3952954e4d118820d8078dae535dd9f11c2b4dd5e450790d99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads=

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 22 May 2021 18:54:41 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=w55ARzl_IgY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=3NF2wg07qwc; Domain=.youtube.com; Expires=Thu, 18-Nov-2021 18:54:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+416; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
userip
ssp.rambler.ru/
13 B
140 B
XHR
General
Full URL
https://ssp.rambler.ru/userip
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.148.28 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
ssp.rambler.ru
Software
nginx /
Resource Hash
7a14870b8287a86543ff2b166dc2ad73dbc242f856d5c607bffbdbaf26ec7f63

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 22 May 2021 18:54:42 GMT
x-passed
2bal2
server
nginx
content-length
13
content-type
application/octet-stream, text/plain
getid
ads.adfox.ru/
38 B
454 B
Script
General
Full URL
https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=3794943910
Requested by
Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
5a3cd490f70712d498a531912dd50c23d96d1d9a6f4add7d477353cd965a8c19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
Mon, 04 Dec 1999 21:29:02 GMT
/
l-stat.livejournal.net/js/ Frame 4E6D
989 B
1 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102

Request headers

Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:42 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVlAobAy0AACJKKgAAAAAH
X-VWS-Id
kr-varn05.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
555
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/pGHPfOe9n47pvvnTlcVGnA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
100961997 138360910
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392380
X-AWS-Id
kr-ws15
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392380
/
l-stat.livejournal.net/js/ Frame E907
989 B
1 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102

Request headers

Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:42 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVlAobAy0AACJKKgAAAAAH
X-VWS-Id
kr-varn05.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
555
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/pGHPfOe9n47pvvnTlcVGnA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
100961997 138360910
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392380
X-AWS-Id
kr-ws15
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392380
/
l-stat.livejournal.net/js/ Frame 2B96
989 B
1 KB
Script
General
Full URL
https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-243-126.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102

Request headers

Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 22 May 2021 18:54:42 GMT
Content-Encoding
gzip
X-LJ-Flow-ID
YKYVlAobAy0AACJKKgAAAAAH
X-VWS-Id
kr-varn05.lj.rambler.tech
X-Gateway
front04.lj.rambler.tech
Connection
keep-alive
Content-Length
555
Referrer-Policy
no-referrer-when-downgrade
Last-Modified
Thu, 20 May 2021 07:53:48 GMT
Server
nginx
ETag
GgZzW/pGHPfOe9n47pvvnTlcVGnA
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
X-Varnish
100961997 138360910
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=392380
X-AWS-Id
kr-ws15
Accept-Ranges
bytes
Content-Type
application/x-javascript
X-remaining-TTL
392380
www-player-webp.css
www.youtube.com/s/player/c39bcc11/ Frame 6FD6
359 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127411
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46248
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:11 GMT
www-embed-player.js
www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 6FD6
191 KB
63 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64589
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
base.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6
2 MB
465 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127137
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476025
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 6FD6
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6FD6
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 May 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
335322
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 18 May 2022 21:46:00 GMT
/
kraken.rambler.ru/cnt/
43 B
558 B
Image
General
Full URL
https://kraken.rambler.ru/cnt/?et=pv&pid=1111412&rid=1621709682.015-1437881313&tid=t1.1111412.1311166539.1621709682016&v=1.18.4&exp=exp_fip%2Csplit_z%2Cexp_ping%2Csplit_z%2Cexp_bot%2Csplit_b%2Cexp_ab%2Csplit_a&rn=1595295326&bs=1600x1200&ce=1&rf&en=UTF-8&pt=macdonaldsaun%20-%20Profile&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&cv=uid&url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&eid=3129968202086520&fid=pA8AAN9Js1cw9pWKAcd2DQA%3D
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.19.4
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif, image/gif
access-control-allow-headers
content-type
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
embed
www.google.com/maps/ Frame F84C
Redirect Chain
  • https://maps.google.com/maps?q=justcbd&t=&z=15&ie=UTF8&iwloc=&output=embed
  • https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
4 KB
2 KB
Document
General
Full URL
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
cd70882cff738ccecb4ddb44c40f72e1d7028955d61f08e163aaccb9ce2f345f
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-F0nciFesi9K8SOLCgft3bA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads=

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 22 May 2021 18:54:42 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-F0nciFesi9K8SOLCgft3bA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
1663
x-xss-protection
0
server-timing
gfet4t7; dur=330
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date
Sat, 22 May 2021 18:54:42 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
content-type
text/html; charset=UTF-8
server
mafe
content-length
272
x-xss-protection
0
x-frame-options
SAMEORIGIN
server-timing
gfet4t7; dur=1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jsQ2sGQmhrk
www.youtube.com/embed/ Frame 6678
53 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f7bcf11935bcbfe6ccfc2aeaf6b1267fa72e2c82426dd33857a955f430abebdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=w55ARzl_IgY; VISITOR_INFO1_LIVE=3NF2wg07qwc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads=

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 22 May 2021 18:54:42 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+822; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
o0tT5qBY5kg
www.youtube.com/embed/ Frame 4D57
52 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Requested by
Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
80cad2917e95578e027785c758c0c8d12a25327b0a15f596d63f1c942809b831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
YSC=w55ARzl_IgY; VISITOR_INFO1_LIVE=3NF2wg07qwc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads=

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 22 May 2021 18:54:42 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
CONSENT=PENDING+015; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
id
googleads.g.doubleclick.net/pagead/ Frame 6FD6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
161 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50ca30d3f1d3fb12d2ef7d8cf36ed70890a6ea56759018850c4ee403d7ef1f64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6FD6
29 B
91 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:48:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
362
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 22 May 2021 19:03:40 GMT
remote.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6
98 KB
30 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127136
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30855
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:46 GMT
HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
www.google.com/js/th/ Frame 6FD6
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 11:01:56 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
28366
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Sun, 22 May 2022 11:01:56 GMT
embed.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
126882
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7449
x-xss-protection
0
expires
Sat, 21 May 2022 07:40:00 GMT
1
mc.yandex.com/watch/27737346/
Redirect Chain
  • https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no...
  • https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22...
219 B
300 B
XHR
General
Full URL
https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
42e4dd1823ee9181985a243355341ffdfdea214033a874a5e1388ad0ad414af1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
last-modified
Sat, 22-May-2021 18:54:42 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
219
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 18:54:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
last-modified
Sat, 22-May-2021 18:54:42 GMT
location
/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile
strict-transport-security
max-age=31536000
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 18:54:42 GMT
www-player-webp.css
www.youtube.com/s/player/c39bcc11/ Frame 4D57
359 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127411
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46248
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:11 GMT
www-embed-player.js
www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 4D57
191 KB
63 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64589
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
base.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57
2 MB
465 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127137
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476025
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 4D57
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4D57
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
43238
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 22 May 2022 06:54:04 GMT
www-player-webp.css
www.youtube.com/s/player/c39bcc11/ Frame 6678
359 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:11 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127411
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46248
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:11 GMT
www-embed-player.js
www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 6678
191 KB
63 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64589
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
base.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678
2 MB
465 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127137
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
476025
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:45 GMT
fetch-polyfill.js
www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 6678
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:31:03 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127419
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 21 May 2022 07:31:03 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6678
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 06:54:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
43238
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Sun, 22 May 2022 06:54:04 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6FD6
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:42 GMT
26570:24958
an.yandex.ru/mapuid/adfox/
Redirect Chain
  • https://an.yandex.ru/mapuid/adfox/26570%3A24958?jsredir=1
  • https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1
43 B
108 B
Image
General
Full URL
https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
last-modified
Sat, 22 May 2021 18:54:42 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security
max-age=31536000
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 22 May 2021 18:54:42 GMT

Redirect headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
last-modified
Sat, 22 May 2021 18:54:42 GMT
strict-transport-security
max-age=31536000
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sat, 22 May 2021 18:54:42 GMT
sync2.204
profile.ssp.rambler.ru/
0
169 B
Image
General
Full URL
https://profile.ssp.rambler.ru/sync2.204?anket_id=26570%3A24958&pid=85&ruid=pA8AAN9Js1ewhlHBAQzTvQA%3D
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=0
x-passed
1bal1
server
nginx
date
Sat, 22 May 2021 18:54:42 GMT
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
generate_204
www.youtube.com/ Frame 6FD6
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?S5e5bA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=2982212878480459&ev=Microdata&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&rl=&if=false&ts=1621709682336&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22meta%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fl-stat.livejournal.net%2Fimg%2Fog_image.jpg%22%2C%22og%3Atitle%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Aapp%3Aid%3Aipad%22%3A%22383091547%22%2C%22twitter%3Aapp%3Aid%3Aiphone%22%3A%22383091547%22%2C%22twitter%3Aapp%3Aname%3Aipad%22%3A%22LiveJournal%22%2C%22twitter%3Aapp%3Aname%3Aiphone%22%3A%22LiveJournal%22%2C%22twitter%3Aapp%3Aurl%3Aipad%22%3A%22ljs%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Aapp%3Aurl%3Aiphone%22%3A%22ljs%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%2C%22twitter%3Aimage%3Asrc%22%3A%22https%3A%2F%2Fl-stat.livejournal.net%2Fimg%2Fog_image.jpg%22%2C%22twitter%3Asite%22%3A%22%40livejournal%22%2C%22twitter%3Atitle%22%3A%22macdonaldsaun%20-%20Profile%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1621709681828.1132560193&it=1621709681745&coo=false&es=automatic&tm=3&exp=l0&rqm=GET
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Sat, 22 May 2021 18:54:42 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 4D57
113 B
159 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b7c0683f402e69698f10725e06615c86784807cc3f2f39c2f258f648bb3e2c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4D57
29 B
52 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:48:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
362
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 22 May 2021 19:03:40 GMT
remote.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57
98 KB
30 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127136
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30855
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:46 GMT
HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
www.google.com/js/th/ Frame 4D57
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 05:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
47336
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Sun, 22 May 2022 05:45:46 GMT
embed.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
126882
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7449
x-xss-protection
0
expires
Sat, 21 May 2022 07:40:00 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 6678
113 B
159 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e20cbbccaccf390f7808c969ee0696882f6c10efe0cd41bbdcf7bf23463dda68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 6678
29 B
52 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:48:40 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
362
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Sat, 22 May 2021 19:03:40 GMT
1
mc.yandex.com/watch/27737346/
43 B
73 B
XHR
General
Full URL
https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205442%3Aet%3A1621709682%3Ac%3A1%3Arn%3A996420582%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621709680497%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
last-modified
Sat, 22-May-2021 18:54:42 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Sat, 22-May-2021 18:54:42 GMT
remote.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678
98 KB
30 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:35:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
127136
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30855
x-xss-protection
0
expires
Sat, 21 May 2022 07:35:46 GMT
HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
www.google.com/js/th/ Frame 6678
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 05:45:46 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 03 May 2021 11:00:00 GMT
server
sffe
age
47336
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13280
x-xss-protection
0
expires
Sun, 22 May 2022 05:45:46 GMT
embed.js
www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 07:40:00 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Fri, 21 May 2021 06:42:50 GMT
server
sffe
age
126882
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7449
x-xss-protection
0
expires
Sat, 21 May 2022 07:40:00 GMT
js
maps.googleapis.com/maps/api/ Frame F84C
135 KB
44 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
62228c548829235c7a020473ffb4b1e359e48d6f4d8023306fd633dcee057763
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:52:12 GMT
content-encoding
gzip
server
mafe
age
150
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=19
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45164
x-xss-protection
0
expires
Sat, 22 May 2021 19:22:12 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4D57
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:42 GMT
generate_204
www.youtube.com/ Frame 4D57
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?zJcXBg
Requested by
Host: macdonaldsaun.livejournal.com
URL: https://macdonaldsaun.livejournal.com/profile
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 6678
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:42 GMT
generate_204
www.youtube.com/ Frame 6678
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?RuiC6Q
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
promodisplay
fundingchoicesmessages.google.com/f/AGSKWxXT4WT69tKlOPlmw3GoEYGYPpzBZoYnGchzGc5Kkc6qHq4FEqCalw4kHQaktGCsZ6N2hEoC_o8pN5pLnl4Nbrd6Nt2BgcFkBHGknITnXg8eLq3OF7-L-J847WX1Vycsb-6nv_3fyGxFQVeXnMi7LGNAguHGz...
54 B
107 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXT4WT69tKlOPlmw3GoEYGYPpzBZoYnGchzGc5Kkc6qHq4FEqCalw4kHQaktGCsZ6N2hEoC_o8pN5pLnl4Nbrd6Nt2BgcFkBHGknITnXg8eLq3OF7-L-J847WX1Vycsb-6nv_3fyGxFQVeXnMi7LGNAguHGzLFyWXzCQ72Eq-Eiz3zfYbFZ_8pEXS9E_8vAWudgCWVvcq6httFObZWDk7-uNOpUCd4a-8RT9DB8ACMK0uU=/_/adbeacon..com/promodisplay?/adv.css?_middle_ads./satnetgoogleads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89a8a80ea5aede9146516fbca8cbe40a7e2c8d69c9da6c1c22e4193f500b1919
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 18:35:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5863
x-xss-protection
0
server
cafe
etag
12453517290502062038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 22 May 2021 19:35:42 GMT
AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
fundingchoicesmessages.google.com/l/
0
27 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/44/14/ Frame F84C
233 KB
233 KB
Script
General
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/44/14/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad37130fd6db9507347d0417694ace6210fd9f671b1821a0b4d9bdf1192f513
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 May 2021 17:18:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:11:34 GMT
server
sffe
age
264943
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238786
x-xss-protection
0
expires
Thu, 19 May 2022 17:18:59 GMT
AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWI2xtSr7rdyyy9TrxFVrVlUnn7IsVGZBSQ3zuHU208ZcGTnru5-FPJSijKF6MBxsP0b-3uZDHLG-zpq_UTgQ3j7k--xcEH4oNKGTjYLTqtGPQDa5pyFo2xI9oD1AM4uK6ha5E2FK74o6ikXzsN_jEXETWh46g7Tl9giL9lxWypjwKSJz1rfiujUIdB
fundingchoicesmessages.google.com/f/
64 KB
24 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWI2xtSr7rdyyy9TrxFVrVlUnn7IsVGZBSQ3zuHU208ZcGTnru5-FPJSijKF6MBxsP0b-3uZDHLG-zpq_UTgQ3j7k--xcEH4oNKGTjYLTqtGPQDa5pyFo2xI9oD1AM4uK6ha5E2FK74o6ikXzsN_jEXETWh46g7Tl9giL9lxWypjwKSJz1rfiujUIdB?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIxNzA5NjgyLDY3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL21hY2RvbmFsZHNhdW4ubGl2ZWpvdXJuYWwuY29tL3Byb2ZpbGUiXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b58eb5b421637bedc23fa24eaf43a7725b65422b581fafb5382e0de3e29ecc3c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.kHEF0wS8ZCI.es5.O/d=1/rs=AJlcJMz0KY7LVk5uqX6w30w7oaK06FImdQ/m=cookie_refresh
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1
fundingchoicesmessages.google.com/l/
0
26 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/l/AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.kHEF0wS8ZCI.es5.O/d=1/rs=AJlcJMz0KY7LVk5uqX6w30w7oaK06FImdQ/m=cookie_refresh
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://macdonaldsaun.livejournal.com/profile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 22 May 2021 18:54:42 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://macdonaldsaun.livejournal.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6FD6
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque
X-YouTube-Client-Version
1.20210519.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgszTkYyd2cwN3F3YyjxpqWFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621709682051&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoSlQoFRrawtNOzQLWMNRL9moua0YbUVlBxaps1E24mGheCHF4--P3o6LmC6lXklGiUCfYUyfKdHHADMg9N4zmLuBOjvg

Response headers

date
Sat, 22 May 2021 18:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:44 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 4D57
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque
X-YouTube-Client-Version
1.20210519.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgszTkYyd2cwN3F3YyjypqWFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621709682388&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPNf9Cq-Z6LYAMoe86PL835PA2UHwmbgD0IsHnc2vtMXNJkZoRLh6j0awUJaK7gG2-7o0dI9Noeow-xE5St5S7HtozaA

Response headers

date
Sat, 22 May 2021 18:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:44 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 6678
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque
X-YouTube-Client-Version
1.20210519.1.1
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgszTkYyd2cwN3F3YyjypqWFBg%3D%3D
X-YouTube-Ad-Signals
dt=1621709682435&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqsHfYWVyhc4M9kRiM739TL-lYZheGqAR1rBWmiybAouUYoIaEqxAzwttQwaJNK2A7t10Le22_8D7TMfZDiNfT9td1dWg

Response headers

date
Sat, 22 May 2021 18:54:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 22 May 2021 18:54:44 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame F84C
85 KB
31 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 May 2021 04:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
53631
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31670
x-xss-protection
0
expires
Sun, 22 May 2022 04:00:56 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame F84C
280 KB
86 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 May 2021 17:06:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 18:12:04 GMT
server
sffe
age
92880
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87588
x-xss-protection
0
expires
Sat, 21 May 2022 17:06:47 GMT
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame F84C
62 B
83 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m3!2m1!1sjustcbd!6i15&2sgoogle-maps-embed&callback=_xdc_._nuds9r&client=google-maps-embed&token=80482
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
0f05976c182e4857eaacefa96a67f6040328dc98bbf01eaea3a0384a8c6aef42
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 22 May 2021 18:54:47 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| begun_new_callbacks boolean| capirsIsReady function| capirsOnReady object| Site function| _typeof function| _defaults function| _slicedToArray function| _toConsumableArray function| _extends function| finite function| finiteInt function| EventMethods object| indirectObjects function| xhr object| LiveJournal function| ljTemplateRun function| getCurrentUrl function| fixIeRedirect function| ljHtml function| ljHtmlLive function| includeReplace function| ljMl function| ljSwitchOff function| ljDisabled function| focusAndSelect function| ljDebounce function| ljScroll function| ljScreenable function| ljSvgIcon function| ljFlatbutton function| ljCut function| ljSticky function| stickyWithStops function| ljEmbedResizer function| onRender function| ljInitial function| convertToNumber function| trustAsResourceUrl function| windowCheck function| ljNgOnload undefined| isRestrictedBrowser function| _toArray undefined| pageService function| addAlias function| createAliasPopup undefined| loadIPPU undefined| Aliases function| $ function| jQuery object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| addEvent function| removeEvent function| getClassList function| getRelList object| LJ function| Cookie function| fetchJsonp function| Class object| DOM object| HTTPReq object| Unique function| Hourglass object| jQuery18303006205003580402 object| DonateButton object| angular boolean| specialCountryUser function| _textSpan function| _textDiv function| _textElements function| changeOpac function| onRecaptchaLoad function| moment function| LJWidget function| IPPU function| LJ_IPPU function| LJWidgetIPPU string| GoogleAnalyticsObject function| ga function| __d3lUW8vwsKlB__ object| dataLayer object| _comscore object| _top100q object| img number| seed object| yandex_metrika_params function| fbq function| _fbq string| LJ_RCM_ID function| rcm function| ym object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| udm_ object| ns_p object| COMSCORE object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| NWFkMzIwYmMzY2I0OGVkZWxvYWRlcl9qcw== string| NWFkMzIwYmMzY2I0OGVkZWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| googletag object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ object| webpackChunkRamblerPlayer object| primeStorage function| RamblerPlayer function| obj2qs object| fastXDM object| VK object| Ya object| yaCounter27737346 object| SSPjs object| webpackChunkSSPjs boolean| eventListenerAdded object| HistoryEvents object| globalStorage object| _montblanc object| __montblanc object| Debug string| af_lpdId object| Adf object| Begun function| af_setLpdId object| webpackJsonp function| userID object| goog function| Kraken function| top100 string| result object| closure_lm_283601 object| top100Counter object| _top100 object| google_js_reporting_queue number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 1458f402-c724-422d-87c6-c27fba4cd448 object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__

17 Cookies

Domain/Path Name / Value
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 3NF2wg07qwc
.youtube.com/ Name: YSC
Value: w55ARzl_IgY
.livejournal.com/ Name: sspjs_12.1.0_af_lpdid
Value: %7B%22DATE%22%3A1621709682250%2C%22ID%22%3A%2226570%3A24958%22%7D
.macdonaldsaun.livejournal.com/ Name: last_visit
Value: 1621702482018::1621709682018
.livejournal.com/ Name: _ym_isad
Value: 2
.livejournal.com/ Name: FCCDCF
Value: [["AKsRol9mtQYnbBIKhttwFoKfLMiMmF7DahEJjEh6eIOlfDxJdyDLI49ukjJ-xLjW-2oYArwkxTGaqOewFJ3qFGjk56xSNtbyywysbZR_CWFIkK4zX-XQWvIBvAlf5YTyBB0eLZ7UtRZYtLzLquMkkR5ezmrx9B039Q=="],null,["[[],[],[],[],null,null,true]",1621709682720]]
.livejournal.com/ Name: _ym_uid
Value: 1621709682315703625
.livejournal.com/ Name: user-id_1.0.5_lr_lruid
Value: pQ8AAHJTqWBe06FQAUA70wA%3D
.livejournal.com/ Name: _gid
Value: GA1.2.1729629445.1621709682
.livejournal.com/ Name: _ym_d
Value: 1621709682
.livejournal.com/ Name: _fbp
Value: fb.1.1621709681828.1132560193
.livejournal.com/ Name: _gat
Value: 1
macdonaldsaun.livejournal.com/ Name: lj_sale_adblock
Value: true
.livejournal.com/ Name: ljprof
Value: f6ce4870814e4287a60a9536e418f19b93237dff6f82543aa
.livejournal.com/ Name: top100_id
Value: t1.1111412.1311166539.1621709682016
.livejournal.com/ Name: _ga
Value: GA1.2.1077689276.1621709682
.livejournal.com/ Name: ljuniq
Value: dPe8lUrJyrYjl6e%3A1621709681%3Apgstats0

7 Console Messages

Source Level URL
Text
console-api log URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228(Line 126)
Message:
Text variable [dialogs.yes] hasn't been defined.
console-api log URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228(Line 126)
Message:
Text variable [dialogs.yes] hasn't been defined.
console-api log URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228(Line 126)
Message:
Text variable [dialogs.no] hasn't been defined.
console-api log URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228(Line 126)
Message:
Text variable [dialogs.yes] hasn't been defined.
console-api log URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228(Line 126)
Message:
Text variable [dialogs.no] hasn't been defined.
console-api error URL: https://ssp.rambler.ru/capirs_async.js(Line 1)
Message:
Script error.
console-api warning URL: https://ssp.rambler.ru/capirs_async.js(Line 1)
Message:
Montblanc no longer supported. Please stop using it.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adfox.ru
an.yandex.ru
awaps.yandex.ru
connect.facebook.net
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
kraken.rambler.ru
l-stat.livejournal.net
l.lj-toys.com
macdonaldsaun.livejournal.com
maps.google.com
maps.googleapis.com
maps.gstatic.com
mc.yandex.com
mc.yandex.ru
pagead2.googlesyndication.com
profile.ssp.rambler.ru
rcmjs.rambler.ru
sb.scorecardresearch.com
ssp.rambler.ru
st.top100.ru
static.doubleclick.net
stats.g.doubleclick.net
vk.com
vp.rambler.ru
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.livejournal.com
www.tns-counter.ru
www.youtube.com
xc3.services.livejournal.com
104.111.243.126
2001:6d0:4001::226
2a00:1450:4001:802::2003
2a00:1450:4001:802::2004
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2006
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c07::9a
2a02:6b8::131
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f067:e:face:b00c:0:3
2a03:2880:f164:81:face:b00c:0:25de
54.192.219.96
77.88.21.179
81.19.74.3
81.19.87.48
81.19.89.18
87.240.139.194
91.192.148.28
91.192.149.14
91.192.149.54
0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25
0e36aa6dcd342f3952954e4d118820d8078dae535dd9f11c2b4dd5e450790d99
0f05976c182e4857eaacefa96a67f6040328dc98bbf01eaea3a0384a8c6aef42
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f7eaf4aa31bcd12c23ca16989c7f086e9595c0de7bee5d493b2c977e5565ed
1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25
18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2
1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54
1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a
25fe45f80deb3a5943695bb19674ddaf60340575dd353fd3b2d227fb62a7e42b
276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3ad37130fd6db9507347d0417694ace6210fd9f671b1821a0b4d9bdf1192f513
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
42e4dd1823ee9181985a243355341ffdfdea214033a874a5e1388ad0ad414af1
4cb502e547cbd4062f74083f8e6b5453c4a76081461852621c77ac0294fde73f
4cdb34a64a48f2dfd51a1528e5e65d4fd5a81ee24893b1e7345a1549f654d3fe
4e2e57ea5c5faef9e06d4b45f63513e65b4d0556791efb171a003dd7d9605404
50ca30d3f1d3fb12d2ef7d8cf36ed70890a6ea56759018850c4ee403d7ef1f64
535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a3cd490f70712d498a531912dd50c23d96d1d9a6f4add7d477353cd965a8c19
600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4
62228c548829235c7a020473ffb4b1e359e48d6f4d8023306fd633dcee057763
62fbaea84dcc3b88460d11f802044b9ccd4ea6745ff2a6045a5c2625b8051a87
6788d28d82753329ae9cd76288aecb091a3003972ba3f9fda4e4607a29858382
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
7a14870b8287a86543ff2b166dc2ad73dbc242f856d5c607bffbdbaf26ec7f63
7f9d52b861eab9f5d5f282f73b554bd9178240412780f70d1fa8b7267cd9f2db
80cad2917e95578e027785c758c0c8d12a25327b0a15f596d63f1c942809b831
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
89a8a80ea5aede9146516fbca8cbe40a7e2c8d69c9da6c1c22e4193f500b1919
8b0e63fd5f41068b454453da55ee8233a9c3dc4281d351f47464f0f0738f3ac1
8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b
90683954a3954c583e69e7fd707cf55f71909155b201955fd1f6dcc513b189e5
95ceab3528e04e1743d4581535fc2f172ba85b3736027bce4130a99e24e45758
962b67dd06123e2e28190afb92d47208931bb8eb6d84eb2baf88ce870ee55a25
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca
9b7c0683f402e69698f10725e06615c86784807cc3f2f39c2f258f648bb3e2c7
9ba7ed10776e92552323eded6b1fa377bf2bea34f7f5fd78149a81389f2055e6
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a6de5f8d8a0200fc63e8c2b2313687bede1bd92e9d69723b8b7d7673a2f6dbd4
a7ce50b9de5ee8fc36a27e6ee14af8c5ec191af48e65630a66c9b11be58d38b0
af31ee95c772a485af6d9fce332b08e6aa001e316915f41ec52bf16b66f77b94
b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102
b58eb5b421637bedc23fa24eaf43a7725b65422b581fafb5382e0de3e29ecc3c
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead
c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9
cd70882cff738ccecb4ddb44c40f72e1d7028955d61f08e163aaccb9ce2f345f
cd815a49f353e20aa1e6d1825a14fed8609d40ce7f3ec8e0bc6bf64c13e8c44b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d353689d93ffa16b8c37e20c72b139c8ececee3be4e7631aa41cb10652712252
d51527938bdd6fe36db31c4f7abf4c4986f0ccbc8fa535f91b57f4f80e8a70d9
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d81eee672f3f9991d733a1b6e3719b01b2325a4faefbd9142b8f1abb40873375
dd92d03f3db0d2a33e1ce31df414c96a93566bb9a1b52459f83cedf929c7e4b1
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e20cbbccaccf390f7808c969ee0696882f6c10efe0cd41bbdcf7bf23463dda68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0
f5f9c9a292f0f04747ae1c38451e86d20cfb7be0378e1aae59c8c225195cbcf7
f7bcf11935bcbfe6ccfc2aeaf6b1267fa72e2c82426dd33857a955f430abebdd
f8ade158d7787ab081f0bb441099ba27fcce48e907414ce491648658b641adcd
fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3