orantas.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://orantas.livejournal.com/
Effective URL:
https://orantas.livejournal.com/
Submission: On November 14 via api (November 14th 2022, 8:09:11 am UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 106 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 48 domains to perform 160 HTTP transactions. The main IP is 81.19.74.1, located in Russian Federation and belongs to RAMBLER-TELECOM-AS, RU. The main domain is orantas.livejournal.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on February 4th 2022. Valid for: a year.

This is the only time orantas.livejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4 8	81.19.74.1 81.19.74.1	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
3 41	2a03:90c0:41:... 2a03:90c0:41:2801::24	199524 (GCORE) (GCORE)
7	91.192.150.12 91.192.150.12	42481 (BEGUN-AS) (BEGUN-AS)
1	81.19.87.48 81.19.87.48	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1	107.178.251.122 107.178.251.122	15169 (GOOGLE) (GOOGLE)
1	81.19.74.3 81.19.74.3	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
12	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	206.54.183.89 206.54.183.89	35415 (WEBZILLA) (WEBZILLA)
1	2606:4700:20:... 2606:4700:20::681a:ef9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.149.25.100 62.149.25.100	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
2	81.19.89.18 81.19.89.18	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1	81.19.82.102 81.19.82.102	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
1 4	128.140.224.226 128.140.224.226	5606 (GTS-BACKB...) (GTS-BACKBONE GTS Telecom)
3 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8::402 2a02:6b8::402	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
5	81.19.89.16 81.19.89.16	24638 (RAMBLER-T...) (RAMBLER-TELECOM-AS)
2	2a02:6b8::1be 2a02:6b8::1be	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a02:6b8:a::a 2a02:6b8:a::a	208722 (GLOBAL_DC) (GLOBAL_DC)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
5	91.192.148.14 91.192.148.14	42481 (BEGUN-AS) (BEGUN-AS)
1 2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	91.192.150.30 91.192.150.30	42481 (BEGUN-AS) (BEGUN-AS)
1 2	168.119.88.34 168.119.88.34	24940 (HETZNER-AS) (HETZNER-AS)
6 8	91.192.149.36 91.192.149.36	42481 (BEGUN-AS) (BEGUN-AS)
1	91.220.120.9 91.220.120.9	202173 (MAXIMATEL...) (MAXIMATELECOM)
2 3	185.15.175.133 185.15.175.133	43226 (SAFEDATA ...) (SAFEDATA Uplinks)
1 3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	91.194.226.61 91.194.226.61	43399 (TCS-AS) (TCS-AS)
2 2	88.212.252.2 88.212.252.2	39134 (UNITEDNET) (UNITEDNET)
3 3	54.93.141.89 54.93.141.89	16509 (AMAZON-02) (AMAZON-02)
1 1	168.119.168.202 168.119.168.202	24940 (HETZNER-AS) (HETZNER-AS)
1	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1 2	45.9.27.120 45.9.27.120	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1 2	194.190.76.41 194.190.76.41	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1 1	178.170.196.247 178.170.196.247	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
3 3	95.216.101.186 95.216.101.186	24940 (HETZNER-AS) (HETZNER-AS)
1 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	95.163.53.111 95.163.53.111	47764 (VK-AS) (VK-AS)
1	195.209.111.13 195.209.111.13	52007 (ADRIVER-AS) (ADRIVER-AS)
2 2	35.190.24.218 35.190.24.218	15169 (GOOGLE) (GOOGLE)
1	37.9.245.57 37.9.245.57	16345 (BEE-AS Ru...) (BEE-AS Russia)
2 3	89.108.120.76 89.108.120.76	197695 (AS-REG) (AS-REG)
1 1	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	195.201.57.28 195.201.57.28	24940 (HETZNER-AS) (HETZNER-AS)
160	55

8 81.19.74.1 (Russian Federation) 4 redirects

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

orantas.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgprx.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a03:90c0:41:2801::24 (Frankfurt am Main, Germany) 3 redirects

ASN199524 (GCORE, LU)

l-stat.livejournal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ic.pics.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-userpic.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.lj-toys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pics.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l-api.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 91.192.150.12 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: ssp.rambler.ru

ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.87.48 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: apl.rambler-co.ru

vp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.251.122 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 122.251.178.107.bc.googleusercontent.com

www.pravda.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.74.3 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: livejournal.com

xc3.services.livejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 206.54.183.89 (United States)

ASN35415 (WEBZILLA, NL)
PTR: vm12289.fozzyhost.com

litgazeta.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ef9 (United States)

ASN13335 (CLOUDFLARENET, US)

dlm3.meta.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.149.25.100 (Vyshhorod, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: bookclub.vds.colocall.com

bookclub.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.19.89.18 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

st.top100.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.19.82.102 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: tower-cs3524.ramtel.ru

rcmjs.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 128.140.224.226 (Romania) 1 redirects

ASN5606 (GTS-BACKBONE GTS Telecom, RO)

gamd.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::402 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

static-mon.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.19.89.16 (Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru

kraken.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::1be (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

ads.adfox.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:a::a (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 91.192.148.14 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

profile.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img02.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.192.150.30 (Russian Federation)

ASN42481 (BEGUN-AS, RU)
PTR: zvezda.ssp.rambler.ru

sandbox.ssp.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.88.34 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.34.88.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.192.149.36 (Russian Federation) 6 redirects

ASN42481 (BEGUN-AS, RU)
PTR: sync.rambler.ru

sync.rambler.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.220.120.9 (Russian Federation)

ASN202173 (MAXIMATELECOM, RU)

tms.dmp.wi-fi.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.15.175.133 (Russian Federation) 2 redirects

ASN43226 (SAFEDATA Uplinks, RU)

dmg.digitaltarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.194.226.61 (Russian Federation)

ASN43399 (TCS-AS, RU)
PTR: dp.tinkoffinsurance.ru

sync.datamind.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.252.2 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)

lbs-ru1.ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.93.141.89 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-141-89.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.168.202 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.202.168.119.168.clients.your-server.de

bidswitch-eu.splicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.9.27.120 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr19.segmento.ru

begun-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.190.76.41 (Russian Federation) 1 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp1.senders.rutube.ru

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.170.196.247 (Russian Federation) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)
PTR: fr12.segmento.ru

rambler-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.101.186 (Helsinki, Finland) 3 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.101.216.95.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.53.111 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: stats.seedr.ru

stats.seedr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.13 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.24.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.9.245.57 (Russian Federation)

ASN16345 (BEE-AS Russia, RU)

rmb.ops.beeline.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.108.120.76 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51804.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.57.28 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.57.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	livejournal.net 3 redirects l-stat.livejournal.net — Cisco Umbrella Rank: 144459 imgprx.livejournal.net — Cisco Umbrella Rank: 550559	1 MB
28	rambler.ru 6 redirects ssp.rambler.ru — Cisco Umbrella Rank: 34223 vp.rambler.ru — Cisco Umbrella Rank: 74719 rcmjs.rambler.ru — Cisco Umbrella Rank: 83131 kraken.rambler.ru — Cisco Umbrella Rank: 28831 profile.ssp.rambler.ru — Cisco Umbrella Rank: 40318 img02.ssp.rambler.ru — Cisco Umbrella Rank: 88326 sandbox.ssp.rambler.ru — Cisco Umbrella Rank: 115097 sync.rambler.ru — Cisco Umbrella Rank: 58229	422 KB
20	livejournal.com 4 redirects orantas.livejournal.com ic.pics.livejournal.com — Cisco Umbrella Rank: 135004 l-userpic.livejournal.com — Cisco Umbrella Rank: 173725 xc3.services.livejournal.com — Cisco Umbrella Rank: 128141 pics.livejournal.com — Cisco Umbrella Rank: 130861 l-api.livejournal.com — Cisco Umbrella Rank: 179230 www.livejournal.com — Cisco Umbrella Rank: 112098	343 KB
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1952 www.google.com — Cisco Umbrella Rank: 2	62 KB
10	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10106	3 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 94	797 KB
9	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3706 yandex.ru — Cisco Umbrella Rank: 1631 an.yandex.ru — Cisco Umbrella Rank: 3438	191 KB
5	yastatic.net yastatic.net — Cisco Umbrella Rank: 6469	157 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	58 KB
5	gemius.pl 1 redirects gamd.hit.gemius.pl — Cisco Umbrella Rank: 163694 ls.hit.gemius.pl — Cisco Umbrella Rank: 12859	20 KB
4	googleapis.com jnn-pa.googleapis.com — Cisco Umbrella Rank: 261	30 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 static.doubleclick.net — Cisco Umbrella Rank: 309	2 KB
3	aidata.io 2 redirects x01.aidata.io — Cisco Umbrella Rank: 14868	1 KB
3	1dmp.io 3 redirects sync.1dmp.io — Cisco Umbrella Rank: 12884	2 KB
3	rutarget.ru 2 redirects begun-sync.rutarget.ru — Cisco Umbrella Rank: 124019 rambler-sync.rutarget.ru — Cisco Umbrella Rank: 113719	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	2 KB
3	betweendigital.com 2 redirects lbs-ru1.ads.betweendigital.com — Cisco Umbrella Rank: 66760 ads.betweendigital.com — Cisco Umbrella Rank: 1902	2 KB
3	mail.ru 1 redirects top-fwz1.mail.ru — Cisco Umbrella Rank: 9982	3 KB
3	digitaltarget.ru 2 redirects dmg.digitaltarget.ru — Cisco Umbrella Rank: 23398	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr — Cisco Umbrella Rank: 10258	555 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 612	723 B
2	adhigh.net 1 redirects px.adhigh.net — Cisco Umbrella Rank: 15974	757 B
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 19525	547 B
2	adfox.ru ads.adfox.ru — Cisco Umbrella Rank: 10072	638 B
2	vk.com vk.com — Cisco Umbrella Rank: 5682	24 KB
2	top100.ru st.top100.ru — Cisco Umbrella Rank: 35324	34 KB
2	tns-counter.ru 1 redirects www.tns-counter.ru — Cisco Umbrella Rank: 11113	702 B
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 146	2 KB
1	otm-r.com sync.dmp.otm-r.com — Cisco Umbrella Rank: 16082	69 B
1	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9992	287 B
1	beeline.ru rmb.ops.beeline.ru — Cisco Umbrella Rank: 103887	627 B
1	adriver.ru ssp.adriver.ru — Cisco Umbrella Rank: 23509	201 B
1	seedr.com stats.seedr.com — Cisco Umbrella Rank: 60783	838 B
1	splicky.com 1 redirects bidswitch-eu.splicky.com — Cisco Umbrella Rank: 25412	221 B
1	datamind.ru sync.datamind.ru — Cisco Umbrella Rank: 54588	145 B
1	wi-fi.ru tms.dmp.wi-fi.ru — Cisco Umbrella Rank: 90874	616 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	23 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 115	35 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 231	2 KB
1	yandex.net static-mon.yandex.net — Cisco Umbrella Rank: 24227	84 KB
1	bookclub.ua bookclub.ua	22 KB
1	meta.ua dlm3.meta.ua	472 B
1	litgazeta.com.ua litgazeta.com.ua	2 MB
1	lj-toys.com l.lj-toys.com — Cisco Umbrella Rank: 321555	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	41 KB
1	pravda.com.ua www.pravda.com.ua — Cisco Umbrella Rank: 74675	8 KB
0	mos.ru Failed stats.mos.ru Failed
160	48

	Domain	Requested by
25	l-stat.livejournal.net	orantas.livejournal.com l-stat.livejournal.net l.lj-toys.com
12	fundingchoicesmessages.google.com	orantas.livejournal.com
10	mc.yandex.com	2 redirects orantas.livejournal.com mc.yandex.ru
10	ic.pics.livejournal.com	orantas.livejournal.com
9	www.youtube.com	l.lj-toys.com www.youtube.com
8	sync.rambler.ru	6 redirects
7	ssp.rambler.ru	orantas.livejournal.com ssp.rambler.ru sandbox.ssp.rambler.ru
6	an.yandex.ru	1 redirects orantas.livejournal.com an.yandex.ru
5	yastatic.net	an.yandex.ru
5	kraken.rambler.ru	st.top100.ru orantas.livejournal.com
4	jnn-pa.googleapis.com	www.youtube.com
4	profile.ssp.rambler.ru	orantas.livejournal.com ssp.rambler.ru
4	gamd.hit.gemius.pl	1 redirects orantas.livejournal.com gamd.hit.gemius.pl
4	imgprx.livejournal.net	3 redirects orantas.livejournal.com
3	x01.aidata.io	2 redirects
3	sync.1dmp.io	3 redirects
3	x.bidswitch.net	3 redirects
3	top-fwz1.mail.ru	1 redirects
3	dmg.digitaltarget.ru	2 redirects
3	fonts.gstatic.com	www.youtube.com
3	pics.livejournal.com	3 redirects
3	www.google-analytics.com	orantas.livejournal.com
3	orantas.livejournal.com	1 redirects orantas.livejournal.com
2	redirect.frontend.weborama.fr	2 redirects
2	creativecdn.com	1 redirects
2	px.adhigh.net	1 redirects
2	begun-sync.rutarget.ru	1 redirects
2	lbs-ru1.ads.betweendigital.com	2 redirects
2	exchange.buzzoola.com	1 redirects
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	ads.adfox.ru	ssp.rambler.ru
2	mc.yandex.ru	1 redirects l-stat.livejournal.net
2	vk.com	orantas.livejournal.com
2	st.top100.ru	orantas.livejournal.com st.top100.ru
2	www.tns-counter.ru	1 redirects orantas.livejournal.com
2	sb.scorecardresearch.com	orantas.livejournal.com
1	sync.dmp.otm-r.com
1	counter.yadro.ru	1 redirects
1	rmb.ops.beeline.ru
1	ssp.adriver.ru
1	stats.seedr.com
1	rambler-sync.rutarget.ru	1 redirects
1	ads.betweendigital.com
1	bidswitch-eu.splicky.com	1 redirects
1	sync.datamind.ru
1	tms.dmp.wi-fi.ru
1	sandbox.ssp.rambler.ru	profile.ssp.rambler.ru
1	pagead2.googlesyndication.com
1	img02.ssp.rambler.ru	ssp.rambler.ru
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	yandex.ru	orantas.livejournal.com
1	ls.hit.gemius.pl	gamd.hit.gemius.pl
1	www.livejournal.com	l-stat.livejournal.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	l-api.livejournal.com	l-stat.livejournal.net
1	static-mon.yandex.net	l-stat.livejournal.net
1	rcmjs.rambler.ru	orantas.livejournal.com
1	bookclub.ua	orantas.livejournal.com
1	dlm3.meta.ua	orantas.livejournal.com
1	litgazeta.com.ua	orantas.livejournal.com
1	l.lj-toys.com	orantas.livejournal.com
1	www.googletagmanager.com	orantas.livejournal.com
1	xc3.services.livejournal.com	orantas.livejournal.com
1	l-userpic.livejournal.com	orantas.livejournal.com
1	www.pravda.com.ua	orantas.livejournal.com
1	vp.rambler.ru	orantas.livejournal.com
0	stats.mos.ru Failed
160	71

This site contains links to these domains. Also see Links.

Domain
www.livejournal.com
www.wsu.edu
www.pravda.com.ua
en.wikipedia.org
www.dt.ua
ic.pics.livejournal.com
litgazeta.com.ua
blog.meta.ua
ukrainer.net
www.facebook.com
dlm3.meta.ua
www.yakaboo.ua
www.bookclub.ua
youtu.be
minval.az
plus.google.com
espreso.tv
publish-ukma.kiev.ua
cs307209.vk.me
pripyat.com
www.amazon.com
lyubovsirota.blogspot.com
www.smashwords.com
www.barnesandnoble.com
www.pripyat-syndrome.com
chornobylmuseum.kiev.ua
www.holodomor33.org.ua
www.youtube.com
www.radiosvoboda.org
www.nuclearflower.com
myspace.com
www.ruthenia.info
www.stihi.ru
www.proza.ru
uk-ua.facebook.com
addyour.name
tours.chernobylstore.com
www.postchernobyl.kiev.ua
www.chernobylee.com
no-nukes.org
alexievich.info
www.lib.ru
www.souzchernobyl.org
hrab.livejournal.com

Subject Issuer	Validity	Valid
*.livejournal.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-04` - `2023-02-25`	a year	crt.sh
*.livejournal.net GlobalSign GCC R3 DV TLS CA 2020	`2022-05-11` - `2023-06-11`	a year	crt.sh
ssp.rambler.ru R3	`2022-09-30` - `2022-12-29`	3 months	crt.sh
*.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-16` - `2023-05-06`	a year	crt.sh
*.pravda.com.ua Sectigo ECC Domain Validation Secure Server CA	`2022-07-14` - `2023-08-10`	a year	crt.sh
*.pics.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2022-05-11` - `2023-06-11`	a year	crt.sh
*.services.livejournal.com GlobalSign GCC R3 DV TLS CA 2020	`2022-05-11` - `2023-06-10`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.lj-toys.com GlobalSign GCC R3 DV TLS CA 2020	`2022-05-03` - `2023-05-06`	a year	crt.sh
*.top100.ru RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-02-03` - `2023-02-14`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.naydex.net GlobalSign RSA OV SSL CA 2018	`2022-05-30` - `2022-11-27`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adfox.ru GlobalSign RSA OV SSL CA 2018	`2022-10-26` - `2023-04-07`	5 months	crt.sh
*.xn--d1acpjx3f.xn--p1ai GlobalSign ECC OV SSL CA 2018	`2022-08-19` - `2023-02-16`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
profile.ssp.rambler.ru R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
img02.ssp.rambler.ru R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
bs.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-21` - `2023-04-21`	6 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-08-31` - `2023-02-28`	6 months	crt.sh
*.ssp.rambler.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-03-17` - `2023-04-18`	a year	crt.sh
*.datamind.ru Thawte RSA CA 2018	`2022-01-13` - `2023-01-13`	a year	crt.sh
stats.seedr.ru R3	`2022-08-30` - `2022-11-28`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.ops.beeline.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-06-06` - `2023-07-08`	a year	crt.sh
*.dmp.otm-r.com AlphaSSL CA - SHA256 - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://orantas.livejournal.com/
Frame ID: 09AABAF4AD3CFD341484CACB5C8B66A2
Requests: 107 HTTP requests in this frame

Frame: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=
Frame ID: 444678723CCBA0B9A7589E4516A9FC9F
Requests: 2 HTTP requests in this frame

Frame: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1667906829
Frame ID: C1B4092A5137B4C6D44A38A2E0C6300C
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
Frame ID: 2CE88066E5075602F067382D00AEB0B7
Requests: 22 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 1E032566A906C0F1B7CF5931DE01EF62
Requests: 1 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=PedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA&img=l5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA&img=bQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA&img=*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA&img=m2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA&img=NFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA&img=wGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA&img=5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA&img=gs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA&img=mxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA&img=9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA&img=Sx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA&img=oL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA&img=aGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA&img=U1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA&script=dKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA&img=4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA&img=OXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA&img=reGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA&img=COJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA
Frame ID: FCBFB0C3D71F8A96FC3456DDE05AA774
Requests: 28 HTTP requests in this frame

Frame: https://profile.ssp.rambler.ru/sandbox?img=uRSND9fdgPCJ*MFDQuLy0kjbHWVoya3-vRWp9ShDO65bD4XLGWNGx3sFZVtbd-3jMrBF8aWaKaZLkSdZFmicywI3QZhIxrkp3E65oyo0LcByp*fM4JdWrCAaEJVdtJKaEfUSz3Tkt31HK8Aq5l-yKgIAAAC63LwKAAAAAA&img=HK929r4UBXvPyRonq3Afhk8YwnDAIGzD-p5WlAMZ5KKZey4qft1wS5jfdezqnl1ozEmyGWx62Ia1s*sS-My9ma0f-8wJywW0xPLpe3v46AGr7mlB8X3GHNXz1uEeJ-oyU8-26CnQqeaPJnjMg5K3CYiV4OhEN*SmUge4EEozvrUCAAAAuty8CgAAAAA&img=Tgnyn7svP9Kv-xN7wofVV1jO7Lp2h5LH*2TGOt0O4tRyXP0i5*82aD2hfRCQ59nrHrffREdS0PBWme6If9Bg3tT3WC*2KvMBWe2GW42caz1JQmHXTP7-uMlQnu3eTP0qArpStQukJU43g3vQ5349BAIAAAC63LwKAAAAAA&img=wSm5fNCtwuhNO3Mdda4W4ZKU5RjsEYMemqZ9M2B1cRbn7JpLwK4Jz0esAbmlSeR534pimteRPttmMTvcYjW34p4OUOmk1mBS77c9p6ZY459eL0zE*GJRYjnG*bWknniIAgAAALrcvAoAAAAA&img=TA5bSo0Jai7K4Yv5L3S7hbjt3NUpVPqFXueGUfaR0sztPURHmLjEDxX7W0Hvu8MO06Vta5abJ2EZrXAzYKwRDy-DSfIa-JAPN9Wd44s*ADyuX9ZkD0y1pKb8OiukugRJWvtX4OWW7crppQUyG9B78jmdNqoH0jKe524Wf39R*CUCAAAAuty8CgAAAAA&img=x6qK*wfhFA5A5M3E-pgX6zRUHNlMXz3r7zWw6nLVvlssPANdNhQ483Qa9GbUlycOwKa7jzAsPef4PiA6Egk-hpX2KY4YoyI9nI1B2zpfiKzZwt88ZtiEZxinbujtnQfPvZt8wHl2AW0IO6IX-6zJPtRqfj4aq8Ro6tOMYyOYYj8CAAAAuty8CgAAAAA&img=neZjeKeBK-*edybp9kTDAGFwgruuATGN9ObyYveSjzP2ItDcwbCxogVwK08MycAG6qgXl4RQlcVSr-bjzr2vnSkDeZnLkYNxDbHHGMSMZmcujRfwd*du1Lk94zsZ89FFxmUY6GvUqorCnDBZKk8v*QIAAAC63LwKAAAAAA&img=TRT0Rpm6qqe*i7XSBJuC5xnYq4iHN01BEcIjMzk7vVCNiTlBi8F5AvMCxoTcmBYwRHS5*gg4oQQ*NhAUcmvg8xVFXRoc4r2*t8QUQt6sYAY10IatA*H2PT2sE17qYAwLzFnxD6kxCFPOPZZ7lQvwK*J0PQyMjjcROci6EDr1sjUCAAAAuty8CgAAAAA&img=zK1XI0GLzDk8QkBZbPnnPXo7JyKbzwJTOee6XoKyCda9RJHQ3h6mBrMdhSPDmEXzqHgbOIV6OShqpxmK1S2XLn4AOvWo3Ri7eoSj7lf3HHZax4tQ3HOCPpLm7GbTMaxtunL0tjkfI2YHHi2G9FR0bA8HzFw6Bz8Jz3pER1zPH-7WVOG-0WMdL4yCzQcc-5UwAgAAALrcvAoAAAAA&img=YXvkgxJjBaIelLOaGQD0i*j221EozRaFgqLBeTOD-i-4pAw01c0m0tHpMCG0P9z2nB0u-7MCCTn2A6m6FeVwRVwZsUgu8FTDB816*DgGUR9H9qRe3tsjI1XFpGPWJbqeAgAAALrcvAoAAAAA&img=66EV6P*G4sxSyTjRO*Vsi68hLikF4tjoLyD5rOSzgurDvFr3eAIvEDhKe1tGHvhQd7-NzP1gnCjnQ4S*buofHhNDMNSrNdCHkTjttmZFlgCHmrwf2-EQ*6rug3USdvEMesc5fhDccL3ywLaouYh1sXseVpGEPfqLnMsL0mkdwR8CAAAAuty8CgAAAAA&img=16s-yiD65a-rsaNEA*tWMDQmFIbAJQ*q303JeAB7RmcBylOaurPWzIuRyZrhNx-CWPR-SE8gxTqIVzj3vJPX*EjjxijM1Vy3GNk-uMZXiQ5DGA9RABQXp6840sav08udoomDSrUWTC2NddvboKLDBn1WvqeJHN*urTXEZoY875K3EQHevFly6X1Mlmwrs9fad0TQoyR91cP1AJZc-CBA7AIAAAC63LwKAAAAAA&img=5XmyrsYu6tWiq455JA6hfUg8-i7-aztygOvDsadSrZGBKGH9JkcruKY5PFD3sBEFCS*VRMDM-54G8mt9PKqB4OJWah-yPIWSFM21w5jgoc30jcLq741mKqelNE9*6YvwhGQdRi4b0n7D6CT*yQCmpAIAAAC63LwKAAAAAA&img=tQuHLT6gg9USlRBA662X8DhODBOkW78SIcTzByj3TpuM9pM1bMrqRJlWrb2E5epfdEzqbFOmn0MZZejFbwV7p9VIpsBSE-i5qjAgXi*pd305ijFSJnYBpCmCqPh2mIR1siAtWMFUOjyE4jI16qQ*kQIAAAC63LwKAAAAAA&img=4PIX2upVc2kzziR-sqBUgCRhonjMuF2aHZN4i8EpoG94JWQEkDxhJNTZA5pMMqJny6Sv32WpgT0GaUIEDqIqF1BelDKKtkuhQt4JVLk5AQtRe-i9nxMWFnGA2iukxl8MxS7tveM6Rj1wXIub*MU5kAtZj0rK8mpVsd88QzNFpBMCAAAAuty8CgAAAAA&img=6lPaP4sJbcqn6FTWaVILnRSw*m6qjlGDi7pE3E40V-2HKvgP1kCl7gIbBGRjRjwDC-Jcren8Rubd4Yt*Mg8U6pedLZFgpr0UtcGRW9zuDtFyRCt*q8980ewI7wLXNjw46*wu-Xnqz3b1fY*b0kheHQIAAAC63LwKAAAAAA&img=UNWE3O79X4KHQ4Q-KXVqTEr7zcPYWhS2OvZmaYG6i2mxP3fbIuW-CJW5awgPlb7BY4oQi4l8MZmiL95dJQtscBnRVJjcxTGpSgvhZ6pPyocgbZB3PphE6EePe1Bn7D53wcd8IulukmZ-RMctgMWO3ZAnz053b9ZLflbEksSbf2ZFS2CkJsheHJg26Mk-TyApk9wDXdF-SsQZlLcdLusy2CSgmVvJmlS*P*542pKZYW4CAAAAuty8CgAAAAA&img=ngHuUx*iBrEsQkNv3rjqPKs8-mWAoqIVXcGb51FJvjRuXwI3b2-MT*LnGPuS5E4bxt55MrOH1Q0YnhDNyITMKJxfPQhp7MgaFHO9nGlIC*89PO1a5e7OHkUN3bcn9vBhm-HkOYCgQmO5UeioQ-shxa3kQLr8lNq*mwwStc8Ge2vXkuREGl7B6fHKeoFMy-EBDmfQHC9ukxHdNgiDOXZywLSAEW-W2RvbF6z63VWz6UziYSke0uL3tR3pqLh2Uv8YpSymNnO2xt15IaEdtLc3eqbdg23xqydaBwt19n7jUyQCAAAAuty8CgAAAAA&img=TxbuygJRWV5ETFXezmgTlSii0SnP7UTzazKhV1vy3AqeCXI0dT8ZQbPrsew99g8VUk9AY4DSp4RDd5BO84BtK5DH7ckwKEPJGaVUYtQFtgd*eS5nWVLVZcvulPs8-P0wM9AfHAVqIVkcjxeXoDRkLQIAAAC63LwKAAAAAA
Frame ID: 01BAE0049A6C33B6A470D45336D63E42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Saved Planet — LiveJournal

Page URL History Show full URLs

http://orantas.livejournal.com/ HTTP 301
https://orantas.livejournal.com/ Page URL

Detected technologies

LiveJournal (Blogs) Expand

Overall confidence: 100%
Detected patterns

\.livejournal\.com

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

\bangular.{0,32}\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha

Page Statistics

160
Requests

84 %
HTTPS

38 %
IPv6

48
Domains

71
Subdomains

55
IPs

10
Countries

5246 kB
Transfer

12063 kB
Size

60
Cookies

106 Outgoing links

These are links going to different origins than the main page.

URL: https://www.livejournal.com/
Title: LiveJournal

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/2020/
Title: Your 2021 in LJ

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/browse/
Title: Entdecken

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/syn
Title: RSS Reader

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/support/
Title: Hilfe

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/login.bml?returnto=https://orantas.livejournal.com/&ret=1
Title: Anmelden

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/create
Title: Join free Join

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/manage/settings/?cat=display
Title: Deutsch (de)

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/lostinfo.bml
Title: Forgot password

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=google&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=facebook&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=vkontakte&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=twitter&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=mailru&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=rambler&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/identity/login.bml?type=openid&auto_forwhat=user%24orantas%24%2F

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/legal/tos-en.bml
Title: User agreement

Search URL Search Domain Scan URL

URL: http://www.wsu.edu/~brians/chernobyl_poems/chernobyl_index.html
Title: The Chernobyl Poems of Lyubov Sirota

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/26810.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=26810

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/cdn/graphics/2016/08/stus/images/tild3534-3630-4334-a366-303432353166__stus.jpg

Search URL Search Domain Scan URL

URL: https://www.pravda.com.ua/cdn/graphics/2016/08/stus/
Title: СТУС БЕЗ ШАНСУ НА ЗАХИСТ: ведмежа послуга Медведчука

Search URL Search Domain Scan URL

URL: http://en.wikipedia.org/wiki/Vasyl_Stus
Title: VASYL STUS

Search URL Search Domain Scan URL

URL: http://www.dt.ua/3000/3760/36011/
Title: 4 вересня – день пам’яті Василя Стуса

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/26398.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=26398

Search URL Search Domain Scan URL

URL: https://ic.pics.livejournal.com/orantas/12328215/32490/32490_original.jpg

Search URL Search Domain Scan URL

URL: https://litgazeta.com.ua/reviews/sertsya-vysokyj-plomin/
Title: «Серця високий пломінь»

Search URL Search Domain Scan URL

URL: http://blog.meta.ua/~orantas/posts/i4452762/
Title: Любов Сирота «Прип'ятська береста»

Search URL Search Domain Scan URL

URL: https://ukrainer.net/vozvrashhenye-v-zonu-otchuzhdenyya/
Title: Александра Сироты

Search URL Search Domain Scan URL

URL: http://litgazeta.com.ua/reviews/sertsya-vysokyj-plomin/

Search URL Search Domain Scan URL

URL: https://ukrainer.net/zona-vidchuzhennya/
Title: Олександра Сироти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/aes.planca
Title: Aleksandr Sirota(Oleksandr Syrota)

Search URL Search Domain Scan URL

URL: http://blog.meta.ua/redirect.php?url=M2ovMXSPM1%2Fnu5li1Stds%2F035QnanL0rwmUVOT%2FxOPAIWqFKdrbf0I4lVcoko38tFvML
Title: Сирота Л. М.

Search URL Search Domain Scan URL

URL: http://blog.meta.ua/redirect.php?url=M2ovMXSPM1%2Fnu5linLluQWxadS68a%2BCumnbHRyf%2FgXmpLYyy
Title: Сирота О. Ю.

Search URL Search Domain Scan URL

URL: http://blog.meta.ua/redirect.php?url=M2ovMXSPM1%2Fnu5linLluR5F1ILAoBmU6IW1tPVLzbTP3%2FtVpXawOTw%3D%3D
Title: ВЦ «Просвіта»

Search URL Search Domain Scan URL

URL: http://dlm3.meta.ua/pic/0/145/129/zX54yqy8ob.jpg

Search URL Search Domain Scan URL

URL: https://www.yakaboo.ua/ua/prip-jats-ka-beresta.html#fragment-1322384
Title: https://www.yakaboo.ua/ua/prip-jats-ka-beresta.html

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/25983.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=25983

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/25627.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=25627

Search URL Search Domain Scan URL

URL: http://www.bookclub.ua/catalog/books/pop/product.html?id=37387

Search URL Search Domain Scan URL

URL: http://www.bookclub.ua/catalog/books/pop/product.html?id=37387&utm_source=google+&utm_medium=like_button&utm_campaign=product_like
Title: Л. Сирота. Припятский синдром - Книжный Клуб. Клуб Семейного Досуга. Книжный интернет-магазин. КСД

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/25364.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=25364

Search URL Search Domain Scan URL

URL: http://youtu.be/fPUWCxxCk0w

Search URL Search Domain Scan URL

URL: http://youtu.be/i8EpTl6vbt0

Search URL Search Domain Scan URL

URL: http://minval.az/news/41511

Search URL Search Domain Scan URL

URL: https://plus.google.com/112731140046659092156/about
Title: Любов Сирота

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/25227.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=25227

Search URL Search Domain Scan URL

URL: http://youtu.be/PLG1-FaVyWE

Search URL Search Domain Scan URL

URL: http://espreso.tv/article/2014/08/16/top_11_rosiyskykh_politykiv_scho_zradyly_svoye_ukrayinske_korinnya
Title: http://espreso.tv/article/2014/08/16/top_11_rosiyskykh_politykiv_scho_zradyly_svoye_ukrayinske_korinnya

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/24950.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=24950

Search URL Search Domain Scan URL

URL: http://publish-ukma.kiev.ua/ua/katalog/novinki/69-perehoda-lirika-poemy-proza.html

Search URL Search Domain Scan URL

URL: http://cs307209.vk.me/v307209000/15e2/SBgzI0ZIF0U.jpg

Search URL Search Domain Scan URL

URL: http://pripyat.com/news/13-07-25/vystavka-rukoyu-tronut-tishinu-v-moskve.html
Title: выставку Екатерины Исаенко "Рукою тронуть тишину"

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/24646.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=24646

Search URL Search Domain Scan URL

URL: http://www.amazon.com/The-Pripyat-Syndrome-Lyubov-Sirota/dp/1490970983/ref=tmm_pap_title_0

Search URL Search Domain Scan URL

URL: http://lyubovsirota.blogspot.com/2012/04/lyubov-sirota-pripyat-syndrome.html
Title: Lyubov Sirota "Pripyat syndrome"

Search URL Search Domain Scan URL

URL: https://www.smashwords.com/books/view/335122
Title: the electronic version of the book "Pripyat syndrome" in English

Search URL Search Domain Scan URL

URL: http://www.barnesandnoble.com/w/the-pripyat-syndrome-lyubov-sirota/1115994928?ean=2940148292807
Title: The Pripyat Syndrome [NOOK Book]

Search URL Search Domain Scan URL

URL: http://www.amazon.com/dp/B00DVE5L7O
Title: the E-book "The Pripyat Syndrome" on Amason.com

Search URL Search Domain Scan URL

URL: http://www.amazon.com/The-Pripyat-Syndrome-Lyubov-Sirota/dp/1490970983/ref=tmm_pap_title_0/185-0298689-7431137
Title: paper book "The Pripyat Syndrome" in English

Search URL Search Domain Scan URL

URL: http://www.pripyat-syndrome.com/en/product/kniga-pripjatskij-sindrom-v-tverdoj-oblozhke-angljazyk-predzakaz/
Title: http://www.pripyat-syndrome.com/en/product/kniga-pripjatskij-sindrom-v-tverdoj-oblozhke-angljazyk-predzakaz/

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/24398.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=24398

Search URL Search Domain Scan URL

URL: http://pripyat.com/news/13-01-31/natsionalnyi-muzei-chernobyl-priglashaet-vstrecha-puteshestvie-vo-vremeni-ko-dnyu-rozh

Search URL Search Domain Scan URL

URL: http://chornobylmuseum.kiev.ua/index.php?option=com_content&view=article&id=71%3A2013-01-29-20-39-58&catid=1%3A2009-12-08-20-05-44&Itemid=11&lang=uk

Search URL Search Domain Scan URL

URL: http://pripyat.com/news/13-02-25/novosti-proekta-pripyat-3d-obzornyi-videorolik.html

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/update.bml?repost_type=c&repost=https://orantas.livejournal.com/23890.html&nodraft=1

Search URL Search Domain Scan URL

URL: https://www.livejournal.com/tools/content_flag.bml?user=orantas&itemid=23890

Search URL Search Domain Scan URL

URL: http://www.holodomor33.org.ua/

Search URL Search Domain Scan URL

URL: http://www.youtube.com/playlist?list=PL25E0C507283E3F6C
Title: Holodomor/Genocide in Ukraine 1932/33

Search URL Search Domain Scan URL

URL: http://www.radiosvoboda.org/section/holodomor/535.html
Title: Радіо Свобода:

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/112731140046659092156
Title: Lyubov Sirota_Profile Google

Search URL Search Domain Scan URL

URL: http://www.nuclearflower.com/01lyubovsirota.htm
Title: A SURVIVOR FROM PRIPYAT

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/pripyatchanka
Title: YouTube channel "pripyatchanka"

Search URL Search Domain Scan URL

URL: http://lyubovsirota.blogspot.com/
Title: Lyubov Sirota | Blogger.com

Search URL Search Domain Scan URL

URL: https://myspace.com/pripyatchanka
Title: Myspace | Lyubov Sirota

Search URL Search Domain Scan URL

URL: http://www.ruthenia.info/txt/syrotal/virshi.html
Title: Любов Сирота. Вiршi

Search URL Search Domain Scan URL

URL: http://www.stihi.ru/author.html?svityk
Title: Любовь Сирота на Стихи.ру

Search URL Search Domain Scan URL

URL: http://www.proza.ru/avtor/svityk
Title: Любовь Сирота на Проза.ру

Search URL Search Domain Scan URL

URL: http://blog.meta.ua/~orantas/
Title: Блог на Meta.ua: Любовь Сирота

Search URL Search Domain Scan URL

URL: http://uk-ua.facebook.com/people/Lyubov-Sirota/758713995
Title: Lyubov Sirota | Facebook

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/The-Saved-Planet/179878742064618?sk=wall
Title: The Saved Planet | Facebook

Search URL Search Domain Scan URL

URL: https://youtu.be/C5tlVuaMq-4
Title: Из театральной жизни г. Припяти, 1985 г.

Search URL Search Domain Scan URL

URL: https://youtu.be/7CB4raseGy0
Title: День Припяти в Национальном музее "Чернобыль"

Search URL Search Domain Scan URL

URL: http://addyour.name/view.php?what=profile&id=77&lang=en
Title: Virtual Pripyat | Lyubov Sirota

Search URL Search Domain Scan URL

URL: http://pripyat.com/en/
Title: Pripyat.com / all about Pripyat and Chornobyl zone

Search URL Search Domain Scan URL

URL: http://tours.chernobylstore.com/about
Title: Welcome to Chernobyl Zone – Trips to Pripyat and Chernobyl Zone

Search URL Search Domain Scan URL

URL: http://chornobylmuseum.kiev.ua/uk/about/
Title: Національний музей "Чорнобиль" / National museum "Chornobyl"

Search URL Search Domain Scan URL

URL: http://www.postchernobyl.kiev.ua/neposilnaya-nosha/
Title: газета "ПОСТ ЧЕРНОБЫЛЬ/POST CHERNOBYL"

Search URL Search Domain Scan URL

URL: http://www.chernobylee.com/articles/misc/the-saved-planet---an-appeal.php
Title: Chernobyl and Eastern Europe by Mark Resnicoff

Search URL Search Domain Scan URL

URL: http://no-nukes.org/voices/archive4/vfp91.html
Title: Voices for Peace - May 7 2001

Search URL Search Domain Scan URL

URL: http://alexievich.info/booksEN.html#4
Title: Svetlana Alexievich.The Chernobyl prayer (the chronicle of the future)

Search URL Search Domain Scan URL

URL: http://www.lib.ru/NEWPROZA/ALEKSIEWICH/chernobyl.txt
Title: Светлана Алексиевич. Чернобыльская молитва

Search URL Search Domain Scan URL

URL: http://www.souzchernobyl.org/?id=748
Title: Б. А. Куркин "Бремя «мирного» атома"

Search URL Search Domain Scan URL

URL: http://www.lib.ru/MEMUARY/CHERNOBYL/medvedev.txt
Title: Григорий Медведев. Чернобыльская тетрадь

Search URL Search Domain Scan URL

URL: http://hrab.livejournal.com/
Title: Live Journal of Victor Hrabovskij

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/zhagalivka?feature=watch
Title: YouTube "Жагалівка" (поезії Віктора Грабовського)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://orantas.livejournal.com/ HTTP 301
https://orantas.livejournal.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://pics.livejournal.com/orantas/pic/000257ex/s320x240 HTTP 302
https://ic.pics.livejournal.com/orantas/12328215/14034/14034_320.jpg

Request Chain 39

https://imgprx.livejournal.net/e5953e14d54e7094800175fdd62c88e7bdb4f9e4/JGnEWk9ZyhgAGyn7guFEMGlimamghnmxx9Wrwl8ZRKJnC346PmhsFCJC-zu_lceFtX4Yw3ydznn2AypP_kF4X0xB1SuaCu7ywzhhVlvSvaPjcN2bgrQIGb1yDF3Yw8onkEgXg5_QenKgzfGF1xJABQ HTTP 301
https://litgazeta.com.ua/wp-content/uploads/2018/03/v_d-Kl_chaka-Prypyatska-beresta.jpg

Request Chain 40

https://imgprx.livejournal.net/752c86464189e976485730bf271cb11669ab4008/JGnEWk9ZyhgAGyn7guFEMCvQpvbqRS1Cm5cF7gQfP7G9X2Vant2N-YnCurejcj5vh4dP0J2uTfg9Q5HW4nFemgAhB9DjBABnMUnSTro3T3M HTTP 301
https://dlm3.meta.ua/pic/0/145/129/zX54yqy8ob.jpg?id=9535915

Request Chain 41

https://pics.livejournal.com/orantas/pic/0001008a HTTP 302
https://ic.pics.livejournal.com/orantas/12328215/5827/5827_original.jpg

Request Chain 42

https://pics.livejournal.com/orantas/pic/0000sqd2/s320x240 HTTP 302
https://ic.pics.livejournal.com/orantas/12328215/5123/5123_320.jpg

Request Chain 43

https://imgprx.livejournal.net/0089aff5b10f8e0dd96c01a72d8de709fbf95ed8/JGnEWk9ZyhgAGyn7guFEMB2OkR--peLMbjHCbxnmU0DdvlocZP4eDSivgBi3i6RPi_Ku6X9z4d5zZ95sDCoK_2tjgDP7K2zI0tv1KnRAsPo HTTP 301
https://bookclub.ua/images/db/goods/k/37387_56107_k.jpg

Request Chain 50

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310 HTTP 302
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310

Request Chain 83

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9822.TxxFpshYvNHrptQ05YNm54cHfFFor5jT6iJR9sVpdCmfOy4OYuFtHPDWFmmxyp_0.jhv3c3jD6QCIReLUYw21UgYGrbA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9822.cKEELcNpLg86wDhNMRAtO9eZMraJDR8ilAJxC9vPvvuikyUp-G5Abn60RhLoCKBp2OdzAk0HZO_sqelAsITZ4Q%2C%2C.-n9qCdkAMfgNEhrvcHAW61ZzGZQ%2C

Request Chain 84

https://gamd.hit.gemius.pl/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Forantas.livejournal.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yyzLrdJuOM.1iRLd9VGHrFy_XHUH7fMviQZSopNP1b..Y7kKO2_KoV4bDrfOlNrsbASsyOICXAJI6MVqgb_v2VWtjBnH/m0Wa8rDe1hCdo/&ltime=318&fpdata=a2TFCzb0FNRi_XdTEiljV8d4lniTrIf2OkL1xIEDNIj.d7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap= HTTP 301
https://gamd.hit.gemius.pl/__/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Forantas.livejournal.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yyzLrdJuOM.1iRLd9VGHrFy_XHUH7fMviQZSopNP1b..Y7kKO2_KoV4bDrfOlNrsbASsyOICXAJI6MVqgb_v2VWtjBnH/m0Wa8rDe1hCdo/&ltime=318&fpdata=a2TFCzb0FNRi_XdTEiljV8d4lniTrIf2OkL1xIEDNIj.d7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=

Request Chain 87

https://an.yandex.ru/mapuid/adfox/36535%3A6101?jsredir=1 HTTP 302
https://an.yandex.ru/mapuid/adfox/36535:6101?redir-setuniq=1&jsredir=1

Request Chain 89

https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22The%20Saved%20Planet%20%E2%80%94%20LiveJournal%22%2C%22pd_comments_style%22%3A%22s2%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Component%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080904%3Aet%3A1668413345%3Ac%3A1%3Arn%3A817764713%3Arqn%3A1%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C95%2C95%2C90%2C102%2C0%2C%2C708%2C213%2C%2C%2C%2C1091%3Acpf%3A1%3Ans%3A1668413343181%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413345%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22The%20Saved%20Planet%20%E2%80%94%20LiveJournal%22%2C%22pd_comments_style%22%3A%22s2%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Component%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080904%3Aet%3A1668413345%3Ac%3A1%3Arn%3A817764713%3Arqn%3A1%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C95%2C95%2C90%2C102%2C0%2C%2C708%2C213%2C%2C%2C%2C1091%3Acpf%3A1%3Ans%3A1668413343181%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413345%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Request Chain 90

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 133

https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8

Request Chain 134

https://sync.rambler.ru/emily?partner_id=maximatelecom&id=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=A7ED828881ECD8BF9C1655AD41707DB7

Request Chain 135

https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND613702303 HTTP 302
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5 HTTP 307
https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&ts=1668413347356&a=185&e=EB74B339E8A45D0519094D3294FDA5B5 HTTP 307
https://sync.rambler.ru/set?partner_id=vi&id=8msgHbWW9w63yw27pOih HTTP 302
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5

Request Chain 136

https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://top-fwz1.mail.ru/counter?id=3082612;pid=2AB1F637B303ECB1472BA02508580597 HTTP 302
https://top-fwz1.mail.ru/counter2?id=3082612;pid=2AB1F637B303ECB1472BA02508580597

Request Chain 138

https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&crf=1 HTTP 302
https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=cd373573-ccde-496c-83c4-07c0e8e01045 HTTP 302
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=cd373573-ccde-496c-83c4-07c0e8e01045 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=cd373573-ccde-496c-83c4-07c0e8e01045

Request Chain 139

https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&check-cookie=true

Request Chain 140

https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8&bounced=1

Request Chain 141

https://rambler-sync.rutarget.ru/sync?000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://sync.rambler.ru/set?partner_id=segmento&id=86QqOWqK1HVp

Request Chain 142

https://sync.rambler.ru/emily?partner_id=cldata&rnd=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=8B95C5DDC0506F0BF68138E7E5DA9EFC HTTP 302
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=8B95C5DDC0506F0BF68138E7E5DA9EFC&cs=1 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=9c933811-63f3-11ed-8ff0-f832e4719dd9&ru=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3201865%3Bpid%3D9c933811-63f3-11ed-8ff0-f832e4719dd9 HTTP 302
https://top-fwz1.mail.ru/counter?id=3201865;pid=9c933811-63f3-11ed-8ff0-f832e4719dd9

Request Chain 144

https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8&tc=1

Request Chain 147

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=000022d4-6371-f7a1-574d-b1c7b8a09fc8&bounce=1&random=1111643957 HTTP 302
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=Et5ae7ZL6DvQ.XpIWM/wfO

Request Chain 149

https://sync.rambler.ru/emily?partner_id=aidata&rnd=000022d4-6371-f7a1-574d-b1c7b8a09fc8 HTTP 302
https://x01.aidata.io/0.gif?pid=RAMBLER&id=9A71EE0ACE9F98CEDBA85139CCDE8870 HTTP 302
https://x01.aidata.io/0.gif?pid=RAMBLER&id=9A71EE0ACE9F98CEDBA85139CCDE8870&bounce=1 HTTP 302
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP HTTP 302
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

Request Chain 150

https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=415854137 HTTP 302
https://stats.mos.ru/static.gif?ramblerid=A9C71FAFFE180E0DCEA581B9089F1DB0

160 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
orantas.livejournal.com/
Redirect Chain

http://orantas.livejournal.com/
https://orantas.livejournal.com/

602 KB
132 KB

191ms
94ms

Document
text/html

81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://orantas.livejournal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: c9f3008f1f05fa7324cb04d7481154c805756a5976940c9bb88688d907621d51

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 99
Cache-Control: private, proxy-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 134898
Content-MD5: 25Xrn8GQQURKbHSGQG76qg
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Nov 2022 08:09:03 GMT
ETag: GgZz25Xrn8GQQURKbHSGQG76qg
Keep-Alive: timeout=50
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding,ETag,User-Agent
X-AWS-Id: 3dt-ws15
X-LJ-Flow-ID: Y3H3OqwcAAIAADpeMIcAAAAb
X-VWS-Id: kr-varn01.lj.rambler.tech
X-Varnish: 57083470 29378429

Redirect headers

Age: 101
Connection: keep-alive
Content-Length: 367
Content-Type: text/html; charset=iso-8859-1
Date: Mon, 14 Nov 2022 08:09:03 GMT
Keep-Alive: timeout=50
Location: https://orantas.livejournal.com/
Server: nginx
X-VWS-Id: kr-varn01.lj.rambler.tech
X-Varnish: 55718328 42808285

GET
H2 200 /
l-stat.livejournal.net/ 346 KB
52 KB 234ms
9ms Stylesheet
text/css 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 80c6cda206723bbebe71b8bf9007b02317df3c26b567205776e99bebd29978b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front10.lj.rambler.tech
content-length: 53041
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tjCawcAAIAAHoD0DkAAAAV
etag: GgZzW/F9NpojvKRUEnWgKoZ4sbFA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws17
access-control-allow-origin: *
x-varnish: 141200774
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 148 KB
38 KB 243ms
18ms Stylesheet
text/css 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??lj_base.css,flatbutton.css,widgets/calendar.css,widgets/filter-settings.css,components/modal.css,components/form.css,widgets/rutos.css,widgets/likes.css,widgets/login_v2.css,msgsystem.css?v=1667906829
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6a6daadd5134075786f3d2b1e0a9c653600a1897327236a5349f4e1d567c9143

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:22:14+00:00
x-gateway: front09.lj.rambler.tech
content-length: 38549
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tjNqwcAAIAAHpcAiwAAAAS
etag: GgZzW/bcKwmxr0DKNcIPioIxWzOg
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws03
access-control-allow-origin: *
x-varnish: 467104877
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 /
l-stat.livejournal.net/ 452 KB
338 KB 333ms
108ms Stylesheet
text/css 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??svg/flaticon.css,svg/headerextra.css,proximanova-opentype.css?v=1667906829
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0b1a096ac21b51b3c0c48e19beec04dfbdf7299abfb0af01622df5ca05743775

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front10.lj.rambler.tech
content-length: 346073
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tjCawcAAIAACEnlFIAAAAJ
etag: GgZzW/bQ69ZsriOvtP7akwsfhKWA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
x-aws-id: 3dt-ws24
access-control-allow-origin: *
x-varnish: 103812486
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 765 KB
252 KB 240ms
16ms Script
application/x-javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ef8768a71fa49beb09c457ea42f5f9eb1e4f29c43b7b182ff6a4903bd7c73361

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front09.lj.rambler.tech
content-length: 258028
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2r8YqwcAAIAAHZi3AUAAAAE
etag: GgZzW/ckH8F1lpbvKMJ5TmZb5gwg
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws09
access-control-allow-origin: *
x-varnish: 105581751 98874701
cache-control: public, max-age=4000000
x-vws-id: kr-varn07.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 1 MB
288 KB 242ms
17ms Script
application/x-javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??jquery/jquery.lj.calendar.js,jquery/jquery.mask.js,core/controlstrip.js,scheme/schemius/index.js,widgets/angular/login.js,jquery/jquery.lj.repostbutton.js,threeposts.js,recommended-entries.js,s2/index.js,old/esn.js,jquery/jquery.lj.confirmbubble.js,jquery/jquery.lj.ljcut.js,old/fb-select-image.js?v=1667906829
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 36a13082b53e92c5bc1169ac5ba590fddffc0fab6f50fc848162c5891bcdc285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:24:51+00:00
x-gateway: front01.lj.rambler.tech
content-length: 294352
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tj06wcAAIAAFk7QPUAAAAG
etag: GgZzW/5Zu33XiV1o6Am/y3Cai/YA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: kr-ws07
access-control-allow-origin: *
x-varnish: 531924969
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 capirs_async.js Show response
ssp.rambler.ru/ 510 KB
173 KB 395ms
171ms Script
application/x-javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/capirs_async.js

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

533b34d38da345b35d3884402e62118172f4714b0b59f8bc2534f18cb330e176

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:03 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Fri, 11 Nov 2022 12:54:32 GMT
server: nginx
etag: W/"636e4608-7f873"
content-type: application/x-javascript
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=60
x-passed: 0bal1
expires: Mon, 14 Nov 2022 08:10:03 GMT

GET
H2 200 sdk.js Show response
vp.rambler.ru/player/ 130 KB
38 KB 200ms
90ms Script
application/javascript 81.19.87.48
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vp.rambler.ru/player/sdk.js
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.87.48 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: apl.rambler-co.ru
Software: nginx /
Resource Hash: c1850456e5d392cada5cf57ba5aa0585b866b739520c24da5c4a8876e72a18df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-bytes-rcv: 0
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: br
via: 1.1 varnish (Varnish/6.2)
x-upstream-addr: 10.144.19.44:80
x-amz-request-id: db221a4e-3c27-4eb0-9337-313783a1a60e
age: 719
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime: -2
x-varnish-hostname: fa57bbd3fcf9b7a988d53ba4ba029c03
x-upstream-headertime: 1
content-length: 38036
x-upstream-connecttime: 0
last-modified: Thu, 10 Nov 2022 14:48:32 GMT
server: nginx
etag: "17ebe86b7bea9a8267f3080e890dec0d"
vary: Accept, Origin
content-type: application/javascript
x-varnish: 412169501 412424333
cache-control: max-age=300, public, max-age=300
x-bytes-snd: 0
accept-ranges: bytes
x-time: 0

GET
H/1.1 200
OK stylesheet
orantas.livejournal.com/res/15135907/ 5 KB
6 KB 131ms
47ms Stylesheet
text/css 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://orantas.livejournal.com/res/15135907/stylesheet?1668370657
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: e5b934debbee3b5f44a84c29dc1bb2f35075da6c0315156678c8b4fc4c319817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:03 GMT
Content-MD5: CjGxxkfHCRwaJKfbEqyK4A
Age: 99
Connection: keep-alive
Content-Length: 5386
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Tue, 27 Sep 2022 11:32:47 GMT
Server: nginx
X-LJ-Flow-ID: Y3H3PKwcAAIAAG4Y8oMAAAAF
ETag: CjGxxkfHCRwaJKfbEqyK4A
Vary: Accept-Encoding,ETag,User-Agent
Content-Type: text/css; charset=utf-8
X-AWS-Id: 3dt-ws01
X-Varnish: 32385304 17565735
Cache-Control: private, proxy-revalidate
X-VWS-Id: kr-varn01.lj.rambler.tech
Accept-Ranges: bytes
Keep-Alive: timeout=50

GET
H2 200 userinfo_v8.svg
l-stat.livejournal.net/img/ 1 KB
693 B 11ms
5ms Image
image/svg+xml 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/userinfo_v8.svg?v=17080?v=614
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front10.lj.rambler.tech
content-length: 523
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 04:44:40 GMT
server: nginx
x-lj-flow-id: Y2tjCqwcAAIAAHoiBX8AAAAb
etag: GgZz3Lj/0Zs7IF/99OqziMt7VA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 60540936
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 print-logo.png
l-stat.livejournal.net/img/schemius/ 2 KB
2 KB 24ms
17ms Image
image/png 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/print-logo.png?v=49361
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front09.lj.rambler.tech
content-length: 2249
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 13:42:41 GMT
server: nginx
x-lj-flow-id: Y2tjCqwcAAIAAC3osqwAAAAR
etag: GgZzYGcFKOznFaw7EFLw6wHnuA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
x-aws-id: 3dt-ws23
access-control-allow-origin: *
x-varnish: 101487563
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p106d47a0013921
l-stat.livejournal.net/palimg/component/back.gif/ 69 B
283 B 21ms
15ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/back.gif/p106d47a0013921
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: abd339c23539aa6a92e9481b2ea3fabf46a481643f4c4f94add2f6c8c97a5eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:08:18+00:00
x-gateway: front03.lj.rambler.tech
content-length: 69
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 May 2017 09:56:45 GMT
server: nginx
x-lj-flow-id: Y2vCYqwcAAIAACCy5rgAAAAL
etag: "1495706205-69:p0(013921):p1(06d47a)"
content-type: image/gif
x-aws-id: 3dt-ws26
access-control-allow-origin: *
x-varnish: 115083948
cache-control: public, max-age=4000000
x-vws-id: kr-varn05.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 clear.gif
l-stat.livejournal.net/palimg/component/ 43 B
207 B 22ms
16ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/clear.gif
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:25:33+00:00
x-gateway: front06.lj.rambler.tech
content-length: 43
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 May 2017 09:56:45 GMT
server: nginx
x-lj-flow-id: Y2tj-awcAAIAABomaS8AAAAE
etag: "23496e-2b-550563d099140"
content-type: image/gif
x-aws-id: 3dt-ws26
access-control-allow-origin: *
x-varnish: 95288024
cache-control: public, max-age=4000000
x-vws-id: kr-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p006d47a10139212049957
l-stat.livejournal.net/palimg/component/curve-top-left.gif/ 58 B
216 B 22ms
16ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/curve-top-left.gif/p006d47a10139212049957
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c8dfec723abb2a919e34dd58d3073bb30ba42ac12d80dd340cc0affb09413bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:08:18+00:00
x-gateway: front09.lj.rambler.tech
content-length: 58
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2vCYqwcAAIAAF1K1NgAAAAY
etag: "1474494691-58:p0(06d47a):p1(013921):p2(049957)"
content-type: image/gif
x-aws-id: kr-ws04
access-control-allow-origin: *
x-varnish: 111347813
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p006d47a10139212049957
l-stat.livejournal.net/palimg/component/curve-top-right.gif/ 57 B
247 B 23ms
18ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/curve-top-right.gif/p006d47a10139212049957
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b451853dc201a467958df83df6f46b65519b0de16800351bf1c8a5f397f6d3fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:11:07+00:00
x-gateway: front05.lj.rambler.tech
content-length: 57
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2u-lKwcAAIAAH2KE8wAAAAb
etag: "1474494691-57:p0(06d47a):p1(013921):p2(049957)"
content-type: image/gif
x-aws-id: 3dt-ws18
access-control-allow-origin: *
x-varnish: 541815021 545021106
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p006d47a10139212049957
l-stat.livejournal.net/palimg/component/curve-bottom-left.gif/ 56 B
286 B 29ms
23ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/curve-bottom-left.gif/p006d47a10139212049957
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: abc2a810d697922af435230777a22e7cc36a1663be914abb95c3082ea2b0ceb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:11:06+00:00
x-gateway: front09.lj.rambler.tech
content-length: 56
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2vDCqwcAAIAAGEXGVQAAAAX
etag: "1474494691-56:p0(06d47a):p1(013921):p2(049957)"
content-type: image/gif
x-aws-id: kr-ws01
access-control-allow-origin: *
x-varnish: 104889175
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p006d47a10139212049957
l-stat.livejournal.net/palimg/component/curve-bottom-right.gif/ 57 B
171 B 31ms
26ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/curve-bottom-right.gif/p006d47a10139212049957
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bc71e43a972f43b75f69021e3f79740aa723687638ad6e737e9a16e353cb2a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:08:18+00:00
x-gateway: front09.lj.rambler.tech
content-length: 57
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2vCYqwcAAIAAF4dLjwAAAAC
etag: "1474494691-57:p0(06d47a):p1(013921):p2(049957)"
content-type: image/gif
x-aws-id: kr-ws05
access-control-allow-origin: *
x-varnish: 28891550
cache-control: public, max-age=4000000
x-vws-id: kr-varn03.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p006d47a1013921
l-stat.livejournal.net/palimg/component/btn_share.gif/ 134 B
371 B 30ms
25ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/btn_share.gif/p006d47a1013921
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f5b497a52d62356f4a75ce54d3a2d0fc5bc27fecf53b686d2a1f106ec6ec4cac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:13:23+00:00
x-gateway: front01.lj.rambler.tech
content-length: 134
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2vDk6wcAAIAAH-6W6sAAAAI
etag: "1474494691-134:p0(06d47a):p1(013921)"
content-type: image/gif
x-aws-id: kr-ws13
access-control-allow-origin: *
x-varnish: 21523804
cache-control: public, max-age=4000000
x-vws-id: kr-varn07.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 p606d47a4013921
l-stat.livejournal.net/palimg/component/btn_flag.gif/ 932 B
1 KB 29ms
24ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/btn_flag.gif/p606d47a4013921
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b1198f0965e90f5cd01f28f4d3d42226736c1dd8346606b5f8cb78070746b09f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:13:12+00:00
x-gateway: front06.lj.rambler.tech
content-length: 932
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 25 May 2017 09:56:45 GMT
server: nginx
x-lj-flow-id: Y2vDiKwcAAIAAH9YOeYAAAAP
etag: "1495706205-932:p4(013921):p6(06d47a)"
content-type: image/gif
x-aws-id: kr-ws18
access-control-allow-origin: *
x-varnish: 103381366
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 tild3534-3630-4334-a366-303432353166__stus.jpg
www.pravda.com.ua/cdn/graphics/2016/08/stus/images/ 8 KB
8 KB 122ms
48ms Image
image/webp 107.178.251.122
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pravda.com.ua/cdn/graphics/2016/08/stus/images/tild3534-3630-4334-a366-303432353166__stus.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.251.122 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 122.251.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: d209df68586a60777ff6486a0b0a483a6bb2388ca9357a78bf23b19e28a2ff1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
via: 1.1 google
last-modified: Tue, 23 Aug 2016 10:45:13 GMT
server: nginx
etag: "57bc2939-1ed4"
vary: Accept,Accept-Encoding
content-type: image/webp
cache-control: public,max-age=1209600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7892

GET
H2 200 23935_600.jpg
ic.pics.livejournal.com/orantas/12328215/23935/ 2 KB
2 KB 265ms
15ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/23935/23935_600.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b5e55609df8064007ad8c80269400ad6e1ab807e58dddaf998d0e8636ea83eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.59:80/dev34/0/465/953/0465953409.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn03
x-cached-since: 2022-11-14T08:07:27+00:00
content-length: 1706
last-modified: Sun, 16 Oct 2016 00:45:09 GMT
server: nginx
etag: "6aa-53ef0c56eeda7"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:27 GMT

GET
H2 200 12328215
l-userpic.livejournal.com/58651435/ 8 KB
8 KB 353ms
6ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-userpic.livejournal.com/58651435/12328215
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: dc2f45874e795099bb0f12774ff46212904aea1be459d337ff071fa4424b6819

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
last-modified: Mon, 27 Mar 2017 05:34:02 GMT
server: nginx
age: 0
access-control-allow-methods: GET
x-varnish: 52873913
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
x-cached-since: 2022-11-14T08:07:27+00:00
accept-ranges: bytes
content-length: 7718

GET
H2 200 p006d47a1013921
l-stat.livejournal.net/palimg/component/backarrow.gif/ 86 B
248 B 23ms
19ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/backarrow.gif/p006d47a1013921
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 315790343975d062cda4cc6e8bca99d11cc9e07471bf00478c299a57b9ea0e2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:05:41+00:00
x-gateway: front10.lj.rambler.tech
content-length: 86
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2vBxawcAAIAAF4Dvu8AAAAH
etag: "1474494691-86:p0(06d47a):p1(013921)"
content-type: image/gif
x-aws-id: kr-ws05
access-control-allow-origin: *
x-varnish: 543945001
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H/1.1 200
OK /
xc3.services.livejournal.com/ljcounter/ 35 B
704 B 363ms
87ms Image
image/gif 81.19.74.3
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xc3.services.livejournal.com/ljcounter/?d=srv:3dt-ws15,r:0,j:12328215,p:12328215,uri:%22%2F%22,vig:0,m:0,extra:ALwdFwC8HRcAAGi6ALwdFwC8HRcAAGceALwdFwC8HRcAAGV%2FALwdFwC8HRcAAGQbALwdFwC8HRcAAGMUALwdFwC8HRcAAGKLALwdFwC8HRcAAGF2ALwdFwC8HRcAAGBGALwdFwC8HRcAAF9OALwdFwC8HRcAAF1S

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

81.19.74.3 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),

Reverse DNS

livejournal.com

Software

nginx /

Resource Hash

3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
Strict-Transport-Security: max-age=31536000;
Server: nginx
Access-Control-Allow-Methods: GET, OPTIONS, POST, PUT, DELETE, HEAD
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=50
Content-Length: 35
Access-Control-Allow-Headers: accept, x-custom-parameter, content-type, x-request-id, authorization, accept-language, accept-charset, pragma, user-agent

GET
H2 200 / Show response
l-stat.livejournal.net/js/ 192 KB
62 KB 24ms
20ms Script
application/x-javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??front-bundled/dist/reactEssentials.js,front-bundled/dist/s2.js?v=1667906829
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 0ab6545215a401c77c9d6cb01f678bc6ee323d1d3b23c6151aa5ce7d0243be3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:03 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:31+00:00
x-gateway: front09.lj.rambler.tech
content-length: 63055
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tcu6wcAAIAAC1RXwAAAAAZ
etag: GgZzW/VpN6uxjq+5iYLb5oV8hJPw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws05
access-control-allow-origin: *
x-varnish: 328098552 530912612
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8= Show response
fundingchoicesmessages.google.com/f/ 110 KB
39 KB 170ms
76ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW4FWZuUtdQFTVPtyUM4nsYfj3wG8QdpDhzmDLVqXGEglR_b97iM8a5aTdO549-sZ58LY6aha4qN4XrLBOqmT8=

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ed673a174576a45261c956f5bcb1a14717264c6b876cafcbd35d5cbe2c1fdf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-T-aNW5-_BTezx8_n3-LTJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-T-aNW5-_BTezx8_n3-LTJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 133ms
48ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 07:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3190
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 09:15:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 105 KB
41 KB 137ms
44ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJBSQR

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

633cdd0312f932e2c6c3667b79befcbb86af19b201d577c2f8d0a7eb541ba799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41064
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 08:09:04 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 43ms
8ms Script
application/javascript 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:00:01 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 47342
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: p-dAiKcYwohtIveR-XmOUD9-xIhX-Y3hurUO-EvplLY6T4jmnS7mcw==

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d

Request headers

Referer
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 / Show response
l.lj-toys.com/ Frame 4446 3 KB
1 KB 398ms
6ms Document
text/html 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2b480807dad1ce0cfc66fb15a351d9b3280071f0c1c919a68f611ee2d79d8b41

Request headers

Referer: https://orantas.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache: HIT
cache-control: public, max-age=20000
content-encoding: gzip
content-language
content-type: text/html; charset=utf-8
date: Mon, 14 Nov 2022 08:09:04 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-aws-id: kr-ws20
x-cached-since: 2022-11-14T08:07:27+00:00
x-gateway: front10.lj.rambler.tech
x-id: fr5-up-gc15
x-lj-flow-id: Y3H3P6wcAAIAADyo2wcAAAAB
x-varnish: 48825607
x-vws-id: kr-varn05.lj.rambler.tech

GET
H2 200 logo.svg
l-stat.livejournal.net/img/schemius/ 3 KB
2 KB 15ms
15ms Image
image/svg+xml 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/logo.svg?v=51065
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front09.lj.rambler.tech
content-length: 1362
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 14:11:05 GMT
server: nginx
x-lj-flow-id: Y2tG8KwcAAIAAHkIFBsAAAAQ
etag: GgZz3z079X2cVU4y1yrKm4XODA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws19
access-control-allow-origin: *
x-varnish: 471662226 497005583
cache-control: public, max-age=4000000
x-vws-id: os-varn02.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 s-icons.svg
l-stat.livejournal.net/img/schemius/ 15 KB
6 KB 13ms
13ms Image
image/svg+xml 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/s-icons.svg?v=40651
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:34+00:00
x-gateway: front02.lj.rambler.tech
content-length: 5613
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 11:17:31 GMT
server: nginx
x-lj-flow-id: Y2sUbqwcAAIAAHcoczAAAAAb
etag: GgZzPs10q9OPQj9DZHt/ejloHw
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: 3dt-ws04
access-control-allow-origin: *
x-varnish: 145067251 134774697
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 userinfo_v3.svg
l-stat.livejournal.net/img/ 830 B
704 B 13ms
12ms Image
image/svg+xml 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/userinfo_v3.svg?v=41686
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 09416e85998ce2c89943da3aa3563633045a0135d33f8124818dda75075bfd73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front09.lj.rambler.tech
content-length: 510
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 11:34:46 GMT
server: nginx
x-lj-flow-id: Y2tjCqwcAAIAAFkmYPgAAAAG
etag: GgZznMnKtSXtEJ5/kYeh/07ByA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
x-aws-id: kr-ws03
access-control-allow-origin: *
x-varnish: 63186541 100703755
cache-control: public, max-age=4000000
x-vws-id: kr-varn04.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 s-nav-sub.png
l-stat.livejournal.net/img/schemius/ 185 B
376 B 13ms
13ms Image
image/png 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/img/schemius/s-nav-sub.png?v=49993
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7f5227e46407757193378bcaf07518e02bd8dc212583257f730708a2e7b08aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??schemius_v4/header_v5.css,schemius_v4/header-journal.css,medius/scheme/components.css,lj_base-journal.css,common-post.css,adv/native.css,widgets/threeposts.css,recaptcha.css,categories/category-panel.css,core/components/tag.css,core/components/basepopup.css,core/components/lightcontrols.css,popup/popup-suggestion.css,popup/popup-trump.css,popup/popup-map-invite.css,popup/push-woosh-popup.css,widgets/reactions.css,notifications/list.css,widgets/polls.css,schemius_v4/asap-news.css,components/interest.css,components/cookies-banner.css,components/modal-repost.css?v=1667906829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:30+00:00
x-gateway: front09.lj.rambler.tech
content-length: 201
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 13:53:13 GMT
server: nginx
x-lj-flow-id: Y2tjCqwcAAIAAHmvC-wAAAAO
etag: GgZzrGXt4xjQFTTp/O4mQ3nLag
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/png
x-aws-id: 3dt-ws11
access-control-allow-origin: *
x-varnish: 100248183
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 pt049957
l-stat.livejournal.net/palimg/component/top-bg.gif/ 152 B
354 B 13ms
12ms Image
image/gif 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l-stat.livejournal.net/palimg/component/top-bg.gif/pt049957
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/res/15135907/stylesheet?1668370657
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59070a0ec6a10af8628870eb04841dece85d5b8ee82dd8030d08c1a2602c7309

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/res/15135907/stylesheet?1668370657
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T15:08:18+00:00
x-gateway: front10.lj.rambler.tech
content-length: 152
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 21 Sep 2016 21:51:31 GMT
server: nginx
x-lj-flow-id: Y2uWXqwcAAIAAHxPOOAAAAAH
etag: "1474494691-152"
content-type: image/gif
x-aws-id: 3dt-ws12
access-control-allow-origin: *
x-varnish: 112871817 148195573
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

Request headers

Referer
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 46 KB
46 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead

Request headers

Referer
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2

200

14034_320.jpg
ic.pics.livejournal.com/orantas/12328215/14034/
Redirect Chain

https://pics.livejournal.com/orantas/pic/000257ex/s320x240
https://ic.pics.livejournal.com/orantas/12328215/14034/14034_320.jpg

17 KB
17 KB

9ms
8ms

Image
image/jpeg

2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/14034/14034_320.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e9e6eaf61891861ccb8a2794757d2c28e18ca84386f5207c07f4e40dfaf73132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.60:80/dev38/0/189/700/0189700771.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn06
x-cached-since: 2022-11-14T08:07:28+00:00
content-length: 17086
last-modified: Wed, 01 Feb 2017 15:45:42 GMT
server: nginx
etag: W/"3210d-54779f0f6cb66"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:28 GMT

Redirect headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 0
x-lj-flow-id: Y3H3oKwcAAIAAG3zVnEAAAAW
content-type: text/plain; charset=UTF-8
location: https://ic.pics.livejournal.com/orantas/12328215/14034/14034_320.jpg
x-aws-id: 3dt-ws08
x-varnish: 69829771
cache-control: private, proxy-revalidate
x-vws-id: kr-varn01.lj.rambler.tech
cache: MISS
x-gateway: front09.lj.rambler.tech
content-length: 0

GET
H2 200 32490_300.jpg
ic.pics.livejournal.com/orantas/12328215/32490/ 27 KB
27 KB 72ms
17ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/32490/32490_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c68abb4d43e27b4653e92b28e3795ccaa0f1a59cb68874bfd673b79c6e597733

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.68:80/dev71/0/849/328/0849328534.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn06
x-cached-since: 2022-11-14T08:07:28+00:00
content-length: 27977
last-modified: Sun, 12 Aug 2018 05:54:26 GMT
server: nginx
etag: W/"22162d-573369c0b8734"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:27 GMT

GET
H/1.1

200
OK

v_d-Kl_chaka-Prypyatska-beresta.jpg
litgazeta.com.ua/wp-content/uploads/2018/03/
Redirect Chain

https://imgprx.livejournal.net/e5953e14d54e7094800175fdd62c88e7bdb4f9e4/JGnEWk9ZyhgAGyn7guFEMGlimamghnmxx9Wrwl8ZRKJnC346PmhsFCJC-zu_lceFtX4Yw3ydznn2AypP_kF4X0xB1SuaCu7ywzhhVlvSvaPjcN2bgrQIGb1yDF3Yw...
https://litgazeta.com.ua/wp-content/uploads/2018/03/v_d-Kl_chaka-Prypyatska-beresta.jpg

2 MB
2 MB

151ms
28ms

Image
image/jpeg

206.54.183.89
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://litgazeta.com.ua/wp-content/uploads/2018/03/v_d-Kl_chaka-Prypyatska-beresta.jpg

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

HTTP/1.1

Server

206.54.183.89 , United States, ASN35415 (WEBZILLA, NL),

Reverse DNS

vm12289.fozzyhost.com

Software

nginx/1.20.2 /

Resource Hash

28fc6fddeebd4ee19de72e56c1cfcccb276e229c546483b2d2efa1939c8489f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
Strict-Transport-Security: max-age=31536000;
Last-Modified: Thu, 07 May 2020 21:59:30 GMT
Server: nginx/1.20.2
ETag: "5eb484c2-1a2ef1"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1715953

Redirect headers

Location: https://litgazeta.com.ua:443/wp-content/uploads/2018/03/v_d-Kl_chaka-Prypyatska-beresta.jpg
Date: Mon, 14 Nov 2022 08:09:04 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=50
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2

204

zX54yqy8ob.jpg
dlm3.meta.ua/pic/0/145/129/
Redirect Chain

https://imgprx.livejournal.net/752c86464189e976485730bf271cb11669ab4008/JGnEWk9ZyhgAGyn7guFEMCvQpvbqRS1Cm5cF7gQfP7G9X2Vant2N-YnCurejcj5vh4dP0J2uTfg9Q5HW4nFemgAhB9DjBABnMUnSTro3T3M
https://dlm3.meta.ua/pic/0/145/129/zX54yqy8ob.jpg?id=9535915

0
472 B

133ms
77ms

Image
text/plain

2606:4700:20::681a:ef9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlm3.meta.ua/pic/0/145/129/zX54yqy8ob.jpg?id=9535915
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 2606:4700:20::681a:ef9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BMFDSTqbBCCZCtC3uxJz%2Fvgbq2YI4MXMKaaH11Pj%2B%2BtQu5ltGhcV5zvmKb0QY0nXBShK4xKi%2ByWMBTVMm6dTS5rXXouOMzZEnajaCIaCHBZuutMAwrSyq15UToA%2Bh%2B2LwfA8DjeUgCAsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 769e434b98dd9186-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 14 Nov 2023 08:09:04 GMT

Redirect headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: nginx
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iHOuhPnsm2ZuFv9EonmVl1Wzlrk24AROKt0jtGAhLMSDnjDwJi28xb8DFlkRBVwAAw8BHDWinQDfCvLW4a21jOYT%2B1BoBIaswWjdSTFoT6XdGYPvTV%2FI7zDHEMyTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://dlm3.meta.ua/pic/0/145/129/zX54yqy8ob.jpg?id=9535915
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
Server-Timing: cf-q-config;dur=6.9999950937927e-06
CF-RAY: 769e40eafe319db1-DME
Keep-Alive: timeout=50
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Expires: Mon, 14 Nov 2022 09:07:27 GMT

GET
H2

200

5827_original.jpg
ic.pics.livejournal.com/orantas/12328215/5827/
Redirect Chain

https://pics.livejournal.com/orantas/pic/0001008a
https://ic.pics.livejournal.com/orantas/12328215/5827/5827_original.jpg

4 KB
4 KB

8ms
7ms

Image
image/jpeg

2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/5827/5827_original.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f0a8596e35b82d231d3ab9f993b23fc882f4492e6dcca232aec7320ff310c757

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.60:80/dev39/0/115/738/0115738057.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn03
x-cached-since: 2022-11-14T08:07:28+00:00
content-length: 3733
last-modified: Sun, 05 Feb 2017 12:48:28 GMT
server: nginx
etag: "e95-547c7ee735820"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:27 GMT

Redirect headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 0
x-lj-flow-id: Y3H3oKwcAAIAADsY@NoAAAAX
content-type: text/plain; charset=UTF-8
location: https://ic.pics.livejournal.com/orantas/12328215/5827/5827_original.jpg
x-aws-id: 3dt-ws09
x-varnish: 68683389
cache-control: private, proxy-revalidate
x-vws-id: kr-varn01.lj.rambler.tech
cache: MISS
x-gateway: front03.lj.rambler.tech
content-length: 0

GET
H2

200

5123_320.jpg
ic.pics.livejournal.com/orantas/12328215/5123/
Redirect Chain

https://pics.livejournal.com/orantas/pic/0000sqd2/s320x240
https://ic.pics.livejournal.com/orantas/12328215/5123/5123_320.jpg

11 KB
12 KB

8ms
7ms

Image
image/jpeg

2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/5123/5123_320.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 281c317cd6a8a430907d0d0b990a24e69baafe293e66fb01e8ed29d06786d8b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.79:80/dev130/0/115/072/0115072363.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn02
x-cached-since: 2022-11-14T08:07:29+00:00
content-length: 11707
last-modified: Fri, 31 Jul 2020 23:54:48 GMT
server: nginx
etag: W/"134b3-5abc5839b62fc"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:29 GMT

Redirect headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
age: 0
x-lj-flow-id: Y3H3oKwcAAIAADxMHtwAAAAB
content-type: text/plain; charset=UTF-8
location: https://ic.pics.livejournal.com/orantas/12328215/5123/5123_320.jpg
x-aws-id: kr-ws16
x-varnish: 90155648
cache-control: private, proxy-revalidate
x-vws-id: kr-varn02.lj.rambler.tech
cache: MISS
x-gateway: front10.lj.rambler.tech

GET
H/1.1

200
OK

37387_56107_k.jpg
bookclub.ua/images/db/goods/k/
Redirect Chain

https://imgprx.livejournal.net/0089aff5b10f8e0dd96c01a72d8de709fbf95ed8/JGnEWk9ZyhgAGyn7guFEMB2OkR--peLMbjHCbxnmU0DdvlocZP4eDSivgBi3i6RPi_Ku6X9z4d5zZ95sDCoK_2tjgDP7K2zI0tv1KnRAsPo
https://bookclub.ua/images/db/goods/k/37387_56107_k.jpg

22 KB
22 KB

245ms
39ms

Image
image/jpeg

62.149.25.100
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bookclub.ua/images/db/goods/k/37387_56107_k.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: HTTP/1.1
Server: 62.149.25.100 Vyshhorod, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: bookclub.vds.colocall.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40 /
Resource Hash: 5efbb4989d6e32ee3d4a9967e12a0967428dab2e6e6b4f5470bf2297c72bc41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
Last-Modified: Fri, 19 Feb 2016 13:06:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.6.40
ETag: "5735-52c1f2650ef80"
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22325
Expires: Wed, 14 Dec 2022 08:09:04 GMT

Redirect headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
Server: nginx
Content-Type: text/html; charset=iso-8859-1
Location: https://bookclub.ua/images/db/goods/k/37387_56107_k.jpg
Cache-Control: max-age=2592000
Connection: keep-alive
Keep-Alive: timeout=50
Content-Length: 263
Expires: Wed, 14 Dec 2022 08:07:27 GMT

GET
H2 200 30316_300.jpg
ic.pics.livejournal.com/orantas/12328215/30316/ 18 KB
18 KB 39ms
16ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/30316/30316_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ce34dc9dffab252719b471e670a9a5971ea420f57d1b64d0637f81fc39b8df19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.74:80/dev95/0/735/442/0735442297.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn04
x-cached-since: 2022-11-14T08:07:28+00:00
content-length: 18689
last-modified: Thu, 27 Oct 2016 06:40:15 GMT
server: nginx
etag: W/"4f6e3-53fd303ad288b"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:27 GMT

GET
H2 200 31528_300.jpg
ic.pics.livejournal.com/orantas/12328215/31528/ 33 KB
33 KB 19ms
15ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/31528/31528_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: b3aca9fff5946d22e103a99d91e3dca89adcc8a31b3d112eb3c21deee851059c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.72:80/dev146/0/735/443/0735443101.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn05
x-cached-since: 2022-11-14T08:07:29+00:00
content-length: 33388
last-modified: Fri, 27 Nov 2020 17:43:56 GMT
server: nginx
etag: W/"13913-5b51a346bdf90"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:29 GMT

GET
H2 200 31315_300.jpg
ic.pics.livejournal.com/orantas/12328215/31315/ 26 KB
26 KB 11ms
7ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/31315/31315_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e63c5f230b1ea2cf9d276c81bfa69a58041a09c42602f45801be654dd0937ce8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.24:80/dev173/0/735/443/0735443043.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn07
x-cached-since: 2022-11-14T08:07:30+00:00
content-length: 26428
last-modified: Tue, 14 Sep 2021 01:31:22 GMT
server: nginx
etag: W/"a8bd-5cbea8a087a3f"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:30 GMT

GET
H2 200 29714_300.jpg
ic.pics.livejournal.com/orantas/12328215/29714/ 38 KB
38 KB 13ms
9ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/29714/29714_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 612bb4b81a965b2b1c566b56f4c5519a025fd7cac76bd985cfaf312e6ceafb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.51:80/dev4/0/735/441/0735441329.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn07
x-cached-since: 2022-11-14T08:07:30+00:00
content-length: 38490
last-modified: Tue, 20 Oct 2020 17:16:10 GMT
server: nginx
etag: W/"18aea-5b21d63216591"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:30 GMT

GET
H2 200 29523_300.jpg
ic.pics.livejournal.com/orantas/12328215/29523/ 18 KB
18 KB 18ms
14ms Image
image/jpeg 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.pics.livejournal.com/orantas/12328215/29523/29523_300.jpg
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6638ee6bc18d8d944e3da0b694d76cfc3a95e9896460107ec2aa3e7210e56097

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-mog-pth: http://10.27.0.66:80/dev64/0/685/225/0685225056.fid
x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
x-phn-id: kr-phwsn03
x-cached-since: 2022-11-14T08:07:28+00:00
content-length: 18457
last-modified: Fri, 21 Oct 2016 18:41:21 GMT
server: nginx
etag: W/"65bee-53f646376fb4f"
access-control-allow-methods: POST, GET, OPTIONS, HEAD
content-type: image/jpeg; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2592000
cache: HIT
accept-ranges: bytes
expires: Wed, 14 Dec 2022 08:07:27 GMT

GET
H/1.1 404
Not Found JGnEWk9ZyhgAGyn7guFEMAmGYxzGiIx2F9zotLZ7Fii0PI4hOFI5420yBpH2Zg43j0EbdMV_3bH_gJxf-epk1gOAscTbfvzQNkDZeo7zhz4
imgprx.livejournal.net/ce0b7965ae03151072fea0905f9fd745c6b6488b/ 0
0 261ms
67ms Image
text/html 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgprx.livejournal.net/ce0b7965ae03151072fea0905f9fd745c6b6488b/JGnEWk9ZyhgAGyn7guFEMAmGYxzGiIx2F9zotLZ7Fii0PI4hOFI5420yBpH2Zg43j0EbdMV_3bH_gJxf-epk1gOAscTbfvzQNkDZeo7zhz4
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2

200

669613310
www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/
Redirect Chain

https://www.tns-counter.ru/V13a***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310
https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310

43 B
297 B

55ms
54ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.3.5/1.20.2 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:04 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:04 GMT
strict-transport-security: max-age=2678400
server: ms-counter-3.3.5/1.20.2
content-type: image/gif
location: https://www.tns-counter.ru/V13b***R%3E*sup_ru/ru/UTF-8/tmsec=lj_noncyr/669613310
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 top100.js Show response
st.top100.ru/top100/ 95 KB
30 KB 269ms
84ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/top100.js
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 72a2368731327a91b31822b197d001e5aedb056292594064ad7cd2635bbe04cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 13:15:10 GMT
server: nginx/1.19.4
x-amz-request-id: tx000000000000167ec06de-006371f666-f8aa9c-default
etag: W/"9fd902bf1f75a67e2246f205c7efcc39"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=3600
expires: Mon, 14 Nov 2022 09:09:04 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 170ms
53ms Script
application/x-javascript 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?168
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv78-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: br
x-frontend: front225204
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
server: kittenx
etag: "62f3c441-5b1a"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23322
expires: Fri, 18 Nov 2022 08:09:04 GMT

GET
H2 200 recommender.js Show response
rcmjs.rambler.ru/static/ 34 KB
12 KB 331ms
88ms Script
application/javascript 81.19.82.102
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rcmjs.rambler.ru/static/recommender.js
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.82.102 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: tower-cs3524.ramtel.ru
Software: nginx /
Resource Hash: a515c54d9875f8bfb0088c384564211f5fd7ff93817ebe3abf7c2a9843803b08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
x-srv-addr: 10.128.24.52:80
last-modified: Fri, 11 Nov 2022 10:00:03 GMT
server: nginx
etag: W/"636e1d23-8673"
content-type: application/javascript
cache-control: max-age=3600, must-revalidate
x-envoy-upstream-service-time: 1

GET
H2 200 xgemius.js Show response
gamd.hit.gemius.pl/ 59 KB
16 KB 139ms
32ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/xgemius.js
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 8840d9c9c344971a99aab2ca61ca344c65822fb1c87f9cfb82ed7edfd78d2b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 11:44:35 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 15975
expires: Mon, 14 Nov 2022 20:09:04 GMT

GET
DATA 200
OK truncated
/ 449 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 207ms
92ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-11ef4"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73460
expires: Mon, 14 Nov 2022 09:09:04 GMT

GET
H/1.1 200
OK main.js Show response
static-mon.yandex.net/static/ 83 KB
84 KB 228ms
55ms XHR
application/javascript 2a02:6b8::402
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL: https://static-mon.yandex.net/static/main.js?pid=livejournal
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:6b8::402 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software: /
Resource Hash: 216f6d8d49b582cd64063dd43e53088b2517fa47183043a66eb1f7549b6b7af5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:04 GMT
Last-Modified: Mon, 14 Nov 2022 08:08:53 GMT
Nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
X-Amz-Request-Id: f5e30f48f22bf9eb
Transfer-Encoding: chunked
Report-To: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=SAS"}]}
Content-Type: application/javascript
Access-Control-Allow-Origin: https://orantas.livejournal.com
Access-Control-Expose-Headers: Content-Lenght
Cache-Control: max-age=600,private
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding, Origin
X-Robots-Tag: noindex, noarchive, nofollow
X-Consumed-Content-Encoding: gzip
Content-Lenght: 84926

GET
H2 200 / Show response
l-stat.livejournal.net/ Frame C1B4 144 B
407 B 7ms
7ms Document
text/html 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1667906829
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??jquery/jquery.lj.calendar.js,jquery/jquery.mask.js,core/controlstrip.js,scheme/schemius/index.js,widgets/angular/login.js,jquery/jquery.lj.repostbutton.js,threeposts.js,recommended-entries.js,s2/index.js,old/esn.js,jquery/jquery.lj.confirmbubble.js,jquery/jquery.lj.ljcut.js,old/fb-select-image.js?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: bf46d00f68b9c039d5f7bd123c40ec6abbb50e00be6eb36adcbfddce96675f59

Request headers

Referer: https://orantas.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-private-network: true
age: 0
cache: HIT
cache-control: public, max-age=4000000
content-encoding: gzip
content-length: 137
content-type: text/html; charset=UTF-8
date: Mon, 14 Nov 2022 08:09:04 GMT
etag: GgZzW/11FfzIvUKV9T3g17tS3Kmg
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
vary: Accept-Encoding
x-aws-id: 3dt-ws16
x-cached-since: 2022-11-09T08:21:32+00:00
x-gateway: front04.lj.rambler.tech
x-id: fr5-up-gc15
x-lj-flow-id: Y2tjDKwcAAIAAHnKOesAAAAN
x-varnish: 68763274
x-vws-id: kr-varn05.lj.rambler.tech

GET
H2 204 b
sb.scorecardresearch.com/ 0
192 B 9ms
8ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=10463284&cs_it=b3&cv=3.8.0.210223&ns__t=1668413344493&ns_c=UTF-8&c7=https%3A%2F%2Forantas.livejournal.com%2F&c8=The%20Saved%20Planet%20%E2%80%94%20LiveJournal&c9=
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: L7GjXYt7DQdZ_VhV7rjH8QxW7IkfZlGteFBauJHNTHt_8zNKkN3sIw==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
l-api.livejournal.com/__api/ 92 B
362 B 73ms
8ms Script
application/javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-api.livejournal.com/__api/?callback=jQuery4634491sitemessage__get_message&request=%7B%22jsonrpc%22%3A%222.0%22%2C%22method%22%3A%22sitemessage.get_message%22%2C%22params%22%3A%7B%22locale%22%3A%22de_DE%22%2C%22country%22%3A%22DE%22%7D%2C%22id%22%3A463449%7D
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 07ad8c2b1a1aeff082e2585172dc7c130025d613456078b2774b4bb173c1c5a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
age: 0
x-cached-since: 2022-11-14T08:00:13+00:00
x-gateway: front03.lj.rambler.tech
content-length: 92
referrer-policy: no-referrer-when-downgrade
server: nginx
x-lj-flow-id: Y3H1jawcAAIAAD0VTgMAAAAR
content-type: application/javascript; charset=utf-8
x-aws-id: kr-ws12
x-varnish: 36208697
x-vws-id: os-varn01.lj.rambler.tech
cache-control: max-age=600, must-revalidate
cache: HIT
accept-ranges: bytes
expires: Mon, 14 Nov 2022 09:00:13 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame 4446 997 B
794 B 7ms
7ms Script
application/x-javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??embed/wrap.js?v=1667906829
Requested by: Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e3d0ddc07880b0fcff6c319117256c08c088176e5d310817688a4c9f79a0e3b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:44+00:00
x-gateway: front09.lj.rambler.tech
content-length: 563
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 08 Nov 2022 11:27:09 GMT
server: nginx
x-lj-flow-id: Y2tjCqwcAAIAAHoYgpIAAAAK
etag: GgZzW/wae20/g7TLNpi9+0JzV+KQ
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: 3dt-ws14
access-control-allow-origin: *
x-varnish: 295616912 501116060
cache-control: public, max-age=4000000
x-vws-id: os-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
444 B 59ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-24823174-1&cid=1640694502.1668413345&jid=1078722623&gjid=1734618807&_gid=684122832.1668413345&_u=IGDAgEABAAAAAEAAI~&z=1592725747

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 08:09:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://orantas.livejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 37ms
36ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2065731939&t=pageview&_s=1&dl=https%3A%2F%2Forantas.livejournal.com%2F&ul=en-us&de=UTF-8&dt=The%20Saved%20Planet%20%E2%80%94%20LiveJournal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGDAgEABAAAAAAAAI~&jid=1078722623&gjid=1734618807&cid=1640694502.1668413345&tid=UA-24823174-1&_gid=684122832.1668413345&cd1=0&z=1080205531

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 17:26:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 37ms
36ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2065731939&t=event&ni=1&_s=2&dl=https%3A%2F%2Forantas.livejournal.com%2F&ul=en-us&de=UTF-8&dt=The%20Saved%20Planet%20%E2%80%94%20LiveJournal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=AdBlocker&ea=not_blocked&_u=IGDAgEABAAAAAEAAI~&jid=&gjid=&cid=1640694502.1668413345&tid=UA-24823174-1&_gid=684122832.1668413345&z=1236491976

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 17:26:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52950
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
l-stat.livejournal.net/js/ Frame C1B4 1 KB
815 B 9ms
8ms Script
application/x-javascript 2a03:90c0:41:2801::24
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://l-stat.livejournal.net/js/??crossStorageServ.js
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1667906829
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::24 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7061b16241a2e2594d0b5af066337d4cd10666a12d17973f6976b7a9ba258a20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://l-stat.livejournal.net/??plain/crossStorageServ.html?&v=1667906829
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
access-control-allow-private-network: true
age: 0
x-cached-since: 2022-11-09T08:21:32+00:00
x-gateway: front09.lj.rambler.tech
content-length: 615
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: nginx
x-lj-flow-id: Y2tjDKwcAAIAAHsxdYUAAAAA
etag: GgZzW/nUozhmdK7kzH1AAK94pRSA
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/x-javascript
x-aws-id: kr-ws16
access-control-allow-origin: *
x-varnish: 146180231
cache-control: public, max-age=4000000
x-vws-id: kr-varn01.lj.rambler.tech
cache: HIT
accept-ranges: bytes

GET
H2 200 AGSKWxXyBJp_Ok4J253vHCIOvWIlOPS8r0BWQ3bTN-np0C4u8fmpTdb9Jg1a-rr9D2ZAY78WmWAXopVWHgfDJwGdI_c= Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 84ms
84ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXyBJp_Ok4J253vHCIOvWIlOPS8r0BWQ3bTN-np0C4u8fmpTdb9Jg1a-rr9D2ZAY78WmWAXopVWHgfDJwGdI_c=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4NDEzMzQ0LDYxNTAwMDAwMF0sIjNGNzgzM0EwLTM2OUEtNDdDRS1CRDc2LTBCNTlFNjFDNzZENyIsbnVsbCxudWxsLFtudWxsLFs3XSxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsdHJ1ZSx0cnVlXSwiaHR0cHM6Ly9vcmFudGFzLmxpdmVqb3VybmFsLmNvbS8iLG51bGwsW1s4LCJYcTFhQ1RQNG1WTSJdLFs5LCJkZSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Xq1aCTP4mVM.es5.O/d=1/rs=AJlcJMzX0yK8mX64u1sofWEGuPTZhqaf0g/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d1b300eb9ffd5d67665ae04bccc1a74ef1a9c2d4b6394d8a4276bc487458e12e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nA1Wh7hKU6Me7ADI5YTs0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-nA1Wh7hKU6Me7ADI5YTs0A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK / Show response
www.livejournal.com/__api/ 75 B
635 B 393ms
109ms XHR
application/json 81.19.74.1
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.livejournal.com/__api/
Requested by: Host: l-stat.livejournal.net
URL: https://l-stat.livejournal.net/js/??.ljlib.js?v=1667906829
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 81.19.74.1 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: livejournal.com
Software: nginx /
Resource Hash: 2f5cdd96226b53c50c2ba60685e91ea118f8cf2ffcb6a6e7079c2b6d59b1ecba

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 14 Nov 2022 08:09:05 GMT
Age: 0
Connection: keep-alive
Content-Length: 75
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
X-LJ-Flow-ID: Y3H3oKwcAAIAAJkfe4MAAAAZ
Access-Control-Allow-Methods: POST
Content-Type: application/json; charset=utf-8
X-AWS-Id: kr-ws04
Access-Control-Allow-Origin: https://orantas.livejournal.com
X-Varnish: 17802384
X-VWS-Id: kr-varn01.lj.rambler.tech
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Keep-Alive: timeout=50
Access-Control-Allow-Headers: Content-Type

GET
H2 200 MvsUZk1wndo Show response
www.youtube.com/embed/ Frame 2CE8 69 KB
29 KB 182ms
90ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Requested by

Host: l.lj-toys.com
URL: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d274fc09e5329097ec4d1875d178f98104156387bdd533d8ae0ed686a7966a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://l.lj-toys.com/?auth_token=sessionless%3A1668412800%3Aembedcontent%3A12328215%261892%26%26%26youtube%26MvsUZk1wndo%3A0a39df247fa386258c8b848de8f84c3209f7e390&source=youtube&vid=MvsUZk1wndo&moduleid=1892&preview=&journalid=12328215&noads=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 08:09:04 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fpdata.js Show response
gamd.hit.gemius.pl/ 284 B
399 B 39ms
38ms Script
application/x-javascript 128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/fpdata.js?href=orantas.livejournal.com
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 90598af5d23ff0d9b2349d96d45589c028e1f033b48f08b36aab5c5b1ed77eb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 284
expires: Wed, 14 Dec 2022 08:09:04 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 1E03 5 KB
3 KB 83ms
24ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: 3c8e2ea966bb84933f396138cdbe609b2685d89b7d270369334813164afe8396

Request headers

Referer: https://orantas.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 08:09:04 GMT
etag: PRIVATE7520710249
expires: Wed, 14 Dec 2022 08:09:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 rtrg
vk.com/ 49 B
577 B 60ms
59ms Image
image/gif 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-491315-al132&metatag_url=https%3A%2F%2Forantas.livejournal.com%2F&metatag_title=The%20Saved%20Planet

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112636

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
x-frontend: front225204
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112636
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2 200 userip Show response
kraken.rambler.ru/ 15 B
425 B 270ms
86ms XHR
text/plain 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://kraken.rambler.ru/userip
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: e5be170a8935eecfcdf2d0a98457dcaa8354bf54e7de1bc20a913c685087fdb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: https://orantas.livejournal.com
date: Mon, 14 Nov 2022 08:09:04 GMT
content-type: application/octet-stream, text/plain
server: nginx/1.19.4
x-srv: 0kraken-prod0001.ad.rambler.tech
content-length: 15
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"

GET
H2 200 usability.js Show response
st.top100.ru/top100/3.12.9/ 14 KB
4 KB 86ms
86ms Script
application/javascript 81.19.89.18
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://st.top100.ru/top100/3.12.9/usability.js
Requested by: Host: st.top100.ru
URL: https://st.top100.ru/top100/top100.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 81.19.89.18 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: 532aa89061b76d378decc4fc97734d844c7a5b9c1f6f123050920a135a150e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:04 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 13:15:10 GMT
server: nginx/1.19.4
x-amz-request-id: tx000000000000167ec1db1-006371f68b-f8aa9c-default
etag: W/"6742575ccc6d4b6076932770ad6a8959"
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-rgw-object-type: Normal
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 userip Show response
ssp.rambler.ru/ 15 B
142 B 255ms
83ms XHR
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/userip
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e5be170a8935eecfcdf2d0a98457dcaa8354bf54e7de1bc20a913c685087fdb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 08:09:05 GMT
x-passed: 0bal1
server: nginx
content-length: 15
content-type: application/octet-stream, text/plain

GET
H2 200 getid Show response
ads.adfox.ru/ 37 B
441 B 202ms
86ms Script
application/x-javascript 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=2107207457

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c3ce78e759dc821579a5393833bd23c0a50efcd8a003756e12a29204d10e3144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

HEAD
H2 200 context.js Show response
yandex.ru/ads/system/ 0
689 B 177ms
64ms XHR
text/javascript 2a02:6b8:a::a
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yandex.ru/ads/system/context.js

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:a::a Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 100, "success_fraction": 0.001, "failure_fraction": 0.1}
x-yandex-req-id: 1668413345033173-9882456876506366733-vla1-3291-vla-l7-balancer-8080-BAL-139
report-to: { "group": "network-errors", "max_age": 100, "endpoints": [{"url": "https://dr.yandex.net/nel", "priority": 1}, {"url": "https://dr2.yandex.net/nel", "priority": 2}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 14 Nov 2022 09:09:05 GMT

GET
H3 200 www-player.css
www.youtube.com/s/player/c4225c42/ Frame 2CE8 359 KB
49 KB 109ms
36ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 11:01:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49779
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 11:01:21 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/c4225c42/www-embed-player.vflset/ Frame 2CE8 309 KB
96 KB 148ms
76ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 22:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 208038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98145
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 22:21:46 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 2CE8 2 MB
576 KB 161ms
88ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sat, 12 Nov 2022 01:13:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 197707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 589644
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 12 Nov 2023 01:13:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/ Frame 2CE8 9 KB
3 KB 171ms
99ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 06:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 264750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 11 Nov 2023 06:36:34 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2CE8 15 KB
16 KB 117ms
36ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 245640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Nov 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2CE8 15 KB
15 KB 125ms
45ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 553666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 22:21:19 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9822.TxxFpshYvNHrptQ05YNm54cHfFFor5jT6iJR9sVpdCmfOy4OYuFtHPDWFmmxyp_0.jhv3c3jD6QCIReLUYw21UgYGrbA%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9822.cKEELcNpLg86wDhNMRAtO9eZMraJDR8ilAJxC9vPvvuikyUp-G5Abn60RhLoCKBp2OdzAk0HZO_sqelAsITZ4Q%2C%2C.-n9qCdkAMfgNEhrvcHAW61ZzGZQ%2C

75 B
75 B

46ms
46ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9822.cKEELcNpLg86wDhNMRAtO9eZMraJDR8ilAJxC9vPvvuikyUp-G5Abn60RhLoCKBp2OdzAk0HZO_sqelAsITZ4Q%2C%2C.-n9qCdkAMfgNEhrvcHAW61ZzGZQ%2C

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9822.cKEELcNpLg86wDhNMRAtO9eZMraJDR8ilAJxC9vPvvuikyUp-G5Abn60RhLoCKBp2OdzAk0HZO_sqelAsITZ4Q%2C%2C.-n9qCdkAMfgNEhrvcHAW61ZzGZQ%2C
date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2

200

rexdot.js Show response
gamd.hit.gemius.pl/__/_1668413344993/
Redirect Chain

https://gamd.hit.gemius.pl/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fora...
https://gamd.hit.gemius.pl/__/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
426 B

100ms
99ms

Script
application/x-javascript

128.140.224.226
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/__/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Forantas.livejournal.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yyzLrdJuOM.1iRLd9VGHrFy_XHUH7fMviQZSopNP1b..Y7kKO2_KoV4bDrfOlNrsbASsyOICXAJI6MVqgb_v2VWtjBnH/m0Wa8rDe1hCdo/&ltime=318&fpdata=a2TFCzb0FNRi_XdTEiljV8d4lniTrIf2OkL1xIEDNIj.d7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Server: 128.140.224.226 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 37764c064b7a2302ce5929b83cd0917c7dfadc9b95a91d5e877eadd9857458ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Sun, 13 Nov 2022 08:09:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1668413344993/rexdot.js?l=100&sendf=8&id=nSzgvPuSG0jfABCp5jRWjnZHXmDBvAdjV.RMPABTRG3.57&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Forantas.livejournal.com%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=yyzLrdJuOM.1iRLd9VGHrFy_XHUH7fMviQZSopNP1b..Y7kKO2_KoV4bDrfOlNrsbASsyOICXAJI6MVqgb_v2VWtjBnH/m0Wa8rDe1hCdo/&ltime=318&fpdata=a2TFCzb0FNRi_XdTEiljV8d4lniTrIf2OkL1xIEDNIj.d7&inner=_ver%3D330%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 13 Nov 2022 08:09:05 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 60ms
46ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 25 Oct 2022 06:30:09 GMT
etag: "63575841-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 14 Nov 2022 09:09:05 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
588 B 243ms
74ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pv&v=3.12.9&pid=1111412&tid=t1.1111412.550795321.1668413344711&rid=1668413344.71-1055537108&fid=pA8AAENKs1conQjuAdxs4gA%3D&fip=pA8AAENKs1e%2Bp83cAWlnUgA%3D&eid=798333450276220&aduid=9ae3c7b9-ee02-4063-b54d-91be5159358a&aduidsc=livejournal.com&stid=210692369_1668413344713&sn=1&sen=1&ce=1&bs=1600x1200&rf&en=UTF-8&pt=The%20Saved%20Planet%20%E2%80%94%20LiveJournal&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Win32&tz=0&ct=web&url=https%3A%2F%2Forantas.livejournal.com%2F&lv&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&cv=uid&rn=94567001
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

36535:6101
an.yandex.ru/mapuid/adfox/
Redirect Chain

https://an.yandex.ru/mapuid/adfox/36535%3A6101?jsredir=1
https://an.yandex.ru/mapuid/adfox/36535:6101?redir-setuniq=1&jsredir=1

43 B
108 B

56ms
55ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adfox/36535:6101?redir-setuniq=1&jsredir=1

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 14 Nov 2022 08:09:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 08:09:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 14 Nov 2022 08:09:05 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/mapuid/adfox/36535:6101?redir-setuniq=1&jsredir=1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 08:09:05 GMT

GET
H2 204 sync2.204
profile.ssp.rambler.ru/ 0
169 B 236ms
74ms Image
text/plain 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profile.ssp.rambler.ru/sync2.204?anket_id=36535%3A6101&pid=85&ruid=pA8AAENKs1e%2Bp83cAWlnUgA%3D

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=0
x-passed: 2bal1
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

1 Show response
mc.yandex.com/watch/27737346/
Redirect Chain

https://mc.yandex.com/watch/27737346?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_v...
https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd...

455 B
568 B

50ms
49ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22The%20Saved%20Planet%20%E2%80%94%20LiveJournal%22%2C%22pd_comments_style%22%3A%22s2%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Component%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080904%3Aet%3A1668413345%3Ac%3A1%3Arn%3A817764713%3Arqn%3A1%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C95%2C95%2C90%2C102%2C0%2C%2C708%2C213%2C%2C%2C%2C1091%3Acpf%3A1%3Ans%3A1668413343181%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413345%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b1086fa3232da3ba1cad9b8fae37a593fc6ca1b792b63d251f8640525bc8d0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 14-Nov-2022 08:09:05 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 455
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Nov-2022 08:09:05 GMT
location: /watch/27737346/1?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&site-info=%7B%22rating_switch%22%3A%220%22%2C%22pd_adult_content%22%3A%22no%22%2C%22pd_visited_journal_account_level%22%3A%22plus%22%2C%22pd_error_pages%22%3A%22undef%22%2C%22pd_page_title%22%3A%22The%20Saved%20Planet%20%E2%80%94%20LiveJournal%22%2C%22pd_comments_style%22%3A%22s2%22%2C%22pd_visited_journal_log_in_service%22%3A%22livejournal%22%2C%22user%22%3A%7B%22authorized%22%3Afalse%7D%2C%22pd_ad_eligible%22%3A%22yes%22%2C%22pd_style_layout%22%3A%22Component%22%2C%22pd_style_system%22%3A%22s2%22%2C%22adblock%22%3A%22not_blocked%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A0%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080904%3Aet%3A1668413345%3Ac%3A1%3Arn%3A817764713%3Arqn%3A1%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C95%2C95%2C90%2C102%2C0%2C%2C708%2C213%2C%2C%2C%2C1091%3Acpf%3A1%3Ans%3A1668413343181%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413345%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:05 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2CE8
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

132ms
52ms

XHR
application/json

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b04dc6c2f5a6e79135b75a51230110a6bf2879db01bb8b92bdc81721c389aba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Nov 2022 08:09:05 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2CE8 29 B
588 B 131ms
36ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:05:09 GMT
x-content-type-options: nosniff
age: 236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 08:20:09 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
486 B 77ms
76ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=page_view&session_id=210692369_1668413344713&session_number=1&session_event_number=1&version=3.12.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1111412.550795321.1668413344711&adtech_uid=9ae3c7b9-ee02-4063-b54d-91be5159358a&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1conQjuAdxs4gA%3D&fingerprint_ip=pA8AAENKs1e%2Bp83cAWlnUgA%3D&url=https%3A%2F%2Forantas.livejournal.com%2F&project_id=1111412&request_id=1668413344.71-1055537108&event_id=798333450276220&meta=%7B%22title%22%3A%22The%20Saved%20Planet%20%E2%80%94%20LiveJournal%22%2C%22referer%22%3A%22%22%2C%22screen_size%22%3A%221600x1200%22%2C%22browser_size%22%3A%221600x1200%22%2C%22color_depth%22%3A%2224-bit%22%2C%22language%22%3A%22en-US%22%2C%22browser%22%3A%22Netscape%22%2C%22platform%22%3A%22Win32%22%2C%22timezone%22%3A0%7D&rn=2123298462
Requested by: Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/27737346/ 43 B
103 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&hittoken=1668413345_29aaffa8762e76012657bc64e5af10cfd527389d6c4ae6c565f2e778681d37e7&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A1%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080905%3Aet%3A1668413345%3Ac%3A1%3Arn%3A46177534%3Arqn%3A2%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Ans%3A1668413343181%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413345&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(2)lt(63400)aw(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Nov-2022 08:09:05 GMT
content-type: image/gif
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:05 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 129ms
45ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 14 Nov 2022 08:09:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2CE8 65 KB
30 KB 147ms
67ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4cb754e98c66334d19d56066d137dfeb134b00fd5c064c51de3131ceb08d8e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30757
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 2CE8 118 KB
36 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 01:21:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110863
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37223
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Nov 2023 01:21:22 GMT

GET
H2 200 EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js Show response
www.google.com/js/th/ Frame 2CE8 36 KB
15 KB 147ms
38ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EWuoZ_9LU3hL76PT3YFLg_EjKJdTpZ6rgtgTJA98OBY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:21:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 334041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14351
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 11:21:44 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/ Frame 2CE8 26 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 569737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8304
x-xss-protection: 0
last-modified: Mon, 07 Nov 2022 01:22:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Nov 2023 17:53:28 GMT

GET
DATA 200
OK truncated
/ Frame 2CE8 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AMLnZu94GFJU3Jm837YrXJUOOa2PWw9J3qqLMXTTOGBl=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2CE8 2 KB
2 KB 135ms
35ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AMLnZu94GFJU3Jm837YrXJUOOa2PWw9J3qqLMXTTOGBl=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e10d3b644e6c206c81e2b63ce098c7f90f90034daf674befd5f30b3ed58ab2d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 06:54:44 GMT
x-content-type-options: nosniff
age: 4461
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2115
x-xss-protection: 0
server: fife
etag: "v35"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 13 Nov 2022 10:29:01 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/MvsUZk1wndo/ Frame 2CE8 35 KB
35 KB 194ms
91ms Image
image/webp 2a00:1450:4001:810::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/MvsUZk1wndo/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e73e7a83009b21a0c63c02fa09efdb08ccb4a63704e1af71092789b7075d395b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35500
x-xss-protection: 0
server: sffe
etag: "1460165501"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 14 Nov 2022 10:09:05 GMT

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ 11 KB
11 KB 87ms
87ms XHR
application/javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&pad_id=536695695&first=1&block_id=536708283&screenw=1600&screenh=1200&winw=1600&winh=1200&rq=0&rq_type=0&rq_sess=D36098B3176D1ACD8DEC12ECB1BEBF8E&fpruid=pA8AAENKs1e%2Bp83cAWlnUgA%3D&adtech_uid=9ae3c7b9-ee02-4063-b54d-91be5159358a&adtech_uid_scope=livejournal.com&browser_family=Chrome&browser_version=107.0.5304.110&os_family=Windows&os_version=10&device_type=1&jparams=%7B%22puid49%22%3A%22%22%2C%22puid3%22%3A%22%22%2C%22puid4%22%3A%22NO%22%2C%22puid21%22%3A%22NO%22%2C%22puid10%22%3A%22NO%22%2C%22puid14%22%3A%22NO%22%2C%22puid1%22%3A%22%22%2C%22puid34%22%3A%22%22%2C%22puid6%22%3A%22LIVEJOURNAL_JOURNAL%22%2C%22puid15%22%3A%22%22%2C%22pct%22%3A%22c%22%2C%22puid16%22%3A%22%22%2C%22puid18%22%3A%22%22%2C%22puid7%22%3A%22%22%2C%22p1%22%3A%22blnun%22%2C%22criteo%22%3A%22crljn728%3D1%22%2C%22puid62%22%3A%220%22%2C%22puid9%22%3A%22orantas%22%2C%22puid59%22%3A%22%22%2C%22puid2%22%3A%22%22%2C%22p2%22%3A%22y%22%2C%22puid8%22%3A%22%22%2C%22puid42%22%3A%229.7%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2236535%3A6101%22%7D&top=103&left=0&secure=1&vcapirs=38_7_0&fpParams=%7B%22f%22%3A%7B%22p%22%3A3646554937%2C%22c%22%3Anull%2C%22i%22%3A3910557421%2C%22v%22%3A%22Intel%20Inc.%22%2C%22r%22%3A%22Intel%20Iris%20OpenGL%20Engine%22%2C%22w%22%3A2008083360%7D%2C%22s%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22a%22%3A1600%2C%22b%22%3A1200%2C%22p%22%3A1%2C%22c%22%3A24%7D%2C%22o%22%3A%7B%22t%22%3A0%2C%22u%22%3A%22en-US%22%7D%7D&callback=Begun_Autocontext_saveFeed1&url=https%3A%2F%2Forantas.livejournal.com%2F

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

402bbd1b4d9eebe2ba78e6d766d091776ebad110f1e6463b3e24e87f2a0127e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=0
x-user-regionid: 1860
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-length: 10984
x-begun-graphcount: 1
pragma: no-cache
last-modified: Mon, 14 Nov 2022 08:09:05 GMT
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 0bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2CE8 10 KB
10 KB 112ms
38ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 21:29:26 GMT
x-content-type-options: nosniff
age: 556779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 07 Nov 2023 21:29:26 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2CE8 4 KB
3 KB 155ms
67ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 08:09:05 GMT

GET
H2 200 file.jsp Show response
img02.ssp.rambler.ru/ 1006 B
1 KB 363ms
144ms XHR
application/x-html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img02.ssp.rambler.ru/file.jsp?url=tY51qbfKGJpjs*CKVFBhnnjbyIyFY3TMzV1xGjcu9-gxbEu6upyXo0QLiYz8rQMgRBQYMfYvQJBlT0FpRSpbMhAfdUASSE1byRbna-F6YWoI7d6YuBBlJaexuYr*rlt8OepVaw4vov0yGpo6V6ahchErRRzj4ErkRJXEvsSxaGob3bCyCNK1wjdFMHALHXFW9JJcWmF6pRvE8XY-FVNmn-arIrtShXS48*7ffxc3y*MtKkIkjr53GxBICM7zhhgfsiugRLSxxaJW28-6H52fUcLC6*ts14oPzy7EyA-UHYtfmeA4Rx-ROjL1K3lXg5jTlLzUZRaFHlfyRMd3T1hYWdv9cnHG1dbAFx0CA0YH*ACgBIgb8hwrcrXl5XSvfCg6HWwjzq2Omfnxzqc8v7Pocn7jxkQpQKdHCoE0KeC0B8V8WdL9*K20WVhREPD4e53-Wf7j*y7*DDhab6jVWtsdmP-951TODzO0h62IjOrH2pYg7vZ3pBLceK6fnARXm3n6McUpUEC1vghqd8Q2oO7EQOPbS1HJ9-nwI4j66IN6yy9ewY9D-e*qhozfrrd4bsszwQIZcn31pWazlY0W-1IeZ*gZ3rBDm8pVSXKe4KBWN7PEKZ6sxVK-IG83AWZzX1zGLk44ujJBwG92jqF2be0JFra381ecqgoTWNMYuNXFG7K04zJ-wqu3Iejvd67WJBQjIvO-Pxy62Cb4r9-uP75p49eJHwxQ7IlroPKcutDOChMletY4r5nVnMmDNuVJ51lOF3k0ETgJ5CqbGfZS-qap6j-aFg1M459rPLgO9oM9CksVQiE56FGIDjrVbQAbufzV6tfkt4UX1bkPEz5QRYYYiRzL*ZMTFhl6s1xQs0C6JuvhW-tmvDBOMhSzD8GUnkA4guakDcljSLoMvb4ZyLuSxqmgN4saeQL90dI1ouPcHSQy7HGDujW4eugjmML4r8dPR3M7lAKsSohMb1mR4HLM6ERhrJ9xFd54oGUxXw5sR8jaM5Jba-z*4KtqzhKTIo4RbUc5pkepT5U7FgHi32*9ax4Xo90a8ohT4JxOGaoIxSBZcxFsrb8N-DHEaUIoCAOkdirc4dRniuZmx2BrzLs*TVp3RvWiprv-J1I*Wuo9cJ4urPR6BhhSfwgDIhDBBzkvcKvYOYKpnP63zfModnfaGN36NIhfzKSO*BXKiBu8KHpnGKJYD4He0XahnINfcEnDV1-gtYJrVOiL4RTbJfUaFbWYPcAf1JFjWYQSVyS1g8sTnEwBd75Qbj55dOfoF7LfhbcEI0hk5WZUmsUZYpE0rnLPwr9ZDqKjkPOuYwx7C0sl6AYvOPWkh5mJU-beEO3gwjDeEaRcI5b0hZCUD5DqgzcDt64orbgjT3D06LuqkIdu0VhsdBdzsrGDC1TN3qbl*o7Cz0hoXa34jquq*W9mQKxqGW3K8qXQ3X*sPjmovwKoA8dnztNl8iF7ZcwPi0QCa55nk2tEj1p39B5nwU4qUSZgJshYvHRKHBmGxmSF*RhvZtT60uyKneB6jdBvpwr6AmKNbhD9VU4tEtOBbpG36IMttlXBf1cn*wuqVZqBaxilQIjpwJreYk5BAAjbXle-RX1iJGxzUF*Gh*fhyryD-QyudIlX8IIefFWVgRVOIIwP8FECmIFIef0R0RZPnSxk-8ZWqy3ddAI9zv3LhmcJK5fL*LyPqe65ny0Lj0hcpa3Xpr2HmIf2EqewMf8EYJxrScpQoJHQycV-jzsyNGw5nBATw-gyKAtPO10AUG8cY*xwtEmSHxxy6AUXS0Kw4lFay0tFHCbL-sjVfPoaqFn9ah1hgHnUXhdUsiIc0tMh*hwCAAAAuty8CgAAAAA&eurl%5B%5D=uTPnv7GAMj8ZB-fDdQQaGidfWr*C8RUzLzGvrB4Wecckw3ju79TagEP*vBx-Dvjx9sBxWjAABK9qpUlIrtssEE0f2CVgbRuPvZmN8DaVGqICAAAAuty8CgAAAAA&seq=0

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

532da383dead31641b05270ff7dbf36ae80ce2bf26a12ed78b22bd0571b7d63c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
strict-transport-security: max-age=0
server: nginx
x-begun-impressionid: 6371b-f7a10-e26f7
content-type: application/x-html; charset=Windows-1251
access-control-allow-origin: https://orantas.livejournal.com
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
access-control-allow-credentials: true
x-passed: 2bal1
timing-allow-origin: *
content-length: 1006

GET
H3 204 generate_204
www.youtube.com/ Frame 2CE8 0
10 B 65ms
49ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?VolBjw
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2CE8 90 B
134 B 53ms
52ms XHR
application/json+protobuf 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d950dc223277e9c257e32b799ebf66cecdf12ce319c092e5609c0af6651701c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110
x-xss-protection: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/107/ Frame 2CE8 52 KB
15 KB 120ms
38ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/107/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45265
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15116
x-xss-protection: 0
last-modified: Mon, 05 Sep 2022 15:03:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Nov 2022 19:34:40 GMT

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 51ms
46ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Mon, 14 Nov 2022 08:09:05 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 context.js Show response
an.yandex.ru/system/ 428 KB
116 KB 68ms
67ms Script
text/javascript 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/context.js

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6c11c16476468f483dc340868659ea032a68851be8859f9fb3259900019791ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-yandex-req-id: 1668413345954118-1746651238630264034700100-production-app-host-sas-pcode-498
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Mon, 14 Nov 2022 09:09:05 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 57ms
57ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.285478396101328

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-qO4mv0hXUtTtpTNkVstXUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:05 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-qO4mv0hXUtTtpTNkVstXUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 91ms
89ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=5.921265150918501

Requested by

Host: orantas.livejournal.com
URL: https://orantas.livejournal.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DcMioytFifnMp65clkx52A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-DcMioytFifnMp65clkx52A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 132ms
59ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ozwek75BQdlS_QX9czZk4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-ozwek75BQdlS_QX9czZk4g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://orantas.livejournal.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 3521127290410543dbe9.js Show response
yastatic.net/partner-code-bundles/679108/ 14 KB
5 KB 168ms
79ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/679108/3521127290410543dbe9.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dded8b866518e9d160489403c36498c2d26c289e888100d0ceceb24af38bc940

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://orantas.livejournal.com/
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4800
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
server: nginx/1.17.9
etag: "3231a38ac227a29892c974619bd955b8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 13 Nov 2052 14:44:23 GMT

GET
H2 200 88228e019d33c0acb3aa.js Show response
yastatic.net/partner-code-bundles/679108/ 86 KB
19 KB 181ms
93ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/679108/88228e019d33c0acb3aa.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

2bc17cf143a793efdf631e33dac5634de201a2d511c1ee8fe63517b0e4285f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://orantas.livejournal.com/
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 19195
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
server: nginx/1.17.9
etag: "007f8cd5a5184dc52b6010455567fef8"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 13 Nov 2052 14:44:24 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.83/ 33 KB
9 KB 190ms
103ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.83/host.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://orantas.livejournal.com/
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8878
last-modified: Wed, 03 Nov 2021 13:42:58 GMT
server: nginx/1.17.9
etag: "f80882bf67cf261aa08d636da095149a"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 13 Nov 2052 14:44:23 GMT

GET
H2 200 text-variable-full.woff2
yastatic.net/s3/home/fonts/ys/3/ 25 KB
26 KB 136ms
62ms Font
font/woff2 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/s3/home/fonts/ys/3/text-variable-full.woff2

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://orantas.livejournal.com/
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 26004
x-amz-meta-owner: {"role":"admin","login":"4eb0da"}
last-modified: Mon, 25 Apr 2022 14:02:39 GMT
server: nginx/1.17.9
etag: "7f0cdaf91230f9789ca4162aedff612e"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31556952
x-nginx-request-id: b4c1ee3ae0218301
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Nov 2023 13:56:16 GMT

GET
H2 200 563767 Show response
an.yandex.ru/meta/ 436 B
841 B 263ms
259ms XHR
application/json 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/meta/563767?target-ref=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&pcode-test-ids=657518%2C0%2C87%3B666182%2C0%2C96%3B675077%2C0%2C18%3B679458%2C0%2C17%3B672577%2C0%2C47%3B675458%2C0%2C49%3B679029%2C0%2C69%3B677690%2C0%2C37%3B204303%2C0%2C74&pcode-flags-map=eJytWF1v2zYU%2FSuDn4tOX9RH3yiJsjlLpEZSdpyiINzWywIk6ZC6Rbui%2F32XkmxLSkrX24A8OIbO4dHlvefe628zOmdcEF1RKUmuc6ywrrHAldQFF3pFc8I1ZTrjVcpnr15%2Fm33e3n3azV7Ndl%2F%2Bmr2Y7Xcf9%2FQ9%2FIsSJ0Bo9v3Ni9kKSy3I7w2RSq8qXOtC8ErjXI7wSjRkSBC6kRc7LQFhOC3J5HD4UFBGFQF92VIuuNJrqha8URqDdiVt6kKEwti%2FmPz%2FYMZlqWvB8yZT8ukxl1EToLzwXgYk5l5wrjNBsKIronOiSKYoZ%2FqQBCSnWBe0JGeuCkVB6B45yVWtGVlruQRBcB9SwQmgk16d50FR0vJUHASBuBKnpNSK657Y%2FmpHuHm6keQkA%2F4sMbIIMUxwMeuTGBNvYEkxY0TYaULfD6KWJuea8Y5oRYSiGS41Xem0UYozOwmUQRRPSQALJMtzAiLfTYIOS2WXjfA%2BylSiwvNz2NhJnjmXlKQiTJ25SkC7XZrJXFf4ShMspK6JyAA7gnrOGBj4XngKvepUEyHpJFBhFDshGmOTyOni3TBacpwT0V4XrkaJs3%2F8tBvAAi%2F2k85pTM5I2d7vBDNNtgEIMkMSAqmeSiJWkyvZPWzf3u1GSD%2F0kk4llAQ4LdMLQucLpZmyHxkgP%2BnKbINZTq60aHTOK0yZ1YmdyPPD43mp4EsQC2fpuaC5FelGKA6fPVBDPilBUyvcc52wy75rwjxdNGB9a5qDj9IKz4kVG7hB7%2F4t9pC%2BKRfmUgXOaSN%2F%2BUmGDTa6O8Hgv2u8sVo4Cvyoj3Ne1NC6ZM0ZJIaiFQE7mySv44yxgeN371xnPCdgNgBlVl9HAQKaPpUKDlEmJncP552zPTgyiryncFoYz1qbIoLs%2FDcMBwErXDaj2%2FKd59ElFDnTlekdKywonlb66FDkOH2Ua0G5oGqj0w24NFnXXNgDFkZhX3uHvMipgN6lMymswMSN4kFGUqkzLAR0d5xlU0%2BbuARKfOS6I2ybxfI4dtQ4zymb20kCFHTKM94wBamsNjXRvl11EEdocD2VyCBOkqa0hKjZj0ui8IdIDa0%2BK6GNnDn9wFE1paJd39NgsAWFCZGalyhwZq%2FmJPaiaKCjJ%2BlaMnR3SLa6xJsUpiBTMUrwspwa6aTZOx40ipZyLnDq2Z%2BFFHVOz2pJr0d6kes5tuefqXwX%2FQBxSI4FaduPIDmRME9Z9bnICzu0GVgEKcBzFrrkc5rZcbHfGywEraCiMhUkCDv0vVqQ1G7xIXi0545KCXqggLxmUE0LAvdhbFvCkAhNQ0r7AOYmbtDpGYBwXZtXmUNp2MGem6CRkgVV7WsMyCCYS8XtKvzI80ZjclZX%2FSx7nHWl3ShCP%2FHHy0dWZ%2F%2BZY7IJ5KTAUFEXLgEBcsJwFCZZYaE07FcNMeTnLgmFYdjFucTXG906fdurhqhvsz92%2B3d%2FVtvHm9uHPtvvP7y9vdvJd9u724eb2Svv%2B2jURU4%2F1AzlmFUgLU1Vl9B%2Bhwe8nt1vb%2B9ePn4CbV%2B3D%2B93X%2BDzr7f325vdx9FXN9v79pv3f%2B8euse3n2%2F3H7qP9y%2BP%2F7x5Xk077y6EmbvH0Sfg%2B8I4IGXQ3yjMcOWZyEdu1DuOGRN7CysxmzdnhpkQBoq4G%2BEzs%2F5x1tcoLkwHoAXs16S9CGIv1ihOwuSooBAUaMqN7vC0LbUL8OnyiRE%2BQYSJ31f0AHHpbwEwlwfO6Tqmi5laUJGbXxmgIxG2ooKzajoyPV2twPy8ESUM0tCQy1Yh0EoFBqx5oa%2BJ4K1gaDCmTbdWeW73gaH5JBj6%2BhjcLqTml4z%2BZ42fJcO5zJfTDcFEB8XTeKEuXyj7zcw1Awc8tUejIls0bHn5fXioV5QtIH9Ju6D1S0hRcrMx5U%2FGznf7u8lrHUQO1JmV4qdMOkocLxm7Paz84gdzzexx%2F3YM7yfA7%2F8A8%2F96WA%3D%3D&pcode-icookie=%2FLhYEhl%2FWMI4ravHe209qjU9SkgimYY8EpQGM8uOuMriGHczdTs9tEM4KzEnMJrT7UPk1UpFNGbG%2F36H8D9ytRFfNYc%3D&duid=MTY2ODQxMzM0NTQzMzc1MjQyNw%3D%3D&imp-id=7&comboblock-unencoded-vast=1&test-tag=107752139522050&ad-session-id=3769151668413346253&target-id=36047081&tga-with-creatives=1&top-ancestor=https%3A%2F%2Forantas.livejournal.com&top-ancestor-undetermined=0&pcode-version=679108&pcodever=679108&flash-ver=0&available-width=1600&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.7%2C%22isInIframe%22%3Afalse%2C%22w%22%3A1600%2C%22h%22%3A0%2C%22width%22%3A1600%2C%22height%22%3A0%2C%22visible%22%3A1%2C%22fullscreenHeaderHeight%22%3A80%2C%22left%22%3A0%2C%22top%22%3A103%2C%22fontFamily%22%3A%22ys%22%2C%22ad_no%22%3A0%2C%22darkTheme%22%3Afalse%2C%22req_no%22%3A0%7D&grab-orig-len=5120&grab=eyJncmFiX3ZlcnNpb24iOjIsImlzX2FzeW5jIjoxLCJvbGRfZ3JhYl9zaXplIjozMn0KKqSSkCM5SgFhoM4n0Er-rpTUdqD7un9i37ekSMpVy7_A9iOitV062qZt1IYEtk1kxb6D3KAgIUm3rNhWjpAl0DqlLaVUqPwG-iNAj4A2gjHGvBFvNGqb2JKl2CEaM2NmxoyhYMy02BBQx5U-oYylFUmYBLFdAZAciBVpRBkD1xe7QRJCyUhtS0IGRuo4kTIw2pEdxgyYMmZU9CKjJLaTGiSSGFKlNHZkbuTZkR8oq8wP7DiwIVVWC5AWNo-cBwQefAvHElYLlwcEC8bC8cgtbIuoxYQWPg9IXyatSgtUC_r5yCzBeYcPuoX3fRxLwENoCZVKBQhKlKLbK_elom5p7FZZmDgOpEonLRITPk0D3_YpghRx9zPn92LX8S-qzhv4MlFGeejT0MTS1BfbNaBJHZnvxUoGRmlEaRLEXYqCC8aJSxshqrplZ2n2L5johNMwCqgu4nhJoOWeGtVMrmTQl2AZv9_JAZ1YBsYgyUm8XDN-z0ZH17ziMB_goul2K4dLU5kvkfiBVjSgjF07kn_MUx5GWsojO5bkcKl70vION1cuTVPqxEkdsVwjQhsF0lTiu9t_qet7qSRx7Fcpa5-OMR3ddk1VUEflDun6vj3cctencBbXEH297no3LIzY4DHDM1RO7FD7nmbsEVQy0B8UGqfX9tHxYlmUJUwREXue79pQNY_BBEoIo5A2761CHJoZqPh8HLmXJrL19I4-HV8sX5PBWGPWjWiobU7sPjBl1ClFJI0fa24cB05lG2i9pJGknGxofVeiCeiyQ0c3fHf_nhs5dhTEC0OZhJFUJTD1DNPi6zDfigJPbKcUbuLdwSqNPg2YXGzbfsAWk3R0cnujSup3hwv2Lqb10TVKo88sdjioX4Ftvemnm7jDL_aNmbFMNCMQ7kyjAMO1gsqEaxqUDMgDSRxK4wCTcDbGdCKaQOxhHrzqy2rzyFPaMLFLmTP5aZd47dx0biKjzvMdezEd0CgZKnD9Y5f2aVf1fqIxq5LKt5ERbSRLJkArYkcnrsRoOTMnlRUwCWigPthMnwF1pVqyMNBOiGOx7TxUSkMremmMrmrc7Djbbryam48R2W7CtSXv3USV64eO_btc2cfTsKSjEzsTWV3QkyNn8N0ksBPnMVzqV4qG-fh0dJI4EA8pyb20y2EK9RaFg5VWLC2CS3ceF2L5D_l0L6a1VVlzf25l72C4S_fn-kTPqVbnp6NzY4lv3yPZonnKOr7SC8NU5V29z7tjofkBMmCb7iSkSESO5A0tXmRYfpJEHhstpUhlf68rrGQAxklL5FEY2aIn9woawY2FdwRpmODyp2aEs8tV7lJHurLglXvkZCkaKhclUFHaKdoa0QdUyJMabswVz5vDpKk8FL_H9GL5Hgx5nH86gD2u7P-YrCpFssG5iSb9zdiu6-ykduWGsnkwa62aK9fRnV6xprJ97z4c2Pv5OMyi5i2bkaSvZ4jYSY7xBk3TWOLZotqfJpUnwUaQdpv6xzyRczI2NfaFjxz_JjxWVdCb7V78YDxyFuRh2MQ5lTYJnVjJHUm_iGhVNLre0h51tmA5ExACkyZOMR-ka6Gnu0W5zkUngPRZfLv2n-lGsZP5Eyw3aL8TSDGyITv-AmniYmjBc33aKIwxtLFI-5BQx27gy0VhReLHEqf6tBWpSCz3KSt95Pp2giFKKxI3pox8scNhRO0tzkFbD7HfGluqKqQYXjV4W2qSdZbIaHQlWasFQetGlRMdnCPbduOe0mRekOVNhHm2SPMYR5w3k3axiDWmFQ3eGFGYnQcxW77pJoL4wVxt6lVebg8T146lqZkwUKJFzQQZ2vo7jhayapF8BvIDIrNwjjlmtGhQ9v_GDNeYYJ872QwLof9D4s5EWGNJy5bDeIrliAsyOH3s3XXIY5e1Qn48xRXiRLQJJPmld0UV_MR5qtDbV6gV1QLilpIHb4sptHB5pC8nv1pwpmB8C--YsEDlIeQhuEyYGUV9-9Vm1IvmKqWXX8SGlzM8ewFtwbJArRaAWQBiAb5agLLgWoC5EKx6ULjVAvwlAGwBbhe38ExT36cd7sFgdDZifzo8HgKLeGVgDNcs8-BfDH9HyHX_AuflExewn9mARte8VNu-w5763jNpTfbQBrZBP_jI6YGGtNJDAHT6fKvXOd14YZeNvmDI7cLdDIPR8Ckim7pCUf9RazYca0WDAiVkrPXqcFI9cRA51DcYdpXFYbgDyRKJtyBxQTMPRXUvh8yuEl8aV_DpUyhQolBAgXrpd1gqcMQy6ijwlzkk1GLHp3SofBq_Jo_jFdxcRRJfiRjxPF8pEqeGV9dn3fP3nwXSkUtj2nuTG8XCYnRiVj3-VkR2-uyI8o9t9yioo6vc136rPI6DY9RefFAkrlTP7qd5GQHL32-FxI2AEi-b7bd-Uy6qEMbBC4jsvY4lHGQ0_d7QTzEWTEfyUoaK2cCt58bOzUpga1aXD3jPCDcYRe43oNchAiZyYNdSnqKeQoIU6Mgq-tOEJkWFGh2Lkd3ZrgGq55SzSeFMuGHMqIRc4yez1cfzOH2V2Xsgrmdn49vzyNTRq4ZJnRi0YnVgLDgtrZ8CfrUIH-NjezlxtQlfx37i8xCwnquuq791BNJu1rWqFswxhgjq-Gzsy_COQRILu_LI7rtJlusixCtOPm6Y_54j2K6DasbvZTwylmqB-Y7DPwfOdyxQpsnYFskphneSDMqFFsHlOEs56DMSrrleCwFvzvaE8FvES-MOPh5xTdThh-6Pues88Cz-YumL-FmB4RkFNhsyYKxVL3v7SdoYREvYmfJIjaEsmCcHb70UyRJ-Oc4YBGG35EQQ7TwnHOEBJF1PsgMIzpiEi1vo00lcXdH1s-vlFoBOupEfo9gWrp73Zv10YZ8GvKVOi9FpJIIhU3iccrDBfMSHhjmiKUL4tnV8q1IIhvbgll6CfpMJmPRUrJ19j_WYYxMJ0BTJ0BbNDZNqAIPIo2f-Go62tW_0Tc4TlYwbWn3kNpnfX3IzsLaD75uQM7AswdToHIJZMcJqgguhGWDa4Nr0yoPrlGEVXOrhtdQb4TUcBPrw2isLfZjyLZj9uAF8A4yviS5wHsEIQUJ0rads6XYYe3PNcLLvG9gf9PAkh9_nO458l7sVgzH-YFw4UwuycBcY3Scwgv3LfF2ZMQmlE68WSEM2SAslrId7EJnDGR3AJII2r4nGVWIeO6eKG0dVJdAT1cgTzy8CZSrwXD2YAGTQLOwDWreFy3p4QeciR20Eje2O_8laIh7YtSx0Tg72-GaBJuynSI_kG_q6KWfiF8b05nvbj3ksjAox2-hI-tnIdSi-IWKZ2E7lbiK7UoceZNDYaz29OYguMaLzSpVG-zuaYW4W8MC1BJqro0YuyKChy269Z1wSCBIahyn_GgmD3PeplrLHb8IQRv-ciS1uIN1GdD-WKzJkf0fRL9U-G4crZou5cjGVuwg3hoRyrpB-m33EmFww53V3xm3W4XF5CTeiitcd67TekajV0V6fIwr8_aH7L0ut2alcGt2rlToGC_Q2lRv-xRXtVZ6is9MRQQBFAwUTWuZVNNAwj0k_5qEDBKoaFmB5YK1lvR_dHH_sk48nWUO9Tu15vjUaZ7OGEqb5oWZZwWWhwqazvF-zUMMERNYj-pHcta7ZeV4R7mSTUPhju4nn0-7PesLc06iNw1cdR-_C8wn0AgXTSyOs_8zxkAU_JxNvHdaKTSiuiyRYyy_81D82TKZft-DscrUAbcE-tmE_nOAOzEE4lAU9cr_hK47nfeGLCtqnZ8KVP3Z3I-dROrprhiSPJUUjTTECuNANUjMWi3GrAvNx1BHB1TehIp2wIEF9Am5TdMQC9ucQDJYfQcjRYjCuFSZj7TRgsjA1_XvJSFaQdV0wapYKBTPKPW3nwWMBHj0yYFUUqFCmqNGgSlGdI2VGkaKy4Jg2iMAI67EXzzKSQgxO-c195UaMbO2D0b0NZGPcc_cXKrEPdu37tRpg-fX793GXn3yi_8s__3tkeQhZJ5a-vFm07_58O_D8ePK1puWm4i6li4g5dO97MwV-KgjPdrMUvNMobB0G_-9VoH6ttfTwDWyZb7qvlZAH1nwc8L5IusgxfVQEY01JVOfeSJjPnsfBtHKWDw_mFnQ5PvzZs7JFTGfdq7Ufl2j6LUwtwO2tbf0cbjlze1rhW0IWM20Jp3PlwggOPr0fdJDJ5aEFf54Gv9WYMQ1TDHA61ib_R4sZFf0q09t-H866Wjr0oZL_FoPbK8TlHRBV8-FsQ6ftJLpQWPoXz58ThkmGPknn3E1z5rTgTMjzt0xkO_5ScozBWZNUUKlOFfxpDM7kIdhzJLvygi3f3I8djY2jxclTvAOyUc875bDnP-BM4eCtwwDrKUy6uXcCueFrvqT3umO53CLi-arPWKPAv8db0KnAZ9oN1noNbFTf0r9JAoLWzzp78KZMuK3JD3r50IQ3hnh_BcGEemv3izUEPLA6XG_q-K3WNYnLnSNoTq1XhybU6ZMETdOyXnvVfe7mEw82YZRU43eht5Tbq807uEZUjEucNuAbqM38yTt-Y20jAL8gaC_2-B8WvM7wzRt-Ry35JIcgV39aLznZO-UEi8Bww4Stx7zjpJfgF4Vm2Wzg7U-b-rwZrX4-MLbc11eGYacqebvg0pFW9Ez_WDK1AE-LbSomm0tlQLNMXemiQuK3VlJMzPa_sGKdsozng99ax0bSopkSnWaY683HHTahpGU_6y3udG_85HaQr4uFjqj2SptAm9GMkU5fNn4rmMXqT1nxln1JEn67w_a6uvcL5M7jTvNL-RveeyJU7c7d6LYMv3gGomWsu6W5uVbXBAeWRcMfQfupNgBbsOoj3DCAhHtjiSb-sA1Es8lEPpsnR2gaxPHIPHBrMdytBWwWTnFXKWrdmERjFmuxHwQmauDjy7DUOLnYVGbrjzvJbBhIbAsG10DiF93SVEb0lGhfD8kgwQsbHXgzHHdQ_7sgJOqzc_ylbXMnH1SYSqyNJZzcXK6SmiWKifbFZ28vBzVG2BYzs5nrfu-NwFkcE-793zBodWwYjD7UxhfbdAeN&uniformat=true&callback=Ya%5B3754375912327%5D

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0938e2f66942319881a4b6fdbcba92ba1510f2d5d8ab9c88fe5100e79b4208a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
x-yandex-req-id: 1668413346349711-1053870712334936095900103-production-app-host-vla-pcode-107
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
uniformat-product-type: None
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 14 Nov 2022 08:09:06 GMT
uniformat: true
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 14 Nov 2022 08:09:06 GMT

GET
H2 200 93ca76526105423526a6.js Show response
yastatic.net/partner-code-bundles/679108/ 478 KB
97 KB 67ms
64ms Script
text/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/679108/93ca76526105423526a6.js

Requested by

Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

9239abece3f6c44860d0aa3fba121a0f931256f78b88ab4eb33c13c027dd16e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Referer: https://orantas.livejournal.com/
Origin: https://orantas.livejournal.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-encoding: br
strict-transport-security: max-age=43200000; includeSubDomains;
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 98928
last-modified: Thu, 10 Nov 2022 11:28:29 GMT
server: nginx/1.17.9
etag: "a9f781a2bfd5e4b0d9f7b14cdf48e369"
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 13 Nov 2052 14:44:24 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/27737346/ 43 B
153 B 53ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/27737346/1?page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&hittoken=1668413345_29aaffa8762e76012657bc64e5af10cfd527389d6c4ae6c565f2e778681d37e7&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A1%3Adp%3A1%3Als%3A631902983085%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080906%3Aet%3A1668413346%3Ac%3A1%3Arn%3A442190957%3Arqn%3A3%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1668413343181%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413346&t=gdpr(14)mc(p-1-up-1)clc(0-0-0)rqnt(3)lt(95200)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:06 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Nov-2022 08:09:06 GMT
content-type: image/gif
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:06 GMT

GET
H2 200 563767 Show response
mc.yandex.com/watch/ 408 B
443 B 49ms
49ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767?wmode=7&page-url=https%3A%2F%2Forantas.livejournal.com%2F&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A1%3Als%3A1300105480577%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080906%3Aet%3A1668413347%3Ac%3A1%3Arn%3A320988430%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1668413343181%3Anp%3AV2luMzI%3D%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413347%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr(14)mc(p-2-up-1)clc(0-0-0)lt(109700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1fd2448fbc68f2def3b96dbeb4f580788af476e9154316a6c690e2cdfd3e60c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 14-Nov-2022 08:09:06 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 408
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:06 GMT

POST
H2 200 1 Show response
mc.yandex.com/watch/563767/ 43 B
73 B 51ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767/1?page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&cnt-class=1&hittoken=1668413346_52b52f876f1b52fa924a2c9e387d8f9b1545202281f0f8ba454b763feee030d6&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afp%3A1030%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A1%3Als%3A1300105480577%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080906%3Aet%3A1668413347%3Ac%3A1%3Arn%3A157046629%3Arqn%3A1%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C95%2C95%2C90%2C102%2C0%2C%2C708%2C213%2C3252%2C3252%2C0%2C1091%3Acpf%3A1%3Aeu%3A1%3Ans%3A1668413343181%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413347&t=gdpr(14)mc(p-3-up-1-h-1)clc(0-0-0)rqnt(1)lt(109700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:06 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Nov-2022 08:09:06 GMT
content-type: image/gif
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:06 GMT

GET
H2 200 563767 Show response
mc.yandex.com/watch/ 43 B
73 B 46ms
46ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/563767?page-url=https%3A%2F%2Forantas.livejournal.com%2F&charset=utf-8&cnt-class=1&hittoken=1668413346_52b52f876f1b52fa924a2c9e387d8f9b1545202281f0f8ba454b763feee030d6&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Ahfm45xylrqz94o3kspt6k%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A921%3Acn%3A2%3Adp%3A1%3Als%3A1300105480577%3Ahid%3A485347239%3Az%3A0%3Ai%3A20221114080906%3Aet%3A1668413347%3Ac%3A1%3Arn%3A392752768%3Arqn%3A2%3Au%3A1668413345433752427%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Acpf%3A1%3Aeu%3A1%3Ans%3A1668413343181%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1668413347%3At%3AThe%20Saved%20Planet%20%E2%80%94%20LiveJournal&t=gdpr(14)mc(p-3-up-1-h-1)clc(0-0-0)rqnt(2)lt(109700)aw(1)ecs(1)rqnl(1)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:06 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 14-Nov-2022 08:09:06 GMT
content-type: image/gif
access-control-allow-origin: https://orantas.livejournal.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 14-Nov-2022 08:09:06 GMT

GET
H3 200 ysmwrapper.js Show response
fundingchoicesmessages.google.com/f/AGSKWxW-49hauDTP9Cz1G93jbHVcGYY-mMDl0_VO-K-QXPeGX7SAb8pgsnYBtO2CBcZ2qSzt-gAOaAionRTWu5PMT8A03IBOaZMHdF_zdYv3-37ZObhtha3r-Hga-0pWQsHaiJlTHRdm5rcVZSxdsfx0naqp3E8zQ... 54 B
109 B 53ms
53ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-49hauDTP9Cz1G93jbHVcGYY-mMDl0_VO-K-QXPeGX7SAb8pgsnYBtO2CBcZ2qSzt-gAOaAionRTWu5PMT8A03IBOaZMHdF_zdYv3-37ZObhtha3r-Hga-0pWQsHaiJlTHRdm5rcVZSxdsfx0naqp3E8zQIA839-QZdv8QtgQfB1P2uBLTsvDLUFM/_.weborama.js=728x90;/remove-ads./subad2_/ysmwrapper.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.Xq1aCTP4mVM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMzX0yK8mX64u1sofWEGuPTZhqaf0g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2fe9b1e255ccf732fcb3ead9c4e357668201c41b2395ae8ac49cee5f9d792e3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k8smkGwnV3PwCL9xnrZHng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-k8smkGwnV3PwCL9xnrZHng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 62 KB
23 KB 133ms
38ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f22aa9a5c8ecab812fd427dab3a62ba16dfc9c05eb917e15b2d589a8ec939bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 07:40:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1695
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23290
x-xss-protection: 0
server: cafe
etag: 10234540210929825284
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Nov 2022 08:40:51 GMT

POST
H3 204 AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
50ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ftDGnRGPq2rcb6eBPsPLPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-ftDGnRGPq2rcb6eBPsPLPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://orantas.livejournal.com
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 51ms
51ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gKxq_hIpz9YO6hi1f94SrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-gKxq_hIpz9YO6hi1f94SrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sandbox Show response
profile.ssp.rambler.ru/ Frame FCBF 2 KB
1 KB 87ms
86ms Document
text/html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ssp.rambler.ru/sandbox?img=PedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA&img=l5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA&img=bQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA&img=*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA&img=m2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA&img=NFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA&img=wGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA&img=5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA&img=gs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA&img=mxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA&img=9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA&img=Sx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA&img=oL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA&img=aGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA&img=U1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA&script=dKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA&img=4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA&img=OXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA&img=reGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA&img=COJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

a008507d70df1aa1cf064c7bf46cb8ead2f89e43ad087e59c5cce5b0a7506099

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://orantas.livejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=Windows-1251
date: Mon, 14 Nov 2022 08:09:06 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
server: nginx
strict-transport-security: max-age=0
x-passed: 2bal1

POST
H3 204 AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 48ms
48ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XH_-NXcxmcHhbV9LOlY3kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-XH_-NXcxmcHhbV9LOlY3kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 92ms
92ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWigONUkJhkA0gxJJifbOH8Esb83CO3qrQMzPELXiqT-hV4FvuPeoCfFT8uDgsfDhjHedx3Q96SDmCW5xLD17NriS9iC32P8LtOrnGjxRdhpy3tkne_P3i-CFd3bKJO_Jj43Z86zw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6-ZIj_1bytBnyo7wITK-qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-6-ZIj_1bytBnyo7wITK-qQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://orantas.livejournal.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUFyApCSnTc0eXdnGu81Q6V7DxEHKEih2ngpbdtW_oFc50-Dc_FkhYcmch0xqTVv4nZEk0NzKboU2cHYxgu2YsjYqeDP7GWR5-sk5pVvMqMmqLqyk7URzqQNsToxtSBEEOWhlgu4A== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUFyApCSnTc0eXdnGu81Q6V7DxEHKEih2ngpbdtW_oFc50-Dc_FkhYcmch0xqTVv4nZEk0NzKboU2cHYxgu2YsjYqeDP7GWR5-sk5pVvMqMmqLqyk7URzqQNsToxtSBEEOWhlgu4A==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjY4NDEzMzQ2LDk0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vb3JhbnRhcy5saXZlam91cm5hbC5jb20vIixudWxsLFtbOCwiWHExYUNUUDRtVk0iXSxbOSwiZGUiXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc45ad718b4d97d44c88e9581fa8081a023a6eb1ded03be4a118894fd273d326

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VpddJUHVUr6mYQ8vzgwNPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-VpddJUHVUr6mYQ8vzgwNPQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
sandbox.ssp.rambler.ru/pixels/ Frame FCBF 2 KB
1 KB 386ms
204ms Script
application/x-javascript 91.192.150.30
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=1142283718

Requested by

Host: profile.ssp.rambler.ru
URL: https://profile.ssp.rambler.ru/sandbox?img=PedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA&img=l5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA&img=bQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA&img=*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA&img=m2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA&img=NFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA&img=wGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA&img=5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA&img=gs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA&img=mxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA&img=9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA&img=Sx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA&img=oL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA&img=aGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA&img=U1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA&script=dKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA&img=4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA&img=OXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA&img=reGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA&img=COJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.192.150.30 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

3cfece9dfaa70b2cb40a4d4d27c1b19be58461ff0f7976a0399ba4cb796c02bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Mon, 07 Nov 2022 14:07:07 GMT
server: nginx
etag: W/"6369110b-78c"
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-type: application/x-javascript
x-passed: 0bal2

GET
H2

200

rambler
exchange.buzzoola.com/cookiesync/ssp/ Frame FCBF
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/rambler?uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8

43 B
130 B

14ms
14ms

Image
image/gif

168.119.88.34
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: H2
Server: 168.119.88.34 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.34.88.119.168.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/rambler?set_buzzoola_cookie=t&uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8
date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx
etag: W/"405e8dd7a6d643a13207263f1f60dace1e64bdb06b4c036e6a54a311401acbdb"
content-length: 126
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2

200

/
tms.dmp.wi-fi.ru/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=maximatelecom&id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=A7ED828881ECD8BF9C1655AD41707DB7

35 B
616 B

399ms
65ms

Image
application/javascript

91.220.120.9
MAXIMATELECOM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=A7ED828881ECD8BF9C1655AD41707DB7
Protocol: H2
Server: 91.220.120.9 , Russian Federation, ASN202173 (MAXIMATELECOM, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-None-Match,Last-Modified,If-Modified-Since,Keep-Alive,Origin,User-Agent,Vary,X-Mx-ReqToken,X-Requested-With
content-length: 35
expires: 0

Redirect headers

location: https://tms.dmp.wi-fi.ru/?dmpkit_cid=81460eb5-647b-4d9b-a3e3-7863f294c3da&dmpkit_evid=ab914581-c2bd-45ef-9242-3128c73c48c5&g_adv=rambler&g_cp1=A7ED828881ECD8BF9C1655AD41707DB7
date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
x-passed: 1bal1
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H/1.1

200
OK

i
dmg.digitaltarget.ru/1/7009/i/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=vi&id=abcdef&r=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F7009%2Fi%2Fi%3Fa%3D185%26e%3D%24UID%26i%3D%24RND613702303
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5
https://dmg.digitaltarget.ru/awg/custom/7009/i/i?call_source=awg&ts=1668413347356&a=185&e=EB74B339E8A45D0519094D3294FDA5B5
https://sync.rambler.ru/set?partner_id=vi&id=8msgHbWW9w63yw27pOih
https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5

49 B
603 B

98ms
98ms

Image
image/gif

185.15.175.133
SAFEDATA Uplinks

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5

Protocol

HTTP/1.1

Server

185.15.175.133 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),

Reverse DNS

Software

nginx /

Resource Hash

8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Request-Time: 46
Connection: keep-alive
Content-Length: 64
X-XSS-Protection: 1; mode=block
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx
Vary: Accept-Encoding
X-Frame-Options: DENY
Content-Type: image/gif
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Credentials: true

Redirect headers

location: https://dmg.digitaltarget.ru/1/7009/i/i?a=185&e=EB74B339E8A45D0519094D3294FDA5B5
date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
x-passed: 1bal1
server: nginx
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2

200

counter2
top-fwz1.mail.ru/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=6bf5a340-6c1f-4262-8f72-400b3d237f5d&ruid=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://top-fwz1.mail.ru/counter?id=3082612;pid=2AB1F637B303ECB1472BA02508580597
https://top-fwz1.mail.ru/counter2?id=3082612;pid=2AB1F637B303ECB1472BA02508580597

43 B
961 B

54ms
53ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter2?id=3082612;pid=2AB1F637B303ECB1472BA02508580597

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Mon, 14 Nov 2022 08:09:07 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter2?id=3082612;pid=2AB1F637B303ECB1472BA02508580597
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 204
No Content accepter
sync.datamind.ru/cookie/ Frame FCBF 0
145 B 154ms
48ms Image
text/plain 91.194.226.61
TCS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.datamind.ru/cookie/accepter?source=rambler&id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.194.226.61 , Russian Federation, ASN43399 (TCS-AS, RU),
Reverse DNS: dp.tinkoffinsurance.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
x-rtb-lba-name: ds-prod-rtb-anthill-2
x-edge-processing-time: 2
server: nginx

GET
H2

200

match
ads.betweendigital.com/ Frame FCBF
Redirect Chain

https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://lbs-ru1.ads.betweendigital.com/match?bidder_id=43008&external_matching=1&forward=1&external_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&crf=1
https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=between&bsw_custom_parameter=cd373573-ccde-496c-83c4-07c0e8e01045
https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=between&expires=10&bsw_param=cd373573-ccde-496c-83c4-07c0e8e01045
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=cd373573-ccde-496c-83c4-07c0e8e01045

68 B
607 B

113ms
73ms

Image
image/png

188.42.196.115
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=cd373573-ccde-496c-83c4-07c0e8e01045
Protocol: H2
Server: 188.42.196.115 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=cd373573-ccde-496c-83c4-07c0e8e01045
Date: Mon, 14 Nov 2022 08:09:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
begun-sync.rutarget.ru/ Frame FCBF
Redirect Chain

https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&check-cookie=true

35 B
519 B

154ms
55ms

Image
image/gif

45.9.27.120
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&check-cookie=true
Protocol: HTTP/1.1
Server: 45.9.27.120 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),
Reverse DNS: fr19.segmento.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 14 Nov 2022 08:09:07 GMT
Server: nginx
Connection: close
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

Location: https://begun-sync.rutarget.ru/sync?ssp_user_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8&check-cookie=true
Date: Mon, 14 Nov 2022 08:09:07 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

rambler
px.adhigh.net/p/cm/ Frame FCBF
Redirect Chain

https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8&bounced=1

49 B
326 B

48ms
48ms

Image
image/gif

194.190.76.41
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8&bounced=1
Protocol: H2
Server: 194.190.76.41 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp1.senders.rutube.ru
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx
x-backend-id: f11-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
location: https://px.adhigh.net/p/cm/rambler?u=000022d4-6371-f7a1-574d-b1c7b8a09fc8&bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

set
sync.rambler.ru/ Frame FCBF
Redirect Chain

https://rambler-sync.rutarget.ru/sync?000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://sync.rambler.ru/set?partner_id=segmento&id=86QqOWqK1HVp

43 B
224 B

89ms
89ms

Image
image/gif

91.192.149.36
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=segmento&id=86QqOWqK1HVp

Protocol

Server

91.192.149.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
x-passed: 1bal1
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

Location: https://sync.rambler.ru/set?partner_id=segmento&id=86QqOWqK1HVp
Date: Mon, 14 Nov 2022 08:09:07 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H2

200

counter
top-fwz1.mail.ru/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=cldata&rnd=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=8B95C5DDC0506F0BF68138E7E5DA9EFC
https://sync.1dmp.io/pixel.gif?cid=6464e806-bc68-4a4f-8893-22ec34eb02f1&pid=957b2d53-9bf9-48fd-95ea-df093901ffcf&uid=8B95C5DDC0506F0BF68138E7E5DA9EFC&cs=1
https://sync.1dmp.io/pixel.gif?cid=e8610170-b6a0-4a0d-ab5f-68d104af7a7e&pid=w&uid=9c933811-63f3-11ed-8ff0-f832e4719dd9&ru=https%3A%2F%2Ftop-fwz1.mail.ru%2Fcounter%3Fid%3D3201865%3Bpid%3D9c933811-63...
https://top-fwz1.mail.ru/counter?id=3201865;pid=9c933811-63f3-11ed-8ff0-f832e4719dd9

43 B
962 B

54ms
54ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3201865;pid=9c933811-63f3-11ed-8ff0-f832e4719dd9

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

location: https://top-fwz1.mail.ru/counter?id=3201865;pid=9c933811-63f3-11ed-8ff0-f832e4719dd9
date: Mon, 14 Nov 2022 08:09:07 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate, private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0, 0

GET
H2 200 /
an.yandex.ru/mapuid/ramblerssp/ Frame FCBF 43 B
152 B 62ms
57ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/ramblerssp/?000022d4-6371-f7a1-574d-b1c7b8a09fc8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 14 Nov 2022 08:09:07 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 08:09:07 GMT

GET
H2

200

cm
creativecdn.com/rambler/ Frame FCBF
Redirect Chain

https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8&tc=1

42 B
243 B

17ms
15ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8&tc=1
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT, Mon, 14 Nov 2022 08:09:07 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/rambler/cm?pi=rambler&userId=000022d4-6371-f7a1-574d-b1c7b8a09fc8&tc=1
date: Mon, 14 Nov 2022 08:09:07 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync
stats.seedr.com/nr/ Frame FCBF 0
838 B 368ms
57ms Image
text/html 95.163.53.111
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.seedr.com/nr/sync?dsp_id=ram&external_uid=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.53.111 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: stats.seedr.ru
Software: nginx / PHP/7.4.30
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:07 GMT
Content-Encoding: gzip
Server: nginx
x-powered-by: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Methods: GET, POST, OPTIONS
x-envoy-upstream-service-time: 4
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, *

GET
H/1.1 200
OK sync.cgi
ssp.adriver.ru/cgi-bin/ Frame FCBF 42 B
201 B 417ms
57ms Image
image/gif 195.209.111.13
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=5&external_id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.209.111.13 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 08:09:07 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

GET
H2

200

set
sync.rambler.ru/ Frame FCBF
Redirect Chain

https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://redirect.frontend.weborama.fr/rd?url=https%3A%2F%2Fsync.rambler.ru%2Fset%3Fpartner_id%3Dab56d453-f95a-4cbc-97b3-1e30a8f95173%26id%3D%7BWEBO_CID%7D&usr=000022d4-6371-f7a1-574d-b1c7b8a09fc8&b...
https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=Et5ae7ZL6DvQ.XpIWM/wfO

43 B
224 B

107ms
106ms

Image
image/gif

91.192.149.36
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=Et5ae7ZL6DvQ.XpIWM/wfO

Protocol

Server

91.192.149.36 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

sync.rambler.ru

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
x-passed: 1bal1
server: nginx
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:06 GMT
via: 1.1 google
last-modified: Mon, 14 Nov 2022 08:09:07 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://sync.rambler.ru/set?partner_id=ab56d453-f95a-4cbc-97b3-1e30a8f95173&id=Et5ae7ZL6DvQ.XpIWM/wfO
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 p
rmb.ops.beeline.ru/ Frame FCBF 35 B
627 B 533ms
169ms Image
image/gif 37.9.245.57
BEE-AS Russia

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rmb.ops.beeline.ru/p?ssp=rmb&id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.9.245.57 , Russian Federation, ASN16345 (BEE-AS Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
x-route: http://upstream_cookiesync
server: nginx
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS, GET, HEAD, POST, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true, true
x-host: 192.168.152.59
access-control-allow-headers: authorization, Content-Type, Authorization, Origin, X-Requested-With, Accept, Key, Accept-Encoding, DNT
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

204

0.gif
x01.aidata.io/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=aidata&rnd=000022d4-6371-f7a1-574d-b1c7b8a09fc8
https://x01.aidata.io/0.gif?pid=RAMBLER&id=9A71EE0ACE9F98CEDBA85139CCDE8870
https://x01.aidata.io/0.gif?pid=RAMBLER&id=9A71EE0ACE9F98CEDBA85139CCDE8870&bounce=1
https://counter.yadro.ru/id-redir/aidata.gif?back=STOP
https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP

0
433 B

44ms
44ms

Image
text/plain

89.108.120.76
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Protocol: H2
Server: 89.108.120.76 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS: d51804.reg.regrucolo.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:07 GMT
last-modified: Mon, 14 Nov 2022 08:09:06 GMT
server: nginx
access-control-allow-methods: GET, POST
p3p: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Mon, 14 Nov 2022 08:09:06 GMT

Redirect headers

Location: https://x01.aidata.io/0.gif?pid=LIVE&id=&back=STOP
Date: Mon, 14 Nov 2022 08:09:07 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Connection: keep-alive
Content-Length: 324
Content-Type: text/html; charset=iso-8859-1

GET

static.gif
stats.mos.ru/ Frame FCBF
Redirect Chain

https://sync.rambler.ru/emily?partner_id=9122f432-a6c9-4f14-bc8a-daa781f3d204&rnd=415854137
https://stats.mos.ru/static.gif?ramblerid=A9C71FAFFE180E0DCEA581B9089F1DB0

0
0

GET
H2 204 rambler
sync.dmp.otm-r.com/match/ Frame FCBF 0
69 B 161ms
17ms Image
text/plain 195.201.57.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/rambler?id=000022d4-6371-f7a1-574d-b1c7b8a09fc8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.57.28 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.28.57.201.195.clients.your-server.de
Software: nginx/1.17.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 08:09:07 GMT
server: nginx/1.17.0

POST
H3 204 AGSKWxU-dPSg5XmwH5cbSiUyG2A5gZ1w8mBa86a_zL-B-0PcaTv5o0_6oh59lz5GXDssuJfO2amgFzitOYN6EcK448XbNU6WtOSm5snwSoCTEuQwTYABA3uM00uAIxczCgRR5KsvMUnKCw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
49ms XHR
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU-dPSg5XmwH5cbSiUyG2A5gZ1w8mBa86a_zL-B-0PcaTv5o0_6oh59lz5GXDssuJfO2amgFzitOYN6EcK448XbNU6WtOSm5snwSoCTEuQwTYABA3uM00uAIxczCgRR5KsvMUnKCw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hhPUXduLQcfo1emG3GnKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://orantas.livejournal.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-hhPUXduLQcfo1emG3GnKuA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://orantas.livejournal.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 capirs_async.js Show response
ssp.rambler.ru/ Frame FCBF 510 KB
173 KB 176ms
172ms Script
application/x-javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/capirs_async.js

Requested by

Host: sandbox.ssp.rambler.ru
URL: https://sandbox.ssp.rambler.ru/pixels/index.js?pad_id=441920592&block_id=441920596&rnd=1142283718

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

a430ffb43505069111b825a72b730fd413863a674a669ae6e49848119296c340

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Fri, 11 Nov 2022 12:54:32 GMT
server: nginx
etag: W/"636e4608-7f873"
content-type: application/x-javascript
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
cache-control: max-age=60
x-passed: 0bal1
expires: Mon, 14 Nov 2022 08:10:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2CE8 28 B
54 B 58ms
57ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c4225c42/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
X-Goog-Request-Time: 1668413347960
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/MvsUZk1wndo?wmode=opaque&wmode=opaque
X-YouTube-Client-Version: 1.20221106.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgthQnR4eXFtaHkwZyig78ebBg%3D%3D
X-YouTube-Ad-Signals: dt=1668413345151&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C560%2C315&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 14 Nov 2022 08:09:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 14 Nov 2022 08:09:07 GMT

GET
H2 200 userip Show response
ssp.rambler.ru/ Frame FCBF 15 B
141 B 102ms
85ms XHR
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/userip
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e5be170a8935eecfcdf2d0a98457dcaa8354bf54e7de1bc20a913c685087fdb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 08:09:08 GMT
x-passed: 0bal1
server: nginx
content-length: 15
content-type: application/octet-stream, text/plain

GET
H2 200 getid Show response
ads.adfox.ru/ Frame FCBF 37 B
197 B 71ms
70ms Script
application/x-javascript 2a02:6b8::1be
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adfox.ru/getid?t=jsonp&f=af_setLpdId&pr=2931846014

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1be Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c3ce78e759dc821579a5393833bd23c0a50efcd8a003756e12a29204d10e3144

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 04 Dec 1999 21:29:02 GMT

GET
H2 200 36535%3A6101
an.yandex.ru/mapuid/adfox/ Frame FCBF 43 B
152 B 58ms
57ms Image
image/gif 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/adfox/36535%3A6101?jsredir=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Mon, 14 Nov 2022 08:09:08 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Mon, 14 Nov 2022 08:09:08 GMT

GET
H2 204 sync2.204
profile.ssp.rambler.ru/ Frame FCBF 0
168 B 86ms
86ms Image
text/plain 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://profile.ssp.rambler.ru/sync2.204?anket_id=36535%3A6101&pid=85&ruid=pA8AAENKs1e%2Bp83cAWlnUgA%3D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/sandbox?img=PedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA&img=l5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA&img=bQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA&img=*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA&img=m2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA&img=NFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA&img=wGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA&img=5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA&img=gs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA&img=mxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA&img=9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA&img=Sx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA&img=oL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA&img=aGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA&img=U1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA&script=dKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA&img=4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA&img=OXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA&img=reGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA&img=COJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:08 GMT
strict-transport-security: max-age=0
x-passed: 2bal1
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2 200 context.jsp Show response
ssp.rambler.ru/ Frame FCBF 4 KB
5 KB 104ms
91ms XHR
application/javascript 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ssp.rambler.ru/context.jsp?wl=rambler&json=1&frm_level=1&frm_top=top_not_accessible&pad_id=441920592&first=1&block_id=441920596&screenw=1600&screenh=1200&winw=0&winh=0&rq=0&rq_type=0&rq_sess=EFCFA493B4664264321F8B561A63BCD9&fpruid=pA8AAENKs1e%2Bp83cAWlnUgA%3D&browser_family=Chrome&browser_version=107.0.5304.110&os_family=Windows&os_version=10&device_type=1&jparams=%7B%22puid42%22%3A%229.7%22%2C%22pli%22%3A%22a%22%2C%22plp%22%3A%22a%22%2C%22pop%22%3A%22a%22%2C%22lpdid%22%3A%2236535%3A6101%22%7D&top=8&left=8&secure=1&vcapirs=38_7_0&fpParams=%7B%22f%22%3A%7B%22p%22%3A3646554937%2C%22c%22%3Anull%2C%22i%22%3A227085683%2C%22v%22%3A%22Intel%20Inc.%22%2C%22r%22%3A%22Intel%20Iris%20OpenGL%20Engine%22%2C%22w%22%3A2008083360%7D%2C%22s%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22a%22%3A1600%2C%22b%22%3A1200%2C%22p%22%3A1%2C%22c%22%3A24%7D%2C%22o%22%3A%7B%22t%22%3A0%2C%22u%22%3A%22en-US%22%7D%7D&callback=Begun_Autocontext_saveFeed1&ref=https%3A%2F%2Forantas.livejournal.com%2F&url=https%3A%2F%2Fprofile.ssp.rambler.ru%2Fsandbox%3Fimg%3DPedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA%26img%3Dl5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA%26img%3DbQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA%26img%3D*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA%26img%3Dm2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA%26img%3DNFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA%26img%3DwGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA%26img%3D5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA%26img%3Dgs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA%26img%3DmxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA%26img%3D9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA%26img%3DSx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA%26img%3DoL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA%26img%3DaGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA%26img%3DU1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA%26script%3DdKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA%26img%3D4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA%26img%3DOXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA%26img%3DreGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA%26img%3DCOJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

ssp.rambler.ru

Software

nginx /

Resource Hash

8033154d9ffb1799bc97de3edb3f072f6b4bc345fe97759a528bb9e32684353f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://profile.ssp.rambler.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:09:08 GMT
strict-transport-security: max-age=0
x-user-regionid: 1860
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR NID DEVa PSAa PSDa OUR BUS", policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
content-length: 4527
x-begun-graphcount: 0
pragma: no-cache
last-modified: Mon, 14 Nov 2022 08:09:08 GMT
server: nginx
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://profile.ssp.rambler.ru
cache-control: post-check=0, pre-check=0
access-control-allow-credentials: true
x-passed: 0bal1
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 blockstat_post
ssp.rambler.ru/ Frame FCBF 0
79 B 76ms
75ms Ping
text/plain 91.192.150.12
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.rambler.ru/blockstat_post
Requested by: Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.192.150.12 , Russian Federation, ASN42481 (BEGUN-AS, RU),
Reverse DNS: ssp.rambler.ru
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://profile.ssp.rambler.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 08:09:08 GMT
x-passed: 0bal1
server: nginx
content-length: 0

GET
H2 200 /
kraken.rambler.ru/cnt/ 43 B
487 B 86ms
85ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/?et=pg&v=3.12.9&pid=1111412&tid=t1.1111412.550795321.1668413344711&rid=1668413344.71-1055537108&fid=pA8AAENKs1conQjuAdxs4gA%3D&fip=pA8AAENKs1e%2Bp83cAWlnUgA%3D&eid=386733497192984&aduid=9ae3c7b9-ee02-4063-b54d-91be5159358a&aduidsc=livejournal.com&stid=210692369_1668413344713&sn=1&sen=2&ct=web&url=https%3A%2F%2Forantas.livejournal.com&exp=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&ping_ext=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=941277465
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 /
kraken.rambler.ru/cnt/v2/ 43 B
486 B 86ms
86ms Image
image/gif 81.19.89.16
RAMBLER-TELECOM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kraken.rambler.ru/cnt/v2/?event_type=base&event_name=ping&session_id=210692369_1668413344713&session_number=1&session_event_number=2&version=3.12.9&counter_type=web&experiment=%5B%5B%22exp_bot%22%2C%22split_a%22%5D%2C%5B%22exp_ping%22%2C%22no%22%5D%5D&top100_id=t1.1111412.550795321.1668413344711&adtech_uid=9ae3c7b9-ee02-4063-b54d-91be5159358a&adtech_uid_scope=livejournal.com&fingerprint=pA8AAENKs1conQjuAdxs4gA%3D&fingerprint_ip=pA8AAENKs1e%2Bp83cAWlnUgA%3D&url=https%3A%2F%2Forantas.livejournal.com&project_id=1111412&request_id=1668413344.71-1055537108&event_id=386733497192984&meta=%7B%22activity%22%3A%7B%7D%2C%22scroll%22%3A%7B%22min%22%3A0%2C%22max%22%3A1200%2C%22current%22%3A0%7D%2C%22num%22%3A1%2C%22duration%22%3A5%7D&rn=1762647450
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.19.89.16 , Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS: kraken.rambler.ru
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://orantas.livejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 08:09:09 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
x-srv: 0kraken-prod0003.ad.rambler.tech
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif, image/gif
p3p: CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sandbox Show response
profile.ssp.rambler.ru/ Frame 01BA 129 B
342 B 87ms
86ms Document
text/html 91.192.148.14
BEGUN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ssp.rambler.ru/sandbox?img=uRSND9fdgPCJ*MFDQuLy0kjbHWVoya3-vRWp9ShDO65bD4XLGWNGx3sFZVtbd-3jMrBF8aWaKaZLkSdZFmicywI3QZhIxrkp3E65oyo0LcByp*fM4JdWrCAaEJVdtJKaEfUSz3Tkt31HK8Aq5l-yKgIAAAC63LwKAAAAAA&img=HK929r4UBXvPyRonq3Afhk8YwnDAIGzD-p5WlAMZ5KKZey4qft1wS5jfdezqnl1ozEmyGWx62Ia1s*sS-My9ma0f-8wJywW0xPLpe3v46AGr7mlB8X3GHNXz1uEeJ-oyU8-26CnQqeaPJnjMg5K3CYiV4OhEN*SmUge4EEozvrUCAAAAuty8CgAAAAA&img=Tgnyn7svP9Kv-xN7wofVV1jO7Lp2h5LH*2TGOt0O4tRyXP0i5*82aD2hfRCQ59nrHrffREdS0PBWme6If9Bg3tT3WC*2KvMBWe2GW42caz1JQmHXTP7-uMlQnu3eTP0qArpStQukJU43g3vQ5349BAIAAAC63LwKAAAAAA&img=wSm5fNCtwuhNO3Mdda4W4ZKU5RjsEYMemqZ9M2B1cRbn7JpLwK4Jz0esAbmlSeR534pimteRPttmMTvcYjW34p4OUOmk1mBS77c9p6ZY459eL0zE*GJRYjnG*bWknniIAgAAALrcvAoAAAAA&img=TA5bSo0Jai7K4Yv5L3S7hbjt3NUpVPqFXueGUfaR0sztPURHmLjEDxX7W0Hvu8MO06Vta5abJ2EZrXAzYKwRDy-DSfIa-JAPN9Wd44s*ADyuX9ZkD0y1pKb8OiukugRJWvtX4OWW7crppQUyG9B78jmdNqoH0jKe524Wf39R*CUCAAAAuty8CgAAAAA&img=x6qK*wfhFA5A5M3E-pgX6zRUHNlMXz3r7zWw6nLVvlssPANdNhQ483Qa9GbUlycOwKa7jzAsPef4PiA6Egk-hpX2KY4YoyI9nI1B2zpfiKzZwt88ZtiEZxinbujtnQfPvZt8wHl2AW0IO6IX-6zJPtRqfj4aq8Ro6tOMYyOYYj8CAAAAuty8CgAAAAA&img=neZjeKeBK-*edybp9kTDAGFwgruuATGN9ObyYveSjzP2ItDcwbCxogVwK08MycAG6qgXl4RQlcVSr-bjzr2vnSkDeZnLkYNxDbHHGMSMZmcujRfwd*du1Lk94zsZ89FFxmUY6GvUqorCnDBZKk8v*QIAAAC63LwKAAAAAA&img=TRT0Rpm6qqe*i7XSBJuC5xnYq4iHN01BEcIjMzk7vVCNiTlBi8F5AvMCxoTcmBYwRHS5*gg4oQQ*NhAUcmvg8xVFXRoc4r2*t8QUQt6sYAY10IatA*H2PT2sE17qYAwLzFnxD6kxCFPOPZZ7lQvwK*J0PQyMjjcROci6EDr1sjUCAAAAuty8CgAAAAA&img=zK1XI0GLzDk8QkBZbPnnPXo7JyKbzwJTOee6XoKyCda9RJHQ3h6mBrMdhSPDmEXzqHgbOIV6OShqpxmK1S2XLn4AOvWo3Ri7eoSj7lf3HHZax4tQ3HOCPpLm7GbTMaxtunL0tjkfI2YHHi2G9FR0bA8HzFw6Bz8Jz3pER1zPH-7WVOG-0WMdL4yCzQcc-5UwAgAAALrcvAoAAAAA&img=YXvkgxJjBaIelLOaGQD0i*j221EozRaFgqLBeTOD-i-4pAw01c0m0tHpMCG0P9z2nB0u-7MCCTn2A6m6FeVwRVwZsUgu8FTDB816*DgGUR9H9qRe3tsjI1XFpGPWJbqeAgAAALrcvAoAAAAA&img=66EV6P*G4sxSyTjRO*Vsi68hLikF4tjoLyD5rOSzgurDvFr3eAIvEDhKe1tGHvhQd7-NzP1gnCjnQ4S*buofHhNDMNSrNdCHkTjttmZFlgCHmrwf2-EQ*6rug3USdvEMesc5fhDccL3ywLaouYh1sXseVpGEPfqLnMsL0mkdwR8CAAAAuty8CgAAAAA&img=16s-yiD65a-rsaNEA*tWMDQmFIbAJQ*q303JeAB7RmcBylOaurPWzIuRyZrhNx-CWPR-SE8gxTqIVzj3vJPX*EjjxijM1Vy3GNk-uMZXiQ5DGA9RABQXp6840sav08udoomDSrUWTC2NddvboKLDBn1WvqeJHN*urTXEZoY875K3EQHevFly6X1Mlmwrs9fad0TQoyR91cP1AJZc-CBA7AIAAAC63LwKAAAAAA&img=5XmyrsYu6tWiq455JA6hfUg8-i7-aztygOvDsadSrZGBKGH9JkcruKY5PFD3sBEFCS*VRMDM-54G8mt9PKqB4OJWah-yPIWSFM21w5jgoc30jcLq741mKqelNE9*6YvwhGQdRi4b0n7D6CT*yQCmpAIAAAC63LwKAAAAAA&img=tQuHLT6gg9USlRBA662X8DhODBOkW78SIcTzByj3TpuM9pM1bMrqRJlWrb2E5epfdEzqbFOmn0MZZejFbwV7p9VIpsBSE-i5qjAgXi*pd305ijFSJnYBpCmCqPh2mIR1siAtWMFUOjyE4jI16qQ*kQIAAAC63LwKAAAAAA&img=4PIX2upVc2kzziR-sqBUgCRhonjMuF2aHZN4i8EpoG94JWQEkDxhJNTZA5pMMqJny6Sv32WpgT0GaUIEDqIqF1BelDKKtkuhQt4JVLk5AQtRe-i9nxMWFnGA2iukxl8MxS7tveM6Rj1wXIub*MU5kAtZj0rK8mpVsd88QzNFpBMCAAAAuty8CgAAAAA&img=6lPaP4sJbcqn6FTWaVILnRSw*m6qjlGDi7pE3E40V-2HKvgP1kCl7gIbBGRjRjwDC-Jcren8Rubd4Yt*Mg8U6pedLZFgpr0UtcGRW9zuDtFyRCt*q8980ewI7wLXNjw46*wu-Xnqz3b1fY*b0kheHQIAAAC63LwKAAAAAA&img=UNWE3O79X4KHQ4Q-KXVqTEr7zcPYWhS2OvZmaYG6i2mxP3fbIuW-CJW5awgPlb7BY4oQi4l8MZmiL95dJQtscBnRVJjcxTGpSgvhZ6pPyocgbZB3PphE6EePe1Bn7D53wcd8IulukmZ-RMctgMWO3ZAnz053b9ZLflbEksSbf2ZFS2CkJsheHJg26Mk-TyApk9wDXdF-SsQZlLcdLusy2CSgmVvJmlS*P*542pKZYW4CAAAAuty8CgAAAAA&img=ngHuUx*iBrEsQkNv3rjqPKs8-mWAoqIVXcGb51FJvjRuXwI3b2-MT*LnGPuS5E4bxt55MrOH1Q0YnhDNyITMKJxfPQhp7MgaFHO9nGlIC*89PO1a5e7OHkUN3bcn9vBhm-HkOYCgQmO5UeioQ-shxa3kQLr8lNq*mwwStc8Ge2vXkuREGl7B6fHKeoFMy-EBDmfQHC9ukxHdNgiDOXZywLSAEW-W2RvbF6z63VWz6UziYSke0uL3tR3pqLh2Uv8YpSymNnO2xt15IaEdtLc3eqbdg23xqydaBwt19n7jUyQCAAAAuty8CgAAAAA&img=TxbuygJRWV5ETFXezmgTlSii0SnP7UTzazKhV1vy3AqeCXI0dT8ZQbPrsew99g8VUk9AY4DSp4RDd5BO84BtK5DH7ckwKEPJGaVUYtQFtgd*eS5nWVLVZcvulPs8-P0wM9AfHAVqIVkcjxeXoDRkLQIAAAC63LwKAAAAAA

Requested by

Host: ssp.rambler.ru
URL: https://ssp.rambler.ru/capirs_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

91.192.148.14 , Russian Federation, ASN42481 (BEGUN-AS, RU),

Reverse DNS

zvezda.ssp.rambler.ru

Software

nginx /

Resource Hash

2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://profile.ssp.rambler.ru/sandbox?img=PedSuWRPd9mHM6qvq2RPqakdavSsrz8T4m6RDwdZCCo5ffJD*AYUFlN*dlNcpZmaqI*ssd5kJZI0T745Rs*tzM7CZYaJolg3DOQJEwhDmtHwJyhcVi9OHLR6OCJkeah0qLZmb3W4t332gSluICkMq4Vtnstue3MJ0d*b9jjZ2IYCAAAAuty8CgAAAAA&img=l5GIgzTVDJKVsrTqOMf9pIkXq-xgciSVo1WHuhfNdBUj0EQA7K9nQKPUmWAt9wye3VvXrLqk29IIuovz68LGIsBPgax6Jki*iFaentwuuuLoyMdKDdxSQCmfObkSRTCcRJhB*6xjKi92hmPORyg3daxysPWqUYc2*B-HNnELuRICAAAAuty8CgAAAAA&img=bQX1N5Y61Ng7l6nhOIU62xs86Hwpu7W80llXG3L2V328KIcjIwAE-c22o8w2nUYx7npOHmBsUVRxvIrRwhr76gANLB071Y0U3mHTDwGBqUav-TZIPVplbpvonyHUXwTGZneIZndMLlAWM7lvi24fisTGcPBraoL*CNYLRl7BLU*cQBSgbtarPlKnNpUGQnjoWBYbbnFsNIXfm07XqxHKEZoREL6p-qOleb6Bt9GVyKICAAAAuty8CgAAAAA&img=*6zmGYC6EN5IJRFPAKlGuInTroht4DQp-zUb*moQLgSR93xEeFVhbiD0QFFDXlv0rqMmMAgMBfNzC6WKZ5Xd6BR7TwNOmM0XrRf5iq1JrWpFv65Dv8A9e-gZ2TUBKR4ohFXWFCI--EfGNlQyV-89cHdOFQrQtj0sX*Im4VLJm8JFVPBjZb5XFIAEAcCqJg8mAgAAALrcvAoAAAAA&img=m2-yl-XXD6F5Fn8MQoiGkplAYbO6Y4nCvKFVnk*Tjgf-gMctTsUSWJna97jHA*-GnHhlG60gtChJgwfz8kzCRApVDZwguvQkUnC*pzZ2aPpv-l9Dae8lq-yK2W8gJtEM9RTlkk9spusS2I1QWdGlYu2Yrmjh3Ayle*rOA4M8ykMCAAAAuty8CgAAAAA&img=NFqCx9lmiMqrkjEp5Li8dKihy0yyVKcX63ltqkEohsfV3ppIodb85ueRnaqiGEo-6yoCc-FHu6cKzUCSYSdx0dlZ8htYu0S07hzeCVi1hyX9Cv9as*FwvVMh7RcAXvAoHhmCMFFOk9Q67-5*DtzDwu6cRWcQ*V*3qbrF38mJ49CivOyUsinEq3YTJ1nt-lhCenXW-XeXLfBI1MN*RZgXJgIAAAC63LwKAAAAAA&img=wGObUUOV*HMvMMprsw5hvU9A54vk5BY4NCecWkByd1-LZMwC8wJzBD91z4OzXwv7pZQQVKog5D6AsRyoi-sCTExmZgmUOUbvwjhxSgeOo8n8dMH**eilGkA4Bm4pZ5Ma2D6Sr727XztQlf04m*F4WAIAAAC63LwKAAAAAA&img=5x9VxkIjfAxINGAMq9YmWZ47OJx29ApBbXWRQJ9tbRn7Gx4T-masbqwBM2Ild1STWF65HtVygIVX2qd68CfHzClECFGGetA3WKO7cxD4uyWRauipbA*4I93z*FtadQSMAgAAALrcvAoAAAAA&img=gs011oyZuUiSqOJ7e5nXmvAzMREQOsdD53t-adt*Qd1M5zvEdxI51cl8fuhMPv3dKVNZ33mGM7EC0jUDoBDHZnZwHff2XVuOQnTwPPWYeaZ4pAPz0Pgwr6A*o4hJYbGjAgAAALrcvAoAAAAA&img=mxD--lbQchC7ub5EyrEHrJqDndtRioAv-cbfw*8aUa9y6L9Qzq5hRsnI1HalLbyxToEAAm5nQO7xLMGOilVGTUkYNb1nmk8T6xa5ByYDji0Eny50GzDPseel0FZjV1qv8X0zpIXFU9T1WzYG8KQBOgIAAAC63LwKAAAAAA&img=9Lay81lOf2ILEgeNrOojRYaW4*5A8j*2AmB8qOuV5uEfge15x8gIcNOF-OiXb7j0bGCBxt3TIGByRSgI421xUVIKHaUgUVWDt2mJpb0kdnwkkpvzo-LZCx0YyLM*THoDOwioCYBOySN9AsdTXMMVFQIAAAC63LwKAAAAAA&img=Sx0pJa1Uq34Np7UXj2xqMkH-P6X0ixKhTh4bBwt*ziNaTddEAIlJvgmZwb0pKcZ0-sW8-fQ6J3QA7v5bWYoSMH6xJwY5Fb3urQyLjqzRgEvDVnzZJbp8mV0yYXZD-un7Y92KBy9sqXS2RjloIJyz-AIAAAC63LwKAAAAAA&img=oL8Mng8oLY2J4bYeca8VFsZW8s3McNcEo2*21w9ow3fjMHqDhinhwD48bpmo3lUXIjGitVPC1YmxgIjHQxEu5A5UKuh*mEXkPnloxLEYOsXbAEGXWos8m9nhrLxYZNQht9-O2iy1pSI*C-tfHUOrYc21QbCdZwjpCFkwHnRf2OgCAAAAuty8CgAAAAA&img=aGBWuCgMSXaKVKoqWOABARyicl1L9BA9GsSfmV8AiCw3O8EvhWUgxz*rM*tzyZKVsAPelb*kj8zvNn39KPbTH6xUk9yReOXgC6ONqxT47QxrYZlXOBPQ8hkNF7TylAh6ahPKkl*HVA9yGs71jUKzIQCjzxfoAOwLJrV8vuKcH9wCAAAAuty8CgAAAAA&img=U1SNoQgo9sfjmtcXKghFyp-t82RYlMqpCGl3lVO116ufn4bp3CiO6NlgfmRXJZUcRXZTKzwpsY4rkC5a*SzVXUNXOPuZL4YnWVkLXZMdjN1R2CZb6Ec-wFbjelFXPM4WLJuLE9kvba5cFCl1c03ONycSAW2w1EAOFUxCHy7dv-rTMxulPwowq5qW3Xf*YbD2KZwpihWrq8rtKWFuvw60G59N5eGqUK0GQRLan*RKyFm4Uspr4FNp*5KMZX2bZzbxD-BVujUoEvoVwUvdcdwGYUUVYh0h8SNprYbMs*S8S7sCAAAAuty8CgAAAAA&script=dKTWPm0X0Tjx*tG8TyslXckLnZDDE7p47iuxoPvlHwY-PnLTo6IfCPd4wprDSQf9zi-AS2wpyXZqIdlHns0seHxI8mxFyih1mh4J4Lco0mhZXz*0PM*nNB4zVt5gdZeMY2tVVoRDsMUNrIwYEgpJgAIAAAC63LwKAAAAAA&img=4jYip2bCwMl3AuS0GQx8WBQ8amDq8U8kDYtQS5p0DHB00y7C-AoQIcGWYkyr3zhwMbLTP7vbUF-sAj*Yi2iAKZxpQd4iBuCoZJHL38eekYszzDWKLnpT5vT7JdYB8dLQZQs52bGpppZH5I80oeX5cwIAAAC63LwKAAAAAA&img=OXwsHxYMuL*9-*RRLPd48Szp9wkfMgXn4Bp6htxMN0DW*XY7jomFH*C4iUig99cIyO9RBggpDFyb45imz-73w3gi8e34oTF7QKVDdg-wltC0g2J3nIGdyWvGYgzP9UEjgzNOXMe5uTGbWGUWH3g1BwIAAAC63LwKAAAAAA&img=reGRcF-aAmajrz5*2JPXW3oBPGAw*mf*wAjZzwvRFjU-JT3mhMXy12jRtYva4UUUEXY9hIucPA74Chuh0wV2KKEb7Uy-zd2AIT7KgX5csW*CaTjfcBUv-KwMn*9KbsLorens3vzZbOskhRI8qpZdeB48Md-T-s4CyPIXrf6*EyUCAAAAuty8CgAAAAA&img=COJRek9HGmMeX8QJthhKfPU0sg9GgfqVe*av5z3UV*to3skzRuUqvB-OIp63APWs1CdnfyBnaEDmluhFhFfKt7HT0xanE4TH*go77uPBxPvmn5mNk6u2O152xf2HsZLjNWoeMemLLNmP8TQzb2EV7AIAAAC63LwKAAAAAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=Windows-1251
date: Mon, 14 Nov 2022 08:09:09 GMT
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
server: nginx
strict-transport-security: max-age=0
x-passed: 2bal1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.mos.ru
URL: https://stats.mos.ru/static.gif?ramblerid=A9C71FAFFE180E0DCEA581B9089F1DB0

Verdicts & Comments Add Verdict or Comment

238 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.livejournal.com/	1970-01-20 17:02:53	Name: ljuniq Value: UsFlaPh0g1l7gYP:1668413343:pgstats0
orantas.livejournal.com/	1969-12-31 23:59:59	Name: lj_sale_adblock Value: true
.livejournal.com/	1970-01-20 17:02:53	Name: ljprof Value: f4a9620f08d5e98626371f79a418f19b9bacf412952d7f667
.tns-counter.ru/	1970-01-20 16:12:29	Name: guid Value: 8B1B6A226371F7A0X1668413344
.livejournal.com/	1970-01-20 17:02:53	Name: _ga Value: GA1.2.1640694502.1668413345
.livejournal.com/	1970-01-20 07:28:19	Name: _gid Value: GA1.2.684122832.1668413345
.livejournal.com/	1970-01-20 07:26:53	Name: _gat Value: 1
.livejournal.com/	1970-01-20 16:12:29	Name: adtech_uid Value: 9ae3c7b9-ee02-4063-b54d-91be5159358a%3Alivejournal.com
.livejournal.com/	1970-01-20 16:12:29	Name: top100_id Value: t1.1111412.550795321.1668413344711
.livejournal.com/	1970-01-20 17:02:53	Name: last_visit Value: 1668413344720%3A%3A1668413344720
.vk.com/	1970-01-20 16:15:28	Name: remixlang Value: 6
.vk.com/	1970-01-20 16:12:29	Name: remixstlid Value: 9086097210363696186_XW9A9foCcIoBd6ehZeCYbvdLWZmTirwspRZiH9TZEM0
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: YtszvXZh79c
.youtube.com/	1970-01-20 11:46:05	Name: VISITOR_INFO1_LIVE Value: aBtxyqmhy0g
.livejournal.com/	1970-01-20 16:12:29	Name: _ym_uid Value: 1668413345433752427
.livejournal.com/	1970-01-20 16:12:29	Name: _ym_d Value: 1668413345
.livejournal.com/	1970-01-20 16:55:41	Name: __gfp_64b Value: a2TFCzb0FNRi_XdTEiljV8d4lniTrIf2OkL1xIEDNIj.d7\|1668413344
.hit.gemius.pl/	1970-01-20 07:36:58	Name: Gtest Value: KlxxPMXGQMQG02UoQ8D3r2cissGMXP8c25nSGsriARMP6J1isG..
.adfox.ru/	1970-01-20 16:13:55	Name: luid1 Value: ccbf:jar:ccbf:jar:a
.livejournal.com/	1970-01-20 08:10:05	Name: sspjs_38.7.0_af_lpdid Value: %7B%22DATE%22%3A1668413345058%2C%22ID%22%3A%2236535%3A6101%22%7D
.livejournal.com/	1970-01-20 07:28:05	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 07:26:53	Name: sync_cookie_csrf Value: 764973789fake
.hit.gemius.pl/	1970-01-20 16:55:41	Name: Gdyn Value: KlGVhMMGQMQG02UoQ8D3r2cissGMXP8c25nSGsriARMP6JMiGsRPIQlGvGGpKf48SLS8RgTSFsCBI8l8MG..
.mc.yandex.ru/	1970-01-20 07:26:53	Name: sync_cookie_csrf Value: 4022950959fake
.yandex.ru/	1970-01-20 17:02:53	Name: yuidss Value: 1544614931668413345
.yandex.ru/	1970-01-20 17:02:53	Name: yandexuid Value: 1544614931668413345
.yandex.com/	1970-01-20 16:12:29	Name: yandexuid Value: 8426251441668413345
.yandex.com/	1970-01-20 16:12:29	Name: yuidss Value: 8426251441668413345
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 166298281668413345
.yandex.com/	1970-01-20 17:02:53	Name: i Value: tNcWxI3JIAf7epYzbV7TkLHqPK8xkoYiHyQBay8L1AVb+qXJBOS4EXYT74v01YjjJWy9LPi9+qcEHRCMGw+CrvCfG7k=
.yandex.com/	1970-01-20 16:12:29	Name: ymex Value: 1699949345.yrts.1668413345#1699949345.yrtsi.1668413345
.rambler.ru/	1970-01-20 17:02:53	Name: ruid Value: 1CIAAKH3cWPHsU1XAZ+guAB=
.rambler.ru/	1970-01-20 11:46:05	Name: rambler_3rdparty_v2 Value:
.yandex.ru/	1970-01-20 17:02:53	Name: i Value: yKVL3uOatwI087HbKl3jx3xj4AqaLYBo98TbJ6JMmrhHhTFB9592Au7zblAzD1otJJaT3lEdVTJV0Cst+t/fWIRayik=
.rambler.ru/	1970-01-20 08:10:05	Name: sts Value: 0.1668413346.1.1668413346.2.1668413346.3.1668413346.4.1668413346
.livejournal.com/	1970-01-20 16:12:29	Name: FCNEC Value: %5B%5B%22AKsRol_66vXjV4x76EFAeYzD6BAGt68yJ8l0k6CUX57YeByTBeaQj782WfGRhvzbrUq6ovnf7bZ5EQd9PrfpktyxpECpYUF24bu2MRvLNgD8EgGuy594BjK5QbdTTyF3BBTWGGvwi8KG6dDUuRbAYAMDGoK_sfgaSg%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
.exchange.buzzoola.com/	1970-01-20 08:10:05	Name: uuid Value: 5e3a3067-cd9a-40cf-5853-852e5f7a1115
.rutarget.ru/	1970-01-20 11:46:05	Name: userId Value: 86QqOWqK1HVp
.betweendigital.com/	1970-01-20 16:12:29	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 16:12:29	Name: tuuid Value: c11b7b39-372e-513e-8e49-a7d1ed385072
.betweendigital.com/	1970-01-20 16:12:29	Name: ss Value: 1
.adhigh.net/	1970-01-20 16:12:29	Name: gi_u Value: uP1KF1hokVCE.AikABlGEdS9VbQ
.creativecdn.com/	1970-01-20 16:12:29	Name: u Value: 7yh33KjAPUbTn2jVdh3Z
.creativecdn.com/	1970-01-20 16:12:29	Name: ts Value: 1668413347
.bidswitch.net/	1970-01-20 16:12:29	Name: tuuid Value: cd373573-ccde-496c-83c4-07c0e8e01045
.bidswitch.net/	1970-01-20 16:12:29	Name: c Value: 1668413347
.bidswitch.net/	1970-01-20 16:12:29	Name: tuuid_lu Value: 1668413347
.weborama.fr/	1970-01-20 16:52:48	Name: AFFICHE_W Value: P08bu27HwJs-91
.1dmp.io/	1970-01-20 16:12:29	Name: uid Value: 9c933811-63f3-11ed-8ff0-f832e4719dd9
.dmg.digitaltarget.ru/	1970-01-20 17:02:53	Name: viuserid Value: 8msgHbWW9w63yw27pOih
.1dmp.io/	1970-01-20 07:26:53	Name: ru-seq Value: null
.mail.ru/	1970-01-20 16:13:55	Name: VID Value: 1_jjlc30BrID00000j1QL4YD:::0-0-0-88c5063:CAASEC6QgnfvaUA0yASCQWRzmAEaYD2TvcU7fRIGiJsOgEAqwNWZZbTKLFeBY12TlxWxf3fgGoW5iUN1fNBbPPhBUjINh2EPxxZgUcWHP32uFqZWU7pjSZAHSvpJzMT7lsngKLBMArDfV8d6B7EmbxeZSPAldA
.aidata.io/	1970-01-20 17:02:53	Name: __upin Value: 4fMOsNhDzYOMmGmcLRA/JQ
.aidata.io/	1970-01-20 17:02:53	Name: __upints Value: 1668413347
.seedr.com/	1970-01-20 16:12:29	Name: cid Value: eee3820f-cbfb-456a-8d7a-dd5c295dc5e1
.wi-fi.ru/	1970-01-20 16:12:29	Name: dmpuid Value: MR73yaPWQ0SIRXzEU0k8Mg
x01.aidata.io/	1970-01-20 07:31:12	Name: livin Value: 1
.betweendigital.com/	1970-01-20 16:12:29	Name: ut Value: Y3H3owAKf4AFuWYGPffzkeq5YCEusCHTaSmw7w==
.ops.beeline.ru/	1970-01-20 15:59:31	Name: BeeAID Value: e2e2c23f-c13e-40b5-a807-8702b3e07c86
.orantas.livejournal.com/	1970-01-20 16:12:29	Name: t3_sid_1111412 Value: s1.210692369.1668413344713.1668413349719.1.3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://imgprx.livejournal.net/ce0b7965ae03151072fea0905f9fd745c6b6488b/JGnEWk9ZyhgAGyn7guFEMAmGYxzGiIx2F9zotLZ7Fii0PI4hOFI5420yBpH2Zg43j0EbdMV_3bH_gJxf-epk1gOAscTbfvzQNkDZeo7zhz4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9822.cKEELcNpLg86wDhNMRAtO9eZMraJDR8ilAJxC9vPvvuikyUp-G5Abn60RhLoCKBp2OdzAk0HZO_sqelAsITZ4Q%2C%2C.-n9qCdkAMfgNEhrvcHAW61ZzGZQ%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adfox.ru
ads.betweendigital.com
an.yandex.ru
begun-sync.rutarget.ru
bidswitch-eu.splicky.com
bookclub.ua
counter.yadro.ru
creativecdn.com
dlm3.meta.ua
dmg.digitaltarget.ru
exchange.buzzoola.com
fonts.gstatic.com
fundingchoicesmessages.google.com
gamd.hit.gemius.pl
googleads.g.doubleclick.net
i.ytimg.com
ic.pics.livejournal.com
img02.ssp.rambler.ru
imgprx.livejournal.net
jnn-pa.googleapis.com
kraken.rambler.ru
l-api.livejournal.com
l-stat.livejournal.net
l-userpic.livejournal.com
l.lj-toys.com
lbs-ru1.ads.betweendigital.com
litgazeta.com.ua
ls.hit.gemius.pl
mc.yandex.com
mc.yandex.ru
orantas.livejournal.com
pagead2.googlesyndication.com
pics.livejournal.com
profile.ssp.rambler.ru
px.adhigh.net
rambler-sync.rutarget.ru
rcmjs.rambler.ru
redirect.frontend.weborama.fr
rmb.ops.beeline.ru
sandbox.ssp.rambler.ru
sb.scorecardresearch.com
ssp.adriver.ru
ssp.rambler.ru
st.top100.ru
static-mon.yandex.net
static.doubleclick.net
stats.g.doubleclick.net
stats.mos.ru
stats.seedr.com
sync.1dmp.io
sync.datamind.ru
sync.dmp.otm-r.com
sync.rambler.ru
tms.dmp.wi-fi.ru
top-fwz1.mail.ru
vk.com
vp.rambler.ru
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.livejournal.com
www.pravda.com.ua
www.tns-counter.ru
www.youtube.com
x.bidswitch.net
x01.aidata.io
xc3.services.livejournal.com
yandex.ru
yastatic.net
yt3.ggpht.com
stats.mos.ru
107.178.251.122
128.140.224.226
13.32.99.23
146.59.30.100
168.119.168.202
168.119.88.34
178.170.196.247
185.15.175.133
185.184.8.90
188.42.196.115
194.190.76.41
195.201.57.28
195.209.111.13
2001:6d0:4001::226
206.54.183.89
2606:4700:20::681a:ef9
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2006
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2016
2a00:1450:4001:811::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9c
2a02:6b8:20::215
2a02:6b8::1:119
2a02:6b8::1be
2a02:6b8::402
2a02:6b8::90
2a02:6b8:a::a
2a03:90c0:41:2801::24
35.190.24.218
37.9.245.57
45.9.27.120
54.93.141.89
62.149.25.100
81.19.74.1
81.19.74.3
81.19.82.102
81.19.87.48
81.19.89.16
81.19.89.18
87.240.132.78
88.212.202.52
88.212.252.2
89.108.120.76
91.192.148.14
91.192.149.36
91.192.150.12
91.192.150.30
91.194.226.61
91.220.120.9
95.163.52.67
95.163.53.111
95.216.101.186
033696b7f1ac04d1dcc102be84550e146236ceffc25a6cabc12aa51a6ee410b9
07ad8c2b1a1aeff082e2585172dc7c130025d613456078b2774b4bb173c1c5a3
09416e85998ce2c89943da3aa3563633045a0135d33f8124818dda75075bfd73
0ab6545215a401c77c9d6cb01f678bc6ee323d1d3b23c6151aa5ce7d0243be3e
0b1a096ac21b51b3c0c48e19beec04dfbdf7299abfb0af01622df5ca05743775
116ba867ff4b53784befa3d3dd814b83f123289753a59eab82d813240f7c3816
18220bbba0e1f98301f2f248eff119179e41ac33bcc6544f8f5ec2165fdc88f2
1fd2448fbc68f2def3b96dbeb4f580788af476e9154316a6c690e2cdfd3e60c5
216f6d8d49b582cd64063dd43e53088b2517fa47183043a66eb1f7549b6b7af5
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
276937ed9b66990d16cc250dac88898099a2e783c5cdfb073965139d8ec9bc5d
281c317cd6a8a430907d0d0b990a24e69baafe293e66fb01e8ed29d06786d8b5
28fc6fddeebd4ee19de72e56c1cfcccb276e229c546483b2d2efa1939c8489f5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2acd33ad74c4bf968c43200f3085901505a1d635c8a5ad53b450e0e24d00b758
2b480807dad1ce0cfc66fb15a351d9b3280071f0c1c919a68f611ee2d79d8b41
2bc17cf143a793efdf631e33dac5634de201a2d511c1ee8fe63517b0e4285f0e
2bd4827c67760075ffaf32114b41d503da91ccc26f3cf43349607f7b2ff19a1d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed673a174576a45261c956f5bcb1a14717264c6b876cafcbd35d5cbe2c1fdf3
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f5cdd96226b53c50c2ba60685e91ea118f8cf2ffcb6a6e7079c2b6d59b1ecba
2f7e190c7a25194337efdd52f0018320ebfa239e150b19b95f3703b0bc02e6c8
315790343975d062cda4cc6e8bca99d11cc9e07471bf00478c299a57b9ea0e2b
34806ef573086241dd1a596a860b0295b51c24f1c37eab36eb9d0665683abb55
36a13082b53e92c5bc1169ac5ba590fddffc0fab6f50fc848162c5891bcdc285
37764c064b7a2302ce5929b83cd0917c7dfadc9b95a91d5e877eadd9857458ef
3992b901546ef4e2685680badcd372d0834724caf9b1c95ea0f1e7c4ce6e5bc8
3c8e2ea966bb84933f396138cdbe609b2685d89b7d270369334813164afe8396
3cfece9dfaa70b2cb40a4d4d27c1b19be58461ff0f7976a0399ba4cb796c02bd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
402bbd1b4d9eebe2ba78e6d766d091776ebad110f1e6463b3e24e87f2a0127e9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
532aa89061b76d378decc4fc97734d844c7a5b9c1f6f123050920a135a150e32
532da383dead31641b05270ff7dbf36ae80ce2bf26a12ed78b22bd0571b7d63c
533b34d38da345b35d3884402e62118172f4714b0b59f8bc2534f18cb330e176
535f067852f7f5964da5b260304a60715398e18537479480fedfa7cc535949ea
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59070a0ec6a10af8628870eb04841dece85d5b8ee82dd8030d08c1a2602c7309
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5efbb4989d6e32ee3d4a9967e12a0967428dab2e6e6b4f5470bf2297c72bc41d
612bb4b81a965b2b1c566b56f4c5519a025fd7cac76bd985cfaf312e6ceafb91
633cdd0312f932e2c6c3667b79befcbb86af19b201d577c2f8d0a7eb541ba799
6638ee6bc18d8d944e3da0b694d76cfc3a95e9896460107ec2aa3e7210e56097
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
681b6bb35bf9ff8ce07733fe20795e241e59800b6319e6f4f6bf929147f36064
6a6daadd5134075786f3d2b1e0a9c653600a1897327236a5349f4e1d567c9143
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c11c16476468f483dc340868659ea032a68851be8859f9fb3259900019791ae
7061b16241a2e2594d0b5af066337d4cd10666a12d17973f6976b7a9ba258a20
72a2368731327a91b31822b197d001e5aedb056292594064ad7cd2635bbe04cf
7b04dc6c2f5a6e79135b75a51230110a6bf2879db01bb8b92bdc81721c389aba
7f5227e46407757193378bcaf07518e02bd8dc212583257f730708a2e7b08aac
8033154d9ffb1799bc97de3edb3f072f6b4bc345fe97759a528bb9e32684353f
803a84a09167c609289069441d4134db2a33a29cc61c3b69707961bb91ad2ccc
80c6cda206723bbebe71b8bf9007b02317df3c26b567205776e99bebd29978b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
845343e662ab11d1fcfc4ad84465f007939cdcba32bc9a4d38a4d38070502f21
8840d9c9c344971a99aab2ca61ca344c65822fb1c87f9cfb82ed7edfd78d2b74
8f22aa9a5c8ecab812fd427dab3a62ba16dfc9c05eb917e15b2d589a8ec939bc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
90598af5d23ff0d9b2349d96d45589c028e1f033b48f08b36aab5c5b1ed77eb1
9239abece3f6c44860d0aa3fba121a0f931256f78b88ab4eb33c13c027dd16e8
96a72c16787d9e55cbe06f31bc91db028934a7ad24aad0e7ee7a7649a6b160ca
a008507d70df1aa1cf064c7bf46cb8ead2f89e43ad087e59c5cce5b0a7506099
a2bfd4599846e27f643dabf88775c33e8417236ae2ad1234299815d2e034cde6
a430ffb43505069111b825a72b730fd413863a674a669ae6e49848119296c340
a515c54d9875f8bfb0088c384564211f5fd7ff93817ebe3abf7c2a9843803b08
abc2a810d697922af435230777a22e7cc36a1663be914abb95c3082ea2b0ceb2
abd339c23539aa6a92e9481b2ea3fabf46a481643f4c4f94add2f6c8c97a5eed
b1086fa3232da3ba1cad9b8fae37a593fc6ca1b792b63d251f8640525bc8d0ea
b1198f0965e90f5cd01f28f4d3d42226736c1dd8346606b5f8cb78070746b09f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3aca9fff5946d22e103a99d91e3dca89adcc8a31b3d112eb3c21deee851059c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b451853dc201a467958df83df6f46b65519b0de16800351bf1c8a5f397f6d3fa
b5e55609df8064007ad8c80269400ad6e1ab807e58dddaf998d0e8636ea83eb0
bc71e43a972f43b75f69021e3f79740aa723687638ad6e737e9a16e353cb2a1b
beb8691f6c3c6c90bbcb585e9ed4d8132cf3f37cf1a6888f83f4ca779ae6cead
bf46d00f68b9c039d5f7bd123c40ec6abbb50e00be6eb36adcbfddce96675f59
c12337c132fc5b05766adf8806c16a2950c0591708c0c45263bc1496979c1870
c1850456e5d392cada5cf57ba5aa0585b866b739520c24da5c4a8876e72a18df
c2fe9b1e255ccf732fcb3ead9c4e357668201c41b2395ae8ac49cee5f9d792e3
c3ce78e759dc821579a5393833bd23c0a50efcd8a003756e12a29204d10e3144
c68abb4d43e27b4653e92b28e3795ccaa0f1a59cb68874bfd673b79c6e597733
c8dfec723abb2a919e34dd58d3073bb30ba42ac12d80dd340cc0affb09413bfa
c9f3008f1f05fa7324cb04d7481154c805756a5976940c9bb88688d907621d51
cc45ad718b4d97d44c88e9581fa8081a023a6eb1ded03be4a118894fd273d326
ce34dc9dffab252719b471e670a9a5971ea420f57d1b64d0637f81fc39b8df19
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d1b300eb9ffd5d67665ae04bccc1a74ef1a9c2d4b6394d8a4276bc487458e12e
d209df68586a60777ff6486a0b0a483a6bb2388ca9357a78bf23b19e28a2ff1a
d274fc09e5329097ec4d1875d178f98104156387bdd533d8ae0ed686a7966a0c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d950dc223277e9c257e32b799ebf66cecdf12ce319c092e5609c0af6651701c2
dc2f45874e795099bb0f12774ff46212904aea1be459d337ff071fa4424b6819
dded8b866518e9d160489403c36498c2d26c289e888100d0ceceb24af38bc940
e10d3b644e6c206c81e2b63ce098c7f90f90034daf674befd5f30b3ed58ab2d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d0ddc07880b0fcff6c319117256c08c088176e5d310817688a4c9f79a0e3b9
e3ec6f5f8a01ceaaafd7de19f41d88013fe2d4c02a88c94b04899a775a72d358
e5b934debbee3b5f44a84c29dc1bb2f35075da6c0315156678c8b4fc4c319817
e5be170a8935eecfcdf2d0a98457dcaa8354bf54e7de1bc20a913c685087fdb8
e63c5f230b1ea2cf9d276c81bfa69a58041a09c42602f45801be654dd0937ce8
e73e7a83009b21a0c63c02fa09efdb08ccb4a63704e1af71092789b7075d395b
e8a915755688273f134fd5d916936378831d5fb82c2846a1307b273a9efd4cae
e9e6eaf61891861ccb8a2794757d2c28e18ca84386f5207c07f4e40dfaf73132
ebe500e8da630b873b03057441fdf2185dbbcdeadf52a8720937ba1e67f21d83
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8768a71fa49beb09c457ea42f5f9eb1e4f29c43b7b182ff6a4903bd7c73361
f0938e2f66942319881a4b6fdbcba92ba1510f2d5d8ab9c88fe5100e79b4208a
f0a8596e35b82d231d3ab9f993b23fc882f4492e6dcca232aec7320ff310c757
f4cb754e98c66334d19d56066d137dfeb134b00fd5c064c51de3131ceb08d8e5
f5b497a52d62356f4a75ce54d3a2d0fc5bc27fecf53b686d2a1f106ec6ec4cac
fe81bedd25f0a618755cf7b065fd24a6e0004b3340965e999e9bcb91c8e830a3

orantas.livejournal.com Open in urlscan Pro 81.19.74.1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

84 %HTTPS

38 %IPv6

48 Domains

71 Subdomains

55 IPs

10 Countries

5246 kBTransfer

12063 kBSize

60 Cookies

106 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

orantas.livejournal.com Open in urlscan Pro
81.19.74.1 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

84 %
HTTPS

38 %
IPv6

48
Domains

71
Subdomains

55
IPs

10
Countries

5246 kB
Transfer

12063 kB
Size

60
Cookies

160 HTTP transactions
5 data transactions