macdonaldsaun.livejournal.com Open in urlscan Pro
81.19.74.3  Public Scan

51 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

• https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039 HTTP 302
• https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039

Request Chain 36

• https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9= HTTP 302
• https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=

Request Chain 44

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.R3-sBb_mELdJAWvHC1-Qky0PhQdAAJ4dPvzTwcN_Top7vyqWt2DKmcC8RfPVwu3u.ocQB04_JfWyeRkjZEKVD8ZwsGRI%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C

Request Chain 58

• https://maps.google.com/maps?q=justcbd&t=&z=15&ie=UTF8&iwloc=&output=embed HTTP 301
• https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15

Request Chain 61

• https://googleads.g.doubleclick.net/pagead/id HTTP 302
• https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 66

• https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile HTTP 302
• https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile

Request Chain 78

• https://an.yandex.ru/mapuid/adfox/26570%3A24958?jsredir=1 HTTP 302
• https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request profile Show response macdonaldsaun.livejournal.com/	335 KB 91 KB	751ms 572ms	Document text/html	81.19.74.3 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS livejournal.com Software nginx / Resource Hash cd815a49f353e20aa1e6d1825a14fed8609d40ce7f3ec8e0bc6bf64c13e8c44b Request headers Host macdonaldsaun.livejournal.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx Date Sat, 22 May 2021 18:54:41 GMT Content-Type text/html; charset=utf-8 Content-Length 92963 Connection keep-alive Keep-Alive timeout=50 Referrer-Policy no-referrer-when-downgrade X-AWS-Id kr-botws15 X-LJ-Flow-ID YKlTcAobA5YAAGnhWaoAAAAS Vary Accept-Encoding,ETag Cache-Control private, proxy-revalidate Content-MD5 lztQS3k/eaL9Ka1c+l5kMw Content-Encoding gzip X-Varnish 177573066 Age 0 X-VWS-Id kr-varn01.lj.rambler.tech ETag GgZzlztQS3k/eaL9Ka1c+l5kMw Accept-Ranges bytes
GET H2	200	capirs_async.js Show response ssp.rambler.ru/	550 KB 188 KB	214ms 68ms	Script application/x-javascript	91.192.148.28 BEGUN-AS
General Check archive.org Show headers Download Go to Full URL https://ssp.rambler.ru/capirs_async.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.192.148.28 , Russian Federation, ASN42481 (BEGUN-AS, RU), Reverse DNS ssp.rambler.ru Software nginx / Resource Hash 90683954a3954c583e69e7fd707cf55f71909155b201955fd1f6dcc513b189e5 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding gzip last-modified Tue, 18 May 2021 20:46:01 GMT server nginx etag W/"60a42789-89924" strict-transport-security max-age=0 p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" cache-control max-age=60 x-passed 2bal2 content-type application/x-javascript expires Sat, 22 May 2021 18:55:41 GMT
GET H/1.1	200 OK	/ l-stat.livejournal.net/	318 KB 59 KB	109ms 47ms	Stylesheet text/css	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash af31ee95c772a485af6d9fce332b08e6aa001e316915f41ec52bf16b66f77b94 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVmAobAy4AAGUtLpAAAAAK X-VWS-Id kr-varn03.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 59575 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/pB8TASTd22rjPjJ1SOQsag Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 13106964 81982455 Access-Control-Allow-Origin * Cache-Control public, max-age=392368 X-AWS-Id kr-ws16 Accept-Ranges bytes Content-Type text/css X-remaining-TTL 392368
GET H/1.1	200 OK	/ l-stat.livejournal.net/	82 KB 25 KB	109ms 48ms	Stylesheet text/css	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a6de5f8d8a0200fc63e8c2b2313687bede1bd92e9d69723b8b7d7673a2f6dbd4 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVuAobAz4AADrNPNkAAAAN X-VWS-Id kr-varn02.lj.rambler.tech X-Gateway front09.lj.rambler.tech Connection keep-alive Content-Length 24572 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/P+Hy4CTfD8OOm/XFZ9PIdA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 79719366 57394837 Access-Control-Allow-Origin * Cache-Control public, max-age=392966 X-AWS-Id kr-ws32 Accept-Ranges bytes Content-Type text/css X-remaining-TTL 392966
GET H/1.1	200 OK	/ l-stat.livejournal.net/	448 KB 338 KB	126ms 56ms	Stylesheet text/css	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/??svg/headerextra.css,proximanova-opentype.css?v=1621497228 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash f5f9c9a292f0f04747ae1c38451e86d20cfb7be0378e1aae59c8c225195cbcf7 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVnAobA0EAAAN8BjoAAAAA X-VWS-Id kr-varn07.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 345271 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/nObMd5AP7P+2kwifFltqXQ Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 105056967 103728982 Access-Control-Allow-Origin * Cache-Control public, max-age=392368 X-AWS-Id kr-ws35 Accept-Ranges bytes Content-Type text/css X-remaining-TTL 392368
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/	688 KB 231 KB	124ms 55ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 62fbaea84dcc3b88460d11f802044b9ccd4ea6745ff2a6045a5c2625b8051a87 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVmAobAyMAAFgRJToAAAAI X-VWS-Id kr-varn03.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 236144 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/GiXQuV7Da4K4Qd9TjVBHxA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 24634860 28672320 Access-Control-Allow-Origin * Cache-Control public, max-age=392362 X-AWS-Id kr-ws05 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392362
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/	227 KB 64 KB	122ms 53ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??profile/main.js,profile_new.js,scheme/schemius.js,widgets/angular/login.js,scheme/medius.js?v=1621497228 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 9ba7ed10776e92552323eded6b1fa377bf2bea34f7f5fd78149a81389f2055e6 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVogobAyYAAGUngYUAAAAb X-VWS-Id kr-varn07.lj.rambler.tech X-Gateway front09.lj.rambler.tech Connection keep-alive Content-Length 64470 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/agwJNJ2jBMHmOnK1ODgSTw Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 21491973 89531786 Access-Control-Allow-Origin * Cache-Control public, max-age=392966 X-AWS-Id kr-ws08 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392966
GET H2	200	sdk.js Show response vp.rambler.ru/player/	132 KB 40 KB	313ms 147ms	Script application/javascript	81.19.87.48 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://vp.rambler.ru/player/sdk.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 81.19.87.48 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS apl.rambler-co.ru Software nginx / Resource Hash dd92d03f3db0d2a33e1ce31df414c96a93566bb9a1b52459f83cedf929c7e4b1 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-bytes-rcv 0 date Sat, 22 May 2021 18:54:41 GMT content-encoding br x-upstream-addr 10.144.36.20:80 age 2256 p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" x-upstream-responsetime -2 x-varnish-hostname cb57bbd3bcf9b7a988d53aa4ba029c04 x-upstream-headertime 1 content-length 40274 x-amz-request-id 34e8bccb-1374-4fc1-9e8f-d85fbe589e58 x-upstream-connecttime 1 server nginx etag "b08579fed2db2b44f661a8cdd63e1dcf" vary Accept, Origin x-varnish 894269735 891107561 via 1.1 varnish (Varnish/6.1) cache-control max-age=300, public, max-age=300 x-bytes-snd 0 accept-ranges bytes content-type application/javascript x-time 0
GET H/1.1	200 OK	print-logo.png l-stat.livejournal.net/img/schemius/	2 KB 3 KB	36ms 34ms	Image image/png	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip ETag GgZzYGcFKOznFaw7EFLw6wHnuA X-VWS-Id kr-varn07.lj.rambler.tech X-Gateway front09.lj.rambler.tech Connection keep-alive Content-Length 2249 X-remaining-TTL 86388, 21625, 58320, 62841 Last-Modified Thu, 01 Jan 1970 13:42:41 GMT Server nginx X-LJ-Flow-ID YFyVLQobAyUAAHfOY38AAAAA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 84445690 77085969 Access-Control-Allow-Origin * Cache-Control public, max-age=62841 X-AWS-Id kr-ws07 Accept-Ranges bytes Content-Type image/png
GET H/1.1	200 OK	userinfo_v8.svg l-stat.livejournal.net/img/	1 KB 1 KB	36ms 34ms	Image image/svg+xml	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/userinfo_v8.svg?v=17080?v=481 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYU7wobAzEAAF-1YA4AAAAJ X-VWS-Id os-varn02.lj.rambler.tech X-Gateway front10.lj.rambler.tech Connection keep-alive Content-Length 523 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 01 Jan 1970 04:44:40 GMT Server nginx ETag GgZz3Lj/0Zs7IF/99OqziMt7VA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 200124091 197479088 Access-Control-Allow-Origin * Cache-Control public, max-age=29330 X-AWS-Id kr-ws19 Accept-Ranges bytes Content-Type image/svg+xml X-remaining-TTL 86400, 29330
GET H/1.1	200 OK	user.gif l-stat.livejournal.net/img/profile_icons/	1 KB 2 KB	36ms 34ms	Image image/gif	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/profile_icons/user.gif?v=14273 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 7f9d52b861eab9f5d5f282f73b554bd9178240412780f70d1fa8b7267cd9f2db Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip ETag GgZzTuG81pLe19AYYpe91+bP0Q X-VWS-Id kr-varn03.lj.rambler.tech X-Gateway front01.lj.rambler.tech Connection keep-alive Content-Length 1389 X-remaining-TTL 29185, 14009, 86400, 63579 Last-Modified Thu, 01 Jan 1970 03:57:53 GMT Server nginx X-LJ-Flow-ID YFybXgobAzQAABF46TUAAAAF Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 9873271 3213148 Access-Control-Allow-Origin * Cache-Control public, max-age=63579 X-AWS-Id kr-ws22 Accept-Ranges bytes Content-Type image/gif
GET H/1.1	200 OK	/ xc3.services.livejournal.com/ljcounter/	35 B 704 B	256ms 80ms	Image image/gif	81.19.74.3 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xc3.services.livejournal.com/ljcounter/?d=srv:kr-botws15,r:0,j:88357888,p:88357888,uri:%22%2Fprofile%22,vig:0,extra: Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS livejournal.com Software nginx / Resource Hash 3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8 Security Headers Name Value Strict-Transport-Security max-age=31536000; Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Server nginx Strict-Transport-Security max-age=31536000; Access-Control-Allow-Methods GET, OPTIONS, POST, PUT, DELETE, HEAD Content-Type image/gif Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Access-Control-Allow-Headers accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent Content-Length 35 Keep-Alive timeout=50
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 5085 date Sat, 22 May 2021 17:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Sat, 22 May 2021 19:29:56 GMT
GET H2	200	AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Show response fundingchoicesmessages.google.com/f/	87 KB 33 KB	53ms 31ms	Script application/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d353689d93ffa16b8c37e20c72b139c8ececee3be4e7631aa41cb10652712252 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gObbuBhGylQYUw2KezuRwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gObbuBhGylQYUw2KezuRwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-gObbuBhGylQYUw2KezuRwg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gObbuBhGylQYUw2KezuRwg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	86 KB 32 KB	21ms 19ms	Script application/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 962b67dd06123e2e28190afb92d47208931bb8eb6d84eb2baf88ce870ee55a25 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 32966 x-xss-protection 0 last-modified Sat, 22 May 2021 18:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 22 May 2021 18:54:41 GMT
GET H2	200	beacon.js Show response sb.scorecardresearch.com/	1 KB 2 KB	100ms 32ms	Script application/javascript	54.192.219.96 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.219.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-219-96.mrs52.r.cloudfront.net Software AmazonS3 / Resource Hash a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:36:45 GMT via 1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront) etag "1827f116c73f319409b97f10b8a58ade" last-modified Fri, 26 Feb 2021 14:35:05 GMT server AmazonS3 age 1076 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop MRS52-P2 accept-ranges bytes content-length 1469 x-amz-cf-id ZSn3_tA_dxMC99YOMw51Xzsas7OjuqrCkvEVseg_8GP65mlxzyEgoA==
GET H/1.1	200 OK	/ Show response l.lj-toys.com/ Frame 4E6D	3 KB 1 KB	356ms 266ms	Document text/html	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 4e2e57ea5c5faef9e06d4b45f63513e65b4d0556791efb171a003dd7d9605404 Request headers Host l.lj-toys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://macdonaldsaun.livejournal.com/profile Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://macdonaldsaun.livejournal.com/profile Response headers Server nginx Content-Type text/html; charset=utf-8 Referrer-Policy no-referrer-when-downgrade X-AWS-Id kr-ws17 X-LJ-Flow-ID YKlTcQobAy8AAArdH-QAAAAP Content-Language X-Varnish 66666574 X-VWS-Id kr-varn04.lj.rambler.tech ETag GgZzW/"c8df3213249fe2bc3abbcb8267fd1a93" Accept-Ranges bytes X-Gateway front09.lj.rambler.tech Vary Accept-Encoding Content-Encoding gzip Cache-Control public, max-age=20000 Date Sat, 22 May 2021 18:54:41 GMT Content-Length 844 Connection keep-alive X-remaining-TTL 604800
GET H/1.1	200 OK	/ Show response l.lj-toys.com/ Frame F95E	3 KB 1 KB	311ms 223ms	Document text/html	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 95ceab3528e04e1743d4581535fc2f172ba85b3736027bce4130a99e24e45758 Request headers Host l.lj-toys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://macdonaldsaun.livejournal.com/profile Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://macdonaldsaun.livejournal.com/profile Response headers Server nginx Content-Type text/html; charset=utf-8 Referrer-Policy no-referrer-when-downgrade X-AWS-Id os-ws01 X-LJ-Flow-ID YKlTcQoaACAAAGeZ0BwAAAAK Content-Language X-Varnish 201122527 X-VWS-Id os-varn01.lj.rambler.tech ETag GgZzW/"8fd976e458102c17730fabe91d476d88" Accept-Ranges bytes X-Gateway front03.lj.rambler.tech Vary Accept-Encoding Content-Encoding gzip Cache-Control public, max-age=20000 Date Sat, 22 May 2021 18:54:41 GMT Content-Length 845 Connection keep-alive X-remaining-TTL 604800
GET H/1.1	200 OK	/ Show response l.lj-toys.com/ Frame E907	3 KB 1 KB	363ms 268ms	Document text/html	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8b0e63fd5f41068b454453da55ee8233a9c3dc4281d351f47464f0f0738f3ac1 Request headers Host l.lj-toys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://macdonaldsaun.livejournal.com/profile Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://macdonaldsaun.livejournal.com/profile Response headers Server nginx Content-Type text/html; charset=utf-8 Referrer-Policy no-referrer-when-downgrade X-AWS-Id kr-ws23 X-LJ-Flow-ID YKlTcQobAzUAADCrO1wAAAAJ Content-Language X-Varnish 258633535 X-VWS-Id os-varn02.lj.rambler.tech ETag GgZzW/"75d51aad2acc5b999cfcdfece6d913a6" Accept-Ranges bytes X-Gateway front09.lj.rambler.tech Vary Accept-Encoding Content-Encoding gzip Cache-Control public, max-age=20000 Date Sat, 22 May 2021 18:54:41 GMT Content-Length 810 Connection keep-alive X-remaining-TTL 604800
GET H/1.1	200 OK	/ Show response l.lj-toys.com/ Frame 2B96	3 KB 1 KB	383ms 288ms	Document text/html	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d51527938bdd6fe36db31c4f7abf4c4986f0ccbc8fa535f91b57f4f80e8a70d9 Request headers Host l.lj-toys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://macdonaldsaun.livejournal.com/profile Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://macdonaldsaun.livejournal.com/profile Response headers Server nginx Content-Type text/html; charset=utf-8 Referrer-Policy no-referrer-when-downgrade X-AWS-Id kr-ws09 X-LJ-Flow-ID YKlTcQobAycAADrJ7J4AAAAB Content-Language X-Varnish 147290545 X-VWS-Id kr-varn03.lj.rambler.tech ETag GgZzW/"bec92dd040df8611e4b3567a1084e5cf" Accept-Ranges bytes X-Gateway front09.lj.rambler.tech Vary Accept-Encoding Content-Encoding gzip Cache-Control public, max-age=20000 Date Sat, 22 May 2021 18:54:41 GMT Content-Length 844 Connection keep-alive X-remaining-TTL 604800
GET H/1.1	200 OK	logo.svg l-stat.livejournal.net/img/schemius/	3 KB 2 KB	30ms 29ms	Image image/svg+xml	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/schemius/logo.svg?v=51065 Requested by Host: l-stat.livejournal.net URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2 Request headers Referer https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip ETag GgZz3z079X2cVU4y1yrKm4XODA X-VWS-Id kr-varn02.lj.rambler.tech X-Gateway front09.lj.rambler.tech Connection keep-alive Content-Length 1362 X-remaining-TTL 25088, 83697, 74892, 79236 Last-Modified Thu, 01 Jan 1970 14:11:05 GMT Server nginx X-LJ-Flow-ID YFzC9gobA0QAAGEyDk0AAAAC Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 83433236 48133377 Access-Control-Allow-Origin * Cache-Control public, max-age=79236 X-AWS-Id kr-ws38 Accept-Ranges bytes Content-Type image/svg+xml
GET H/1.1	200 OK	s-icons.svg l-stat.livejournal.net/img/schemius/	15 KB 6 KB	30ms 30ms	Image image/svg+xml	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/schemius/s-icons.svg?v=40651 Requested by Host: l-stat.livejournal.net URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358 Request headers Referer https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header_v5-adaptive.css,schemius_v4/header-journal.css,schemius_v4/header-journal-adaptive.css,lj-basestrap.css,lj-basestrap-app.css,flatbutton.css,svg/flaticon.css,svg/headerextra.css,medius/scheme/components.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,notifications/list.css,schemius_v4/asap-news.css,schemius_v4/normalize.css,schemius_v4/layout.css,schemius_v4/print.css?v=1621497228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip ETag GgZzPs10q9OPQj9DZHt/ejloHw X-VWS-Id os-varn02.lj.rambler.tech X-Gateway front09.lj.rambler.tech Connection keep-alive Content-Length 5618 X-remaining-TTL 49843, 86400, 26918, 31791 Last-Modified Thu, 01 Jan 1970 11:17:31 GMT Server nginx X-LJ-Flow-ID YFzK5AobAz4AAGaaXyMAAAAF Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 113486597 97949145 Access-Control-Allow-Origin * Cache-Control public, max-age=31791 X-AWS-Id kr-ws32 Accept-Ranges bytes Content-Type image/svg+xml
GET H/1.1	200 OK	p-soc-icons.png l-stat.livejournal.net/img/social-icons/	4 KB 5 KB	49ms 36ms	Image image/png	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l-stat.livejournal.net/img/social-icons/p-soc-icons.png?v=42405 Requested by Host: l-stat.livejournal.net URL: https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash d81eee672f3f9991d733a1b6e3719b01b2325a4faefbd9142b8f1abb40873375 Request headers Referer https://l-stat.livejournal.net/??profile/profile-v3.css,ljuser/ljuser_light.css,menu_v2.css,popup/popupus.css,popup/popupus-blue.css,widgets/filter-settings.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1621497228 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip ETag GgZziKakaMXkLoUC7LoZxfokzQ X-VWS-Id kr-varn06.lj.rambler.tech X-Gateway front01.lj.rambler.tech Connection keep-alive Content-Length 4095 X-remaining-TTL 82612, 72053, 81681, 45354 Last-Modified Thu, 01 Jan 1970 11:46:45 GMT Server nginx X-LJ-Flow-ID YFzYRQoaACMAAC@Jh1gAAAAK Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 211634431 218152967 Access-Control-Allow-Origin * Cache-Control public, max-age=45354 X-AWS-Id os-ws04 Accept-Ranges bytes Content-Type image/png
GET DATA	200 OK	truncated /	46 KB 46 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead Request headers Origin https://macdonaldsaun.livejournal.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	46 KB 46 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d Request headers Origin https://macdonaldsaun.livejournal.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	46 KB 46 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3 Request headers Origin https://macdonaldsaun.livejournal.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET DATA	200 OK	truncated /	46 KB 46 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f8ade158d7787ab081f0bb441099ba27fcce48e907414ce491648658b641adcd Request headers Origin https://macdonaldsaun.livejournal.com Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type application/font-woff
GET H2	200	top100.js Show response st.top100.ru/top100/	133 KB 47 KB	313ms 144ms	Script application/javascript	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://st.top100.ru/top100/top100.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash 11f7eaf4aa31bcd12c23ca16989c7f086e9595c0de7bee5d493b2c977e5565ed Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding gzip last-modified Thu, 20 May 2021 13:12:11 GMT server nginx/1.19.4 etag W/"60a6602b-213c5" vary Accept-Encoding p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control max-age=3600 content-type application/javascript expires Sat, 22 May 2021 19:54:41 GMT
GET H2	200	416195039 www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/ Redirect Chain https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039 https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039	43 B 297 B	42ms 42ms	Image image/gif	2001:6d0:4001::226 TNSMSK-
General Check archive.org Show headers Download Go to Show image Full URL https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU), Reverse DNS Software tns-counter-3.1.0/1.18.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:41 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server tns-counter-3.1.0/1.18.0 content-type image/gif cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT Redirect headers pragma no-cache date Sat, 22 May 2021 18:54:41 GMT server tns-counter-3.1.0/1.18.0 strict-transport-security max-age=2678400 content-type image/gif location https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/416195039 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate timing-allow-origin * content-length 0 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H/1.1	200 OK	001001.gif awaps.yandex.ru/0/9999/	43 B 303 B	168ms 63ms	Image image/gif	2a02:6b8::131 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://awaps.yandex.ru/0/9999/001001.gif?0-0-63239-0-&timestamp=63239&awcode=6&subsection=0 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a02:6b8::131 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Cache-Control no-cache, no-store, must-revalidate, max-age=5 X-Content-Type-Options nosniff Accept-Ranges bytes Content-Type image/gif Content-Length 43 P3P CP="NOI DEVa TAIa OUR BUS UNI STA"
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	92 KB 24 KB	63ms 21ms	Script application/x-javascript	2a03:2880:f067:e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 24156 x-fb-rlafr 0 pragma public x-fb-debug z6WgiEeaEC0ZGGGhC1uQPr8XVHILHQLrTA2kDhqEwyQJdWTba3LVS12WENmZYlgYu/SqRfwjW8F+MXlxdX9PFw== x-fb-trip-id 1679558926 x-frame-options DENY date Sat, 22 May 2021 18:54:41 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	openapi.js Show response vk.com/js/api/	100 KB 22 KB	230ms 104ms	Script application/x-javascript	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?168 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / Resource Hash 25fe45f80deb3a5943695bb19674ddaf60340575dd353fd3b2d227fb62a7e42b Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding br x-frontend front609306 last-modified Wed, 21 Apr 2021 15:16:58 GMT server kittenx etag "608041ea-5800" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 content-length 22528 expires Wed, 26 May 2021 18:54:41 GMT
GET H2	200	recommender.js Show response rcmjs.rambler.ru/static/	34 KB 34 KB	345ms 140ms	Script application/javascript	91.192.149.54 BEGUN-AS
General Check archive.org Show headers Download Go to Full URL https://rcmjs.rambler.ru/static/recommender.js Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.192.149.54 , Russian Federation, ASN42481 (BEGUN-AS, RU), Reverse DNS Software nginx / Resource Hash a7ce50b9de5ee8fc36a27e6ee14af8c5ec191af48e65630a66c9b11be58d38b0 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT last-modified Fri, 21 May 2021 12:24:38 GMT server nginx etag "60a7a686-861b" strict-transport-security max-age=0 p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA" cache-control max-age=3600, must-revalidate x-passed 1bal2 accept-ranges bytes content-type application/javascript content-length 34331
GET H2	200	tag.js Show response mc.yandex.ru/metrika/	215 KB 68 KB	137ms 45ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/tag.js Requested by Host: l-stat.livejournal.net URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 1234d3283f11235deeaa9c66ea51b7f5177161ab47278594372972092b587f25 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding br last-modified Thu, 20 May 2021 19:10:33 GMT etag "609e8948-11068" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 69736 expires Sat, 22 May 2021 19:54:41 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 97 B	15ms 15ms	XHR text/plain	2a00:1450:400c:c07::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-24823174-1&cid=1077689276.1621709682&jid=1969031658&gjid=1371232410&_gid=1729629445.1621709682&_u=IGDAgEABAAAAAE~&z=1687809920 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sat, 22 May 2021 18:54:41 GMT content-type text/plain access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	collect www.google-analytics.com/	35 B 55 B	16ms 14ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j90&a=1768332188&t=pageview&_s=1&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&ul=en-us&de=UTF-8&dt=macdonaldsaun%20-%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEAB~&jid=1969031658&gjid=1371232410&cid=1077689276.1621709682&tid=UA-24823174-1&_gid=1729629445.1621709682&z=1179192492 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 10:24:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 30636 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	collect www.google-analytics.com/	35 B 55 B	16ms 14ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j90&a=1768332188&t=event&ni=1&_s=2&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&ul=en-us&de=UTF-8&dt=macdonaldsaun%20-%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=not_blocked&_u=IGDAgEABAAAAAE~&jid=&gjid=&cid=1077689276.1621709682&tid=UA-24823174-1&_gid=1729629445.1621709682&z=1442721388 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 10:24:05 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 30636 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	b2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/b?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9= https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9=	64 B 331 B	52ms 52ms	Image image/gif	54.192.219.96 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9= Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.219.96 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-219-96.mrs52.r.cloudfront.net Software / Resource Hash 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT via 1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront) x-amz-cf-pop MRS52-P2 etag W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg" x-cache Miss from cloudfront content-type image/gif; charset=utf-8 content-length 64 x-amz-cf-id W6X8dTHJruT43WsyOA5T6JBD5GFHdo66Kgz3b5y6u7fE0HzolZIzZw== Redirect headers date Sat, 22 May 2021 18:54:41 GMT via 1.1 3e74b0c89b562282a810c16f34372bd4.cloudfront.net (CloudFront) x-amz-cf-pop MRS52-P2 vary Accept x-cache Miss from cloudfront content-type text/plain; charset=utf-8 location https://sb.scorecardresearch.com/b2?c1=2&c2=10463284&ns__t=1621709681693&ns_c=UTF-8&cv=3.5&c8=macdonaldsaun%20-%20Profile&c7=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&c9= content-length 204 x-amz-cf-id cWvr9NobQ-0YnlsKd7GaBzinZQ6vyCk2NbIq6A0_SEGPk1R_9UGpeQ==
POST H3-29	204	AGSKWxXnhE20YHDDHdsFQqnC-0MJj4T7tiGkFA3kfEkOOWXLqFuqL_MTF__0L72OoyYQbQgqf0NLNY5vQhLRY7V_-zE= Show response fundingchoicesmessages.google.com/l/	0 26 B	32ms 19ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxXnhE20YHDDHdsFQqnC-0MJj4T7tiGkFA3kfEkOOWXLqFuqL_MTF__0L72OoyYQbQgqf0NLNY5vQhLRY7V_-zE=?pvid=F964F2A8-6F8F-41F5-9A72-DA63F4C109B6&anonid=271ACFD2-4873-4419-8EE6-0949B53871E5 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YOvuteTj_mM.es5.O/d=1/rs=AJlcJMwvaqzWrMYFxYTp28Mvvlm72jik6g/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:41 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-N7XLDqFvY1bO3yJT8yfYFQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	AGSKWxWdB_bVP2pcEFftq9burEz17PUIPZuqKNdO35jtnuecvZ8o8xLA1WYQWnETSzcMnSjnPc78eaXS9dSNvkM879s= Show response fundingchoicesmessages.google.com/f/	81 KB 30 KB	46ms 32ms	Script application/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWdB_bVP2pcEFftq9burEz17PUIPZuqKNdO35jtnuecvZ8o8xLA1WYQWnETSzcMnSjnPc78eaXS9dSNvkM879s=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIxNzA5NjgxLDcyODAwMDAwMF0sIkY5NjRGMkE4LTZGOEYtNDFGNS05QTcyLURBNjNGNEMxMDlCNiIsIjI3MUFDRkQyLTQ4NzMtNDQxOS04RUU2LTA5NDlCNTM4NzFFNSIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL21hY2RvbmFsZHNhdW4ubGl2ZWpvdXJuYWwuY29tL3Byb2ZpbGUiXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.YOvuteTj_mM.es5.O/d=1/rs=AJlcJMwvaqzWrMYFxYTp28Mvvlm72jik6g/m=loader_js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6788d28d82753329ae9cd76288aecb091a3003972ba3f9fda4e4607a29858382 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-4z8031zArYwJXY2/5MZdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4z8031zArYwJXY2/5MZdKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:41 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-4z8031zArYwJXY2/5MZdKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-4z8031zArYwJXY2/5MZdKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	2982212878480459 Show response connect.facebook.net/signals/config/	255 KB 73 KB	23ms 22ms	Script application/x-javascript	2a03:2880:f067:e:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/2982212878480459?v=2.9.40&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f067:e:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4cdb34a64a48f2dfd51a1528e5e65d4fd5a81ee24893b1e7345a1549f654d3fe Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 74812 x-fb-rlafr 0 pragma public x-fb-debug Ukz8ijRQvG+m9dq50Zu1oxSMFR4XIMpeGsEi1IDCycorWBZQnfaJ52tDLg1W73vIr+Fv3gjVyOJIAGOeZW2Qpw== x-frame-options DENY date Sat, 22 May 2021 18:54:41 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H/1.1	200 OK	/ Show response www.livejournal.com/__api/	50 B 617 B	269ms 96ms	XHR application/json	81.19.74.3 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Full URL https://www.livejournal.com/__api/ Requested by Host: l-stat.livejournal.net URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1621497228 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 81.19.74.3 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS livejournal.com Software nginx / Resource Hash 4cb502e547cbd4062f74083f8e6b5453c4a76081461852621c77ac0294fde73f Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers Date Sat, 22 May 2021 18:54:42 GMT Age 0 Connection keep-alive Content-Length 50 Access-Control-Allow-Headers Content-Type Referrer-Policy no-referrer-when-downgrade Server nginx X-LJ-Flow-ID YKlTcQobA0AAADErfK8AAAAD Access-Control-Allow-Methods POST X-Varnish 186865721 Access-Control-Allow-Origin https://macdonaldsaun.livejournal.com X-VWS-Id kr-varn05.lj.rambler.tech Access-Control-Allow-Credentials true X-AWS-Id kr-ws34 Accept-Ranges bytes Content-Type application/json; charset=utf-8 Keep-Alive timeout=50
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	63ms 21ms	Image image/gif	2a03:2880:f164:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2982212878480459&ev=PageView&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&rl=&if=false&ts=1621709681829&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1621709681828.1132560193&it=1621709681745&coo=false&exp=l0&rqm=GET Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Sat, 22 May 2021 18:54:41 GMT
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/ Frame F95E	989 B 1 KB	39ms 38ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228 Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102 Request headers Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:41 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVlAobAy0AACJKKgAAAAAH X-VWS-Id kr-varn05.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 555 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/pGHPfOe9n47pvvnTlcVGnA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 100961997 138360910 Access-Control-Allow-Origin * Cache-Control public, max-age=392381 X-AWS-Id kr-ws15 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392381
GET H2	200	rtrg vk.com/	49 B 445 B	69ms 69ms	Image image/gif	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?p=VK-RTRG-491315-al132&metatag_url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&metatag_title=macdonaldsaun%20-%20Profile Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / KPHP/7.4.107230 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT content-encoding gzip x-frontend front609306 server kittenx x-powered-by KPHP/7.4.107230 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store content-length 65
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9281.R3-sBb_mELdJAWvHC1-Qky0PhQdAAJ4dPvzTwcN_Top7vyqWt2DKmcC8RfPVwu3u.ocQB04_JfWyeRkjZEKVD8ZwsGRI%2C https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C	75 B 75 B	48ms 48ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9281.jco9KKft0EJuAR3SJrEbmywHYNl9GxMukHunkY4hyQTXIxFj2sH3obTM-7hz3JCqCtNI0kEwzq4WlWxTP_G4yw%2C%2C.DPmIkxMkMx-FVKebjvBRbBSjFBU%2C date Sat, 22 May 2021 18:54:42 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 112 B	45ms 44ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:41 GMT last-modified Thu, 20 May 2021 19:10:33 GMT etag "609e8948-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Sat, 22 May 2021 19:54:41 GMT
GET H2	200	91bpIBVFK4o Show response www.youtube.com/embed/ Frame 6FD6	53 KB 23 KB	63ms 62ms	Document text/html	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0e36aa6dcd342f3952954e4d118820d8078dae535dd9f11c2b4dd5e450790d99 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/91bpIBVFK4o?wmode=opaque&wmode=opaque pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%262%26%26%26youtube%2691bpIBVFK4o%3A2c480422604c51e67bede7f31f18e1257582aa98&source=youtube&vid=91bpIBVFK4o&moduleid=2&preview=&journalid=88357888&noads= Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 22 May 2021 18:54:41 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." content-encoding br server ESF x-xss-protection 0 set-cookie YSC=w55ARzl_IgY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=3NF2wg07qwc; Domain=.youtube.com; Expires=Thu, 18-Nov-2021 18:54:41 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+416; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	userip Show response ssp.rambler.ru/	13 B 140 B	206ms 68ms	XHR text/plain	91.192.148.28 BEGUN-AS
General Check archive.org Show headers Download Go to Full URL https://ssp.rambler.ru/userip Requested by Host: ssp.rambler.ru URL: https://ssp.rambler.ru/capirs_async.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.192.148.28 , Russian Federation, ASN42481 (BEGUN-AS, RU), Reverse DNS ssp.rambler.ru Software nginx / Resource Hash 7a14870b8287a86543ff2b166dc2ad73dbc242f856d5c607bffbdbaf26ec7f63 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers access-control-allow-origin * date Sat, 22 May 2021 18:54:42 GMT x-passed 2bal2 server nginx content-length 13 content-type application/octet-stream, text/plain
GET H2	200	getid Show response ads.adfox.ru/	38 B 454 B	249ms 89ms	Script application/x-javascript	77.88.21.179 YANDEX
General Check archive.org Show headers Download Go to Full URL https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=3794943910 Requested by Host: ssp.rambler.ru URL: https://ssp.rambler.ru/capirs_async.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 77.88.21.179 , Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 5a3cd490f70712d498a531912dd50c23d96d1d9a6f4add7d477353cd965a8c19 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff content-type application/x-javascript; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate, max-age=0 access-control-allow-credentials true timing-allow-origin * expires Mon, 04 Dec 1999 21:29:02 GMT
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/ Frame 4E6D	989 B 1 KB	36ms 36ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228 Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102 Request headers Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:42 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVlAobAy0AACJKKgAAAAAH X-VWS-Id kr-varn05.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 555 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/pGHPfOe9n47pvvnTlcVGnA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 100961997 138360910 Access-Control-Allow-Origin * Cache-Control public, max-age=392380 X-AWS-Id kr-ws15 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392380
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/ Frame E907	989 B 1 KB	29ms 29ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228 Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102 Request headers Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:42 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVlAobAy0AACJKKgAAAAAH X-VWS-Id kr-varn05.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 555 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/pGHPfOe9n47pvvnTlcVGnA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 100961997 138360910 Access-Control-Allow-Origin * Cache-Control public, max-age=392380 X-AWS-Id kr-ws15 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392380
GET H/1.1	200 OK	/ Show response l-stat.livejournal.net/js/ Frame 2B96	989 B 1 KB	31ms 30ms	Script application/x-javascript	104.111.243.126 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://l-stat.livejournal.net/js/??embed/wrap.js?v=1621497228 Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.243.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-243-126.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b4311fe8910f7cc88ad8d522a8fafd1dc985134263e8ebde771ae0011e538102 Request headers Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Sat, 22 May 2021 18:54:42 GMT Content-Encoding gzip X-LJ-Flow-ID YKYVlAobAy0AACJKKgAAAAAH X-VWS-Id kr-varn05.lj.rambler.tech X-Gateway front04.lj.rambler.tech Connection keep-alive Content-Length 555 Referrer-Policy no-referrer-when-downgrade Last-Modified Thu, 20 May 2021 07:53:48 GMT Server nginx ETag GgZzW/pGHPfOe9n47pvvnTlcVGnA Vary Accept-Encoding Access-Control-Allow-Methods GET X-Varnish 100961997 138360910 Access-Control-Allow-Origin * Cache-Control public, max-age=392380 X-AWS-Id kr-ws15 Accept-Ranges bytes Content-Type application/x-javascript X-remaining-TTL 392380
GET H3-29	200	www-player-webp.css www.youtube.com/s/player/c39bcc11/ Frame 6FD6	359 KB 45 KB	19ms 16ms	Stylesheet text/css	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:11 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127411 vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46248 x-xss-protection 0 expires Sat, 21 May 2022 07:31:11 GMT
GET H3-29	200	www-embed-player.js Show response www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 6FD6	191 KB 63 KB	27ms 25ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64589 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H3-29	200	base.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6	2 MB 465 KB	15ms 13ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:45 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127137 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 476025 x-xss-protection 0 expires Sat, 21 May 2022 07:35:45 GMT
GET H3-29	200	fetch-polyfill.js Show response www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 6FD6	8 KB 3 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2830 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 6FD6	15 KB 15 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.youtube.com Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 18 May 2021 21:46:00 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe age 335322 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 expires Wed, 18 May 2022 21:46:00 GMT
GET H2	200	/ kraken.rambler.ru/cnt/	43 B 558 B	249ms 83ms	Image image/gif	81.19.89.18 RAMBLER-TELECOM-AS
General Check archive.org Show headers Download Go to Show image Full URL https://kraken.rambler.ru/cnt/?et=pv&pid=1111412&rid=1621709682.015-1437881313&tid=t1.1111412.1311166539.1621709682016&v=1.18.4&exp=exp_fip%2Csplit_z%2Cexp_ping%2Csplit_z%2Cexp_bot%2Csplit_b%2Cexp_ab%2Csplit_a&rn=1595295326&bs=1600x1200&ce=1&rf&en=UTF-8&pt=macdonaldsaun%20-%20Profile&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&cv=uid&url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&eid=3129968202086520&fid=pA8AAN9Js1cw9pWKAcd2DQA%3D Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 81.19.89.18 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU), Reverse DNS kraken.rambler.ru Software nginx/1.19.4 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT last-modified Mon, 28 Sep 1970 06:00:00 GMT server nginx/1.19.4 access-control-allow-methods GET, POST, OPTIONS p3p CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV" cache-control no-cache access-control-allow-credentials true content-type image/gif, image/gif access-control-allow-headers content-type content-length 43 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	embed Show response www.google.com/maps/ Frame F84C Redirect Chain https://maps.google.com/maps?q=justcbd&t=&z=15&ie=UTF8&iwloc=&output=embed https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15	4 KB 2 KB	344ms 342ms	Document text/html	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15 Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash cd70882cff738ccecb4ddb44c40f72e1d7028955d61f08e163aaccb9ce2f345f Security Headers Name Value Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-F0nciFesi9K8SOLCgft3bA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1 X-Xss-Protection 0 Request headers :method GET :authority www.google.com :scheme https :path /maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%263%26%26%3Adcba50eaaa7e35d227ff8d31dc94b0213bb18082&moduleid=3&preview=&journalid=88357888&noads= Response headers content-type text/html; charset=UTF-8 date Sat, 22 May 2021 18:54:42 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate vary Accept-Language content-security-policy object-src 'none';base-uri 'self';script-src 'nonce-F0nciFesi9K8SOLCgft3bA==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1 content-encoding gzip server mafe content-length 1663 x-xss-protection 0 server-timing gfet4t7; dur=330 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Redirect headers date Sat, 22 May 2021 18:54:42 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate location https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15 content-type text/html; charset=UTF-8 server mafe content-length 272 x-xss-protection 0 x-frame-options SAMEORIGIN server-timing gfet4t7; dur=1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	jsQ2sGQmhrk Show response www.youtube.com/embed/ Frame 6678	53 KB 22 KB	66ms 63ms	Document text/html	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f7bcf11935bcbfe6ccfc2aeaf6b1267fa72e2c82426dd33857a955f430abebdd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= accept-encoding gzip, deflate, br accept-language en-US cookie YSC=w55ARzl_IgY; VISITOR_INFO1_LIVE=3NF2wg07qwc Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%264%26%26%26youtube%26jsQ2sGQmhrk%3Ad3611a10ccb985088e3d2bce257844fbf00d4d8e&source=youtube&vid=jsQ2sGQmhrk&moduleid=4&preview=&journalid=88357888&noads= Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 22 May 2021 18:54:42 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* content-encoding br server ESF x-xss-protection 0 set-cookie CONSENT=PENDING+822; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	o0tT5qBY5kg Show response www.youtube.com/embed/ Frame 4D57	52 KB 22 KB	49ms 48ms	Document text/html	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Requested by Host: l.lj-toys.com URL: https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 80cad2917e95578e027785c758c0c8d12a25327b0a15f596d63f1c942809b831 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.youtube.com :scheme https :path /embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= accept-encoding gzip, deflate, br accept-language en-US cookie YSC=w55ARzl_IgY; VISITOR_INFO1_LIVE=3NF2wg07qwc Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://l.lj-toys.com/?auth_token=sessionless%3A1621706400%3Aembedcontent%3A88357888%261%26%26%26youtube%26o0tT5qBY5kg%3A0a8420e8160c5567c6d3515a306bcc2a14e3210a&source=youtube&vid=o0tT5qBY5kg&moduleid=1&preview=&journalid=88357888&noads= Response headers content-type text/html; charset=utf-8 x-content-type-options nosniff cache-control no-cache, no-store, max-age=0, must-revalidate pragma no-cache expires Mon, 01 Jan 1990 00:00:00 GMT date Sat, 22 May 2021 18:54:42 GMT strict-transport-security max-age=31536000 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* content-encoding br server ESF x-xss-protection 0 set-cookie CONSENT=PENDING+015; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 6FD6 Redirect Chain https://googleads.g.doubleclick.net/pagead/id https://googleads.g.doubleclick.net/pagead/id?slf_rd=1	113 B 161 B	25ms 24ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50ca30d3f1d3fb12d2ef7d8cf36ed70890a6ea56759018850c4ee403d7ef1f64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff access-control-allow-origin https://www.youtube.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/id?slf_rd=1 cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 6FD6	29 B 91 B	6ms 6ms	Script text/javascript	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:48:40 GMT x-content-type-options nosniff last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe age 362 content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 expires Sat, 22 May 2021 19:03:40 GMT
GET H3-29	200	remote.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6	98 KB 30 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:46 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127136 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30855 x-xss-protection 0 expires Sat, 21 May 2022 07:35:46 GMT
GET H2	200	HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Show response www.google.com/js/th/ Frame 6FD6	35 KB 13 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80e::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 11:01:56 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 03 May 2021 11:00:00 GMT server sffe age 28366 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13280 x-xss-protection 0 expires Sun, 22 May 2022 11:01:56 GMT
GET H3-29	200	embed.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6FD6	25 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:40:00 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 126882 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7449 x-xss-protection 0 expires Sat, 21 May 2022 07:40:00 GMT
GET H2	200	1 Show response mc.yandex.com/watch/27737346/ Redirect Chain https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no... https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22...	219 B 300 B	50ms 49ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 42e4dd1823ee9181985a243355341ffdfdea214033a874a5e1388ad0ad414af1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff last-modified Sat, 22-May-2021 18:54:42 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 219 x-xss-protection 1; mode=block expires Sat, 22-May-2021 18:54:42 GMT Redirect headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT last-modified Sat, 22-May-2021 18:54:42 GMT location /watch/27737346/1?wmode=7&page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22pd_comments_style%22%3A%22undef%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22undef%22%2C%22pd_style_system%22%3A%22undef%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afp%3A1145%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205441%3Aet%3A1621709682%3Ac%3A1%3Arn%3A196632164%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1621709680497%3Ads%3A12%2C167%2C571%2C80%2C0%2C0%2C%2C383%2C10%2C%2C%2C%2C1137%3Adsn%3A12%2C167%2C572%2C79%2C0%2C0%2C%2C306%2C10%2C%2C%2C%2C1137%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682%3At%3Amacdonaldsaun%20-%20Profile strict-transport-security max-age=31536000 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Sat, 22-May-2021 18:54:42 GMT
GET H3-29	200	www-player-webp.css www.youtube.com/s/player/c39bcc11/ Frame 4D57	359 KB 45 KB	6ms 6ms	Stylesheet text/css	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:11 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127411 vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46248 x-xss-protection 0 expires Sat, 21 May 2022 07:31:11 GMT
GET H3-29	200	www-embed-player.js Show response www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 4D57	191 KB 63 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64589 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H3-29	200	base.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57	2 MB 465 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:45 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127137 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 476025 x-xss-protection 0 expires Sat, 21 May 2022 07:35:45 GMT
GET H3-29	200	fetch-polyfill.js Show response www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 4D57	8 KB 3 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2830 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 4D57	15 KB 15 KB	17ms 15ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.youtube.com Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 06:54:04 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe age 43238 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 expires Sun, 22 May 2022 06:54:04 GMT
GET H3-29	200	www-player-webp.css www.youtube.com/s/player/c39bcc11/ Frame 6678	359 KB 45 KB	12ms 11ms	Stylesheet text/css	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-player-webp.css Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 600473b6152d1d0a50097aa6fd6811dcbc9edd23e5ec77afc39b4369f14339a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:11 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127411 vary Accept-Encoding, Origin content-type text/css cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 46248 x-xss-protection 0 expires Sat, 21 May 2022 07:31:11 GMT
GET H3-29	200	www-embed-player.js Show response www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/ Frame 6678	191 KB 63 KB	29ms 27ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ae1bf1458589d1f72a7bf9a7fb9c21e8344aee819519c1dc8cbcfd9d6c16f54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 64589 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H3-29	200	base.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678	2 MB 465 KB	14ms 12ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8e34fa30d251bc425762a596368b08a20812bca6fcbba712c2cdce66c86bdf8b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:45 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127137 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 476025 x-xss-protection 0 expires Sat, 21 May 2022 07:35:45 GMT
GET H3-29	200	fetch-polyfill.js Show response www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/ Frame 6678	8 KB 3 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/fetch-polyfill.vflset/fetch-polyfill.js Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:31:03 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127419 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2830 x-xss-protection 0 expires Sat, 21 May 2022 07:31:03 GMT
GET H3-29	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v18/ Frame 6678	15 KB 15 KB	17ms 17ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.youtube.com Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 06:54:04 GMT x-content-type-options nosniff last-modified Mon, 16 Oct 2017 17:32:55 GMT server sffe age 43238 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15344 x-xss-protection 0 expires Sun, 22 May 2022 06:54:04 GMT
GET H2	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 6FD6	4 KB 2 KB	20ms 12ms	Script text/javascript	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 expires Sat, 22 May 2021 18:54:42 GMT
GET H2	200	26570:24958 an.yandex.ru/mapuid/adfox/ Redirect Chain https://an.yandex.ru/mapuid/adfox/26570%3A24958?jsredir=1 https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1	43 B 108 B	50ms 49ms	Image image/gif	2a02:6b8::90 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1 Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip last-modified Sat, 22 May 2021 18:54:42 GMT p3p CP="NOI DEVa TAIa OUR BUS UNI STA" strict-transport-security max-age=31536000 content-type image/gif; charset=utf-8 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Sat, 22 May 2021 18:54:42 GMT Redirect headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip last-modified Sat, 22 May 2021 18:54:42 GMT strict-transport-security max-age=31536000 p3p CP="NOI DEVa TAIa OUR BUS UNI STA" location https://an.yandex.ru/mapuid/adfox/26570:24958?redir-setuniq=1&jsredir=1 cache-control private, no-cache, no-store, must-revalidate, max-age=0 timing-allow-origin * x-xss-protection 1; mode=block expires Sat, 22 May 2021 18:54:42 GMT
GET H2	204	sync2.204 profile.ssp.rambler.ru/	0 169 B	253ms 81ms	Image text/plain	91.192.149.14 BEGUN-AS
General Check archive.org Show headers Download Go to Show image Full URL https://profile.ssp.rambler.ru/sync2.204?anket_id=26570%3A24958&pid=85&ruid=pA8AAN9Js1ewhlHBAQzTvQA%3D Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.192.149.14 , Russian Federation, ASN42481 (BEGUN-AS, RU), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=0 x-passed 1bal1 server nginx date Sat, 22 May 2021 18:54:42 GMT p3p policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
GET H3-29	204	generate_204 www.youtube.com/ Frame 6FD6	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?S5e5bA Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	22ms 22ms	Image image/gif	2a03:2880:f164:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=2982212878480459&ev=Microdata&dl=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&rl=&if=false&ts=1621709682336&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22meta%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fl-stat.livejournal.net%2Fimg%2Fog_image.jpg%22%2C%22og%3Atitle%22%3A%22macdonaldsaun%20-%20Profile%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Aapp%3Aid%3Aipad%22%3A%22383091547%22%2C%22twitter%3Aapp%3Aid%3Aiphone%22%3A%22383091547%22%2C%22twitter%3Aapp%3Aname%3Aipad%22%3A%22LiveJournal%22%2C%22twitter%3Aapp%3Aname%3Aiphone%22%3A%22LiveJournal%22%2C%22twitter%3Aapp%3Aurl%3Aipad%22%3A%22ljs%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Aapp%3Aurl%3Aiphone%22%3A%22ljs%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Adescription%22%3A%22Your%20life%20is%20the%20best%20story!%20Just%20start%20your%20blog%20today!%22%2C%22twitter%3Aimage%3Asrc%22%3A%22https%3A%2F%2Fl-stat.livejournal.net%2Fimg%2Fog_image.jpg%22%2C%22twitter%3Asite%22%3A%22%40livejournal%22%2C%22twitter%3Atitle%22%3A%22macdonaldsaun%20-%20Profile%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1621709681828.1132560193&it=1621709681745&coo=false&es=automatic&tm=3&exp=l0&rqm=GET Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f164:81:face:b00c:0:25de London, United Kingdom, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Sat, 22 May 2021 18:54:42 GMT
GET H3-29	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 4D57	113 B 159 B	14ms 14ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9b7c0683f402e69698f10725e06615c86784807cc3f2f39c2f258f648bb3e2c7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 4D57	29 B 52 B	20ms 6ms	Script text/javascript	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:48:40 GMT x-content-type-options nosniff last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe age 362 content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 expires Sat, 22 May 2021 19:03:40 GMT
GET H3-29	200	remote.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57	98 KB 30 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:46 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127136 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30855 x-xss-protection 0 expires Sat, 21 May 2022 07:35:46 GMT
GET H3-29	200	HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Show response www.google.com/js/th/ Frame 4D57	35 KB 13 KB	17ms 15ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 05:45:46 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 03 May 2021 11:00:00 GMT server sffe age 47336 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13280 x-xss-protection 0 expires Sun, 22 May 2022 05:45:46 GMT
GET H3-29	200	embed.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 4D57	25 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:40:00 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 126882 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7449 x-xss-protection 0 expires Sat, 21 May 2022 07:40:00 GMT
GET H3-29	200	id Show response googleads.g.doubleclick.net/pagead/ Frame 6678	113 B 159 B	14ms 14ms	XHR application/json	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/id Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e20cbbccaccf390f7808c969ee0696882f6c10efe0cd41bbdcf7bf23463dda68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 133 x-xss-protection 0 pragma no-cache server cafe content-type application/json; charset=UTF-8 access-control-allow-origin https://www.youtube.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ad_status.js Show response static.doubleclick.net/instream/ Frame 6678	29 B 52 B	7ms 6ms	Script text/javascript	2a00:1450:4001:828::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://static.doubleclick.net/instream/ad_status.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:48:40 GMT x-content-type-options nosniff last-modified Thu, 12 Dec 2013 23:40:16 GMT server sffe age 362 content-type text/javascript access-control-allow-origin * cache-control public, max-age=900 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29 x-xss-protection 0 expires Sat, 22 May 2021 19:03:40 GMT
POST H2	200	1 Show response mc.yandex.com/watch/27737346/	43 B 73 B	51ms 49ms	XHR image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Fmacdonaldsaun.livejournal.com%2Fprofile&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A5gv0p5rfujionf9a%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A1%3Als%3A970920594876%3Ahid%3A471036635%3Az%3A120%3Ai%3A20210522205442%3Aet%3A1621709682%3Ac%3A1%3Arn%3A996420582%3Au%3A1621709682315703625%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Aeu%3A1%3Ans%3A1621709680497%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1621709682 Requested by Host: mc.yandex.ru URL: https://mc.yandex.ru/metrika/tag.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT last-modified Sat, 22-May-2021 18:54:42 GMT strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 43 x-xss-protection 1; mode=block expires Sat, 22-May-2021 18:54:42 GMT
GET H3-29	200	remote.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678	98 KB 30 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/remote.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5f48c02692bd5d8044836018be9f76909dcab3ceabe1d8a29f1f9375e9a90b0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:35:46 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 127136 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30855 x-xss-protection 0 expires Sat, 21 May 2022 07:35:46 GMT
GET H3-29	200	HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Show response www.google.com/js/th/ Frame 6678	35 KB 13 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/js/th/HLG8T7_6jrm5gwCee85nqoZzVn5k6-x3RhaIxJGUkXo.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cb1bc4fbffa8eb9b983009e7bce67aa8673567e64ebec77461688c49194917a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 05:45:46 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 03 May 2021 11:00:00 GMT server sffe age 47336 vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13280 x-xss-protection 0 expires Sun, 22 May 2022 05:45:46 GMT
GET H3-29	200	embed.js Show response www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/ Frame 6678	25 KB 7 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/embed.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0a9eae06d8bed89c745eb7f92f3ca81bdc456c50e0d86d28885d413b788a7d25 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 07:40:00 GMT content-encoding br x-content-type-options nosniff last-modified Fri, 21 May 2021 06:42:50 GMT server sffe age 126882 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7449 x-xss-protection 0 expires Sat, 21 May 2022 07:40:00 GMT
GET H2	200	js Show response maps.googleapis.com/maps/api/ Frame F84C	135 KB 44 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad Requested by Host: www.google.com URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 62228c548829235c7a020473ffb4b1e359e48d6f4d8023306fd633dcee057763 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:52:12 GMT content-encoding gzip server mafe age 150 x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control public, max-age=1800 server-timing gfet4t7; dur=19 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45164 x-xss-protection 0 expires Sat, 22 May 2021 19:22:12 GMT
GET H3-29	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 4D57	4 KB 2 KB	27ms 14ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 expires Sat, 22 May 2021 18:54:42 GMT
GET H3-29	204	generate_204 www.youtube.com/ Frame 4D57	0 9 B	6ms 6ms	Image text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?zJcXBg Requested by Host: macdonaldsaun.livejournal.com URL: https://macdonaldsaun.livejournal.com/profile Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3-29	200	cast_sender.js Show response www.gstatic.com/cv/js/sender/v1/ Frame 6678	4 KB 2 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/cv/js/sender/v1/cast_sender.js Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.youtube.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 16 Feb 2021 23:57:06 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2007 x-xss-protection 0 expires Sat, 22 May 2021 18:54:42 GMT
GET H3-29	204	generate_204 www.youtube.com/ Frame 6678	0 9 B	6ms 5ms	Image text/plain	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/generate_204?RuiC6Q Requested by Host: www.youtube.com URL: https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3-29	200	promodisplay Show response fundingchoicesmessages.google.com/f/AGSKWxXT4WT69tKlOPlmw3GoEYGYPpzBZoYnGchzGc5Kkc6qHq4FEqCalw4kHQaktGCsZ6N2hEoC_o8pN5pLnl4Nbrd6Nt2BgcFkBHGknITnXg8eLq3OF7-L-J847WX1Vycsb-6nv_3fyGxFQVeXnMi7LGNAguHGz...	54 B 107 B	19ms 18ms	Script application/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxXT4WT69tKlOPlmw3GoEYGYPpzBZoYnGchzGc5Kkc6qHq4FEqCalw4kHQaktGCsZ6N2hEoC_o8pN5pLnl4Nbrd6Nt2BgcFkBHGknITnXg8eLq3OF7-L-J847WX1Vycsb-6nv_3fyGxFQVeXnMi7LGNAguHGzLFyWXzCQ72Eq-Eiz3zfYbFZ_8pEXS9E_8vAWudgCWVvcq6httFObZWDk7-uNOpUCd4a-8RT9DB8ACMK0uU=/_/adbeacon..com/promodisplay?/adv.css?_middle_ads./satnetgoogleads. Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 89a8a80ea5aede9146516fbca8cbe40a7e2c8d69c9da6c1c22e4193f500b1919 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate content-security-policy script-src 'report-sample' 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ah6WSajUvBZPuf6siK6cCA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_companion_ad.js Show response pagead2.googlesyndication.com/pagead/	14 KB 6 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/show_companion_ad.js Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c8b5d984e6d2cdaf64b8a50c9b645e347e74ffa712aa0b9422015700c98f9bb9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 18:35:42 GMT content-encoding gzip x-content-type-options nosniff age 1140 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5863 x-xss-protection 0 server cafe etag 12453517290502062038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Sat, 22 May 2021 19:35:42 GMT
POST H3-29	204	AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Show response fundingchoicesmessages.google.com/l/	0 27 B	19ms 18ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin; report-to="ContributorGlobalRouterHttp" x-frame-options SAMEORIGIN report-to {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]} content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-OeCe6PvQJpHX86x5DyLvEA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	init_embed.js Show response maps.gstatic.com/maps-api-v3/embed/js/44/14/ Frame F84C	233 KB 233 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.gstatic.com/maps-api-v3/embed/js/44/14/init_embed.js Requested by Host: www.google.com URL: https://www.google.com/maps/embed?origin=mfe&pb=!1m3!2m1!1sjustcbd!6i15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ad37130fd6db9507347d0417694ace6210fd9f671b1821a0b4d9bdf1192f513 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 19 May 2021 17:18:59 GMT x-content-type-options nosniff last-modified Tue, 11 May 2021 18:11:34 GMT server sffe age 264943 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 238786 x-xss-protection 0 expires Thu, 19 May 2022 17:18:59 GMT
POST H3-29	204	AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Show response fundingchoicesmessages.google.com/l/	0 26 B	46ms 46ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9qTfj1tN/5ZrZwL4DdNDZw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Show response fundingchoicesmessages.google.com/l/	0 26 B	32ms 32ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-PKEuk8a6iSAx/q6KI+23HA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	AGSKWxWI2xtSr7rdyyy9TrxFVrVlUnn7IsVGZBSQ3zuHU208ZcGTnru5-FPJSijKF6MBxsP0b-3uZDHLG-zpq_UTgQ3j7k--xcEH4oNKGTjYLTqtGPQDa5pyFo2xI9oD1AM4uK6ha5E2FK74o6ikXzsN_jEXETWh46g7Tl9giL9lxWypjwKSJz1rfiujUIdB Show response fundingchoicesmessages.google.com/f/	64 KB 24 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWI2xtSr7rdyyy9TrxFVrVlUnn7IsVGZBSQ3zuHU208ZcGTnru5-FPJSijKF6MBxsP0b-3uZDHLG-zpq_UTgQ3j7k--xcEH4oNKGTjYLTqtGPQDa5pyFo2xI9oD1AM4uK6ha5E2FK74o6ikXzsN_jEXETWh46g7Tl9giL9lxWypjwKSJz1rfiujUIdB?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjIxNzA5NjgyLDY3NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL21hY2RvbmFsZHNhdW4ubGl2ZWpvdXJuYWwuY29tL3Byb2ZpbGUiXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b58eb5b421637bedc23fa24eaf43a7725b65422b581fafb5382e0de3e29ecc3c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:42 GMT content-encoding gzip x-content-type-options nosniff alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'report-sample' 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-j1DZruoF5AmMjhTHHTSTVg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport x-xss-protection 0 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Show response fundingchoicesmessages.google.com/l/	0 26 B	29ms 29ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxUcarN4zG_eHbeul670s81zeU4pWBO8dXv06nQWKwoRzpy6KZemTmCt_u9AUYJRkR3wcy8_0_JYE4q6-LYnGagl3h6z714CdopDjJ5451N-9u882Ys878hoP8ZZI7zJ6SGWx3kqbPHD43ncs3iLwrSQ6D4YRJZjpa1SExtIakCJ5G7nKbqBkckQoQJ9 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.IBB6Ss-6Pv8.es5.O/d=1/rs=AJlcJMyD9LUONH51LJ-Y6ELzK-r8n6zJMA/m=detection Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-1tkunJLhcVAUnVRRiCmXrA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1 Show response fundingchoicesmessages.google.com/l/	0 26 B	19ms 19ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.kHEF0wS8ZCI.es5.O/d=1/rs=AJlcJMz0KY7LVk5uqX6w30w7oaK06FImdQ/m=cookie_refresh Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tuJ+qhtS+9UzVrADHCPv1Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	204	AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1 Show response fundingchoicesmessages.google.com/l/	0 26 B	18ms 18ms	XHR text/html	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/l/AGSKWxW8AUQ9pzZKu8PbNfDaTrSu1A05mhhbSL-qkpGaN7jmt-g0X5OhVQQburZJLjxL9b_IhN8BZxXQm9k-_lWknVRW3GSgY2J-zMgzGNrjmRx0ZcrwURkEUxIyJOuXxhmk0JO6i6RQ8tNYoXKNOzVPEObLs1YhsWB4PvRqiuwmANK8Kt7qokPuKTcUG1W1 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.kHEF0wS8ZCI.es5.O/d=1/rs=AJlcJMz0KY7LVk5uqX6w30w7oaK06FImdQ/m=cookie_refresh Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://macdonaldsaun.livejournal.com/profile User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers date Sat, 22 May 2021 18:54:42 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport access-control-max-age 86400 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 pragma no-cache server ESF cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN access-control-allow-methods POST, GET, OPTIONS content-type text/html; charset=utf-8 access-control-allow-origin https://macdonaldsaun.livejournal.com cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-g+nqsPYBxKRVDMNd2MxcUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3-29	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 6FD6	28 B 54 B	19ms 19ms	XHR application/json	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/91bpIBVFK4o?wmode=opaque&wmode=opaque X-YouTube-Client-Version 1.20210519.1.1 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgszTkYyd2cwN3F3YyjxpqWFBg%3D%3D X-YouTube-Ad-Signals dt=1621709682051&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoSlQoFRrawtNOzQLWMNRL9moua0YbUVlBxaps1E24mGheCHF4--P3o6LmC6lXklGiUCfYUyfKdHHADMg9N4zmLuBOjvg Response headers date Sat, 22 May 2021 18:54:44 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sat, 22 May 2021 18:54:44 GMT
POST H3-29	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 4D57	28 B 54 B	18ms 18ms	XHR application/json	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/player_ias.vflset/en_US/base.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/o0tT5qBY5kg?wmode=opaque&wmode=opaque X-YouTube-Client-Version 1.20210519.1.1 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgszTkYyd2cwN3F3YyjypqWFBg%3D%3D X-YouTube-Ad-Signals dt=1621709682388&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPNf9Cq-Z6LYAMoe86PL835PA2UHwmbgD0IsHnc2vtMXNJkZoRLh6j0awUJaK7gG2-7o0dI9Noeow-xE5St5S7HtozaA Response headers date Sat, 22 May 2021 18:54:44 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sat, 22 May 2021 18:54:44 GMT
POST H3-29	200	log_event Show response www.youtube.com/youtubei/v1/ Frame 6678	28 B 54 B	19ms 19ms	XHR application/json	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 Requested by Host: www.youtube.com URL: https://www.youtube.com/s/player/c39bcc11/www-embed-player.vflset/www-embed-player.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/json X-YouTube-Utc-Offset 120 X-YouTube-Client-Name 56 Referer https://www.youtube.com/embed/jsQ2sGQmhrk?wmode=opaque&wmode=opaque X-YouTube-Client-Version 1.20210519.1.1 X-YouTube-Time-Zone Europe/Berlin X-Goog-Visitor-Id CgszTkYyd2cwN3F3YyjypqWFBg%3D%3D X-YouTube-Ad-Signals dt=1621709682435&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image&bid=ANyPxKqsHfYWVyhc4M9kRiM739TL-lYZheGqAR1rBWmiybAouUYoIaEqxAzwttQwaJNK2A7t10Le22_8D7TMfZDiNfT9td1dWg Response headers date Sat, 22 May 2021 18:54:44 GMT content-encoding br x-content-type-options nosniff server ESF x-frame-options SAMEORIGIN vary Origin, X-Origin, Referer p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cache-control private content-type application/json; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31 x-xss-protection 0 expires Sat, 22 May 2021 18:54:44 GMT
GET H3-29	200	common.js Show response maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame F84C	85 KB 31 KB	16ms 14ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 22 May 2021 04:00:56 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 11 May 2021 18:12:04 GMT server sffe age 53631 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31670 x-xss-protection 0 expires Sun, 22 May 2022 04:00:56 GMT
GET H3-29	200	util.js Show response maps.googleapis.com/maps-api-v3/api/js/44/14/ Frame F84C	280 KB 86 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en_US&callback=onApiLoad Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 21 May 2021 17:06:47 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 11 May 2021 18:12:04 GMT server sffe age 92880 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 87588 x-xss-protection 0 expires Sat, 21 May 2022 17:06:47 GMT
GET H3-29	200	AuthenticationService.Authenticate Show response maps.googleapis.com/maps/api/js/ Frame F84C	62 B 83 B	15ms 15ms	Script text/javascript	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed%3Forigin%3Dmfe%26pb%3D!1m3!2m1!1sjustcbd!6i15&2sgoogle-maps-embed&callback=_xdc_._nuds9r&client=google-maps-embed&token=80482 Requested by Host: maps.googleapis.com URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software mafe / Resource Hash 0f05976c182e4857eaacefa96a67f6040328dc98bbf01eaea3a0384a8c6aef42 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Sat, 22 May 2021 18:54:47 GMT content-encoding gzip server mafe x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control no-cache, must-revalidate content-disposition attachment server-timing gfet4t7; dur=1 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT